We were previously tracking this entry, which pretty much sat for a while
without an applicable upgradeable resolution available.
While I haven't looked into the details of this particular entry,
Jille and Jeremy did that well, I just want to take this opportunity
to point out that "safe_mode" is broken... From the particular entry:
It should be noted that this vulnerability is not
considered to be serious by the FreeBSD Security Team,
since safe_mode and open_basedir are insecure by design and
should not be relied upon.
We (secteam) have seriously debated if it was worth documenting
"safe_mode" issues at all, but the compromise was just to add
something similar to the above text.