Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:15239 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 52490 invoked by uid 1010); 1 Mar 2005 09:25:00 -0000 Delivered-To: ezmlm-scan-internals@lists.php.net Delivered-To: ezmlm-internals@lists.php.net Received: (qmail 52465 invoked from network); 1 Mar 2005 09:25:00 -0000 Received: from unknown (HELO pb1.pair.com) (127.0.0.1) by localhost with SMTP; 1 Mar 2005 09:25:00 -0000 X-Host-Fingerprint: 64.233.170.197 rproxy.gmail.com Linux 2.4/2.6 Received: from ([64.233.170.197:55974] helo=rproxy.gmail.com) by pb1.pair.com (ecelerity HEAD r(5124)) with SMTP id 2C/CC-43857-AE434224 for ; Tue, 01 Mar 2005 04:24:58 -0500 Received: by rproxy.gmail.com with SMTP id a36so713654rnf for ; Tue, 01 Mar 2005 01:24:52 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:mime-version:content-type:content-transfer-encoding; b=bHhNiY//9VZyU3uRlSP38YMsqcdeD7qMx/nyDpMvST/UiuxQ8I7qHSvEBI+engzp7nmwR+qpgP822pPVGTwnz8nWRbTtt7OjYvaHMCWoRAKCetq6aUznbpQe/CQ9ZHvXKaicG6u3X06faImaBo+ieCJ9UOe8ixwPBQ8L10LfurQ= Received: by 10.11.99.30 with SMTP id w30mr230172cwb; Tue, 01 Mar 2005 01:24:51 -0800 (PST) Received: by 10.11.94.69 with HTTP; Tue, 1 Mar 2005 01:24:51 -0800 (PST) Message-ID: Date: Tue, 1 Mar 2005 10:24:51 +0100 Reply-To: Marc Villemade To: internals@lists.php.net Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Subject: Readfile() security breach From: mastachand@gmail.com (Marc Villemade) Hi everyone, I just wanted to let you know about this breach unveiled by Secunia today. Well, actually i'm pretty sure you know about it, but i wanted to know if it was already being investigated and if there was a plan to release a patch soon. here's the link at secunia .. http://secunia.com/advisories/14409/ Thanks for any information. -- Chand