path: root/www/opera
diff options
authorFlorian Smeets <flo@FreeBSD.org>2012-11-26 21:23:25 +0000
committerFlorian Smeets <flo@FreeBSD.org>2012-11-26 21:23:25 +0000
commitbc204257b930948b892bda81f6fca61f61f2d7c1 (patch)
tree3593ef8bb026f702e464836eb1c9e4d7fd0bffcf /www/opera
parent37619a2e8392f0b7007b8503cad9e85abaf6f3b8 (diff)
MFH r307747
- Update backports patch to 20121114 - Bump PORTREVISION Changes: - CVE-2006-7243 PHP before 5.3.4 accepts the \0 character in a pathname, which might allow context-dependent attackers to bypass intended access restrictions by placing a safe file extension after this character, as demonstrated by .php\0.jpg at the end of the argument to the file_exists function Secuity 3761df02-0f9c-11e0-becc-0022156e8794 fixed by check in fopen functions for strlen(filename) != filename_len - CVE-2012-4388 The sapi_header_op function in main/SAPI.c does not properly determine a pointer during checks for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, this vulnerability exists because of an incorrect fix for CVE-2011-1398. - Timezone database updated to version 2012.9 (2012i) Approved by: portmgr (beat) Feature safe: yes
Notes: svn path=/branches/RELENG_9_1_0/; revision=307800
Diffstat (limited to 'www/opera')
0 files changed, 0 insertions, 0 deletions