[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Drupal 7.14 <= Full Path Disclosure Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: Re: Drupal 7.14 <= Full Path Disclosure Vulnerability
From: pereira@xxxxxxxxx
Date: Thu, 10 May 2012 13:38:03 GMT

Please note that the hotfix should be:

if(is_array($path)) { die(); }

I already submitted an update to the mailing list.

Prev by Date: [ MDVSA-2012:068-1 ] php
Next by Date: [ MDVSA-2012:071 ] php
Previous by thread: Drupal 7.14 <= Full Path Disclosure Vulnerability
Next by thread: Drupal 7.14 <= Full Path Disclosure Vulnerability (Update)
Index(es):
- Date
- Thread