oss-security January 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] Re: CVE-2010-2094: PECL's phar

Re: [oss-security] Re: CVE-2010-2094: PECL's phar code is vulnerable too

From: Pierre Joye <pierre.php_at_nospam>
Date: Mon Jan 10 2011 - 19:48:01 GMT
To: Eygene Ryabinkin <rea-sec@codelabs.ru>

I have to do it. But I would suggest to use the released version in
the mean time. Zero difference in the code base.

On Mon, Jan 10, 2011 at 6:38 PM, Eygene Ryabinkin <rea-sec@codelabs.ru> wrote:
> Felipe, good day.
>
> Sun, Dec 26, 2010 at 05:26:29PM -0200, Felipe Pena wrote:
>> Yes, I will contact anyone to do it... (I'm not the ext/phar maintainer)
>
> Any news on this? http://pecl.php.net/package/phar shows no
> revisions :((
> --
> Eygene
>

-- Pierre @pierrejoye | http://blog.thepimp.net | http://www.libgd.org