LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for January 8, 2009

Btrfs aims for the mainline

The Android Dev Phone 1

LWN.net Weekly Edition for December 25, 2008

The Grumpy Editor's 2008 retrospective

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Fedora alert FEDORA-2007-287 (php)



From:
    	      "Joe Orton" <jorton@redhat.com>


To:
    	      fedora-package-announce@redhat.com


Subject:
    	      [SECURITY] Fedora Core 5 Update: php-5.1.6-1.4


Date:
    	      Mon, 26 Feb 2007 17:09:19 -0500


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-287
2007-02-26
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : php
Version     : 5.1.6
Release     : 1.4
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------
Update Information:

This update fixes a number of security issues in PHP.

A number of buffer overflow flaws were found in the PHP
session extension, the str_replace() function, and the
imap_mail_compose() function. If very long strings under
the control of an attacker are passed to the str_replace()
function then an integer overflow could occur in memory
allocation. If a script uses the imap_mail_compose()
function to create a new MIME message based on an input body
from an untrusted source, it could result in a heap
overflow. An attacker who is able to access a PHP
application affected by any these issues could trigger these
flaws and possibly execute arbitrary code as the 'apache'
user. (CVE-2007-0906)

If unserializing untrusted data on 64-bit platforms, the
zend_hash_init() function can be forced to enter an infinite
loop, consuming CPU resources for a limited length of time,
until the script timeout alarm aborts execution of the
script. (CVE-2007-0988)

If the wddx extension is used to import WDDX data from an
untrusted source, certain WDDX input packets may allow a
random portion of heap memory to be exposed. (CVE-2007-0908)

If the odbc_result_all() function is used to display data
from a database, and the contents of the database table are
under the control of an attacker, a format string
vulnerability is possible which could lead to the execution
of arbitrary code. (CVE-2007-0909)

A one byte memory read will always occur before the
beginning of a buffer, which could be triggered for example
by any use of the header() function in a script. However it
is unlikely that this would have any effect. (CVE-2007-0907)

Several flaws in PHP could allows attackers to "clobber"
certain super-global variables via unspecified vectors.
(CVE-2007-0910)

The Fedora Project would like to thank Stefan Esser for his
help diagnosing these issues.
---------------------------------------------------------------------
* Fri Feb 23 2007 Joe Orton <jorton@redhat.com> 5.1.6-1.4
- fix pdo-abi provide
* Tue Feb 20 2007 Joe Orton <jorton@redhat.com> 5.1.6-1.3
- add security fixes for: CVE-2007-0906, CVE-2007-0907, 
  CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988 (#228011)
* Fri Nov  3 2006 Joe Orton <jorton@redhat.com> 5.1.6-1.2
- add security fix for CVE-2006-5465 (#213732)
* Fri Oct  6 2006 Joe Orton <jorton@redhat.com> 5.1.6-1.1
- update to 5.1.6 (#201767, #204995)
- add fix for upstream #38801
- add security fix for CVE-2006-4812
- drop Obsoletes for mod_php (#194590)
- add php-pdo-abi versioning (#193202)
- move php{-config,ize} man pages to -devel (#199382)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/u...

3b061f65b70b34fbef62f1f65a3fa4333e41ab36  SRPMS/php-5.1.6-1.4.src.rpm
3b061f65b70b34fbef62f1f65a3fa4333e41ab36  noarch/php-5.1.6-1.4.src.rpm
5a24afb3d013455ced3218c8f523d8f84c25e0bb  ppc/php-xml-5.1.6-1.4.ppc.rpm
fbac82de6d56570922fb8fa8acc5d19b8e2eaac5  ppc/php-dba-5.1.6-1.4.ppc.rpm
54d559127fec3e1768c77c72ec8fc5b7beef18e9  ppc/php-ldap-5.1.6-1.4.ppc.rpm
c8bc707f9aa2d1c306e21ac1aa22ff7bb48e1956  ppc/debug/php-debuginfo-5.1.6-1.4.ppc.rpm
26cc27f8f20800e022e4855c16fe6f7dd2b6b687  ppc/php-devel-5.1.6-1.4.ppc.rpm
f299be701a27f58a62452fca8fb8d3a8c3116049  ppc/php-gd-5.1.6-1.4.ppc.rpm
abf6d49a87cd7fa5ed94fe47b06e9b94dcbc720b  ppc/php-mysql-5.1.6-1.4.ppc.rpm
edeac14484f1609e4966283556970c5d78985a35  ppc/php-imap-5.1.6-1.4.ppc.rpm
cdebab22f3df6b56801b3a6d828f0431a7840670  ppc/php-mbstring-5.1.6-1.4.ppc.rpm
ef6704adc6b52bf60acefa5a40fe8820dd260985  ppc/php-odbc-5.1.6-1.4.ppc.rpm
7913e46a19cc00212b81540872da77dd90ed93fe  ppc/php-soap-5.1.6-1.4.ppc.rpm
12fae23a7b9b22d281d6de822d9bd34ec9073c1b  ppc/php-bcmath-5.1.6-1.4.ppc.rpm
dabcbedca192d691affa5e1b6e8fabdcd9a09699  ppc/php-pdo-5.1.6-1.4.ppc.rpm
4d080964aae1aabab21cc771d3234d052974a03a  ppc/php-snmp-5.1.6-1.4.ppc.rpm
2cbef2bc81e6b723ac3123fa19d35cb31704306f  ppc/php-ncurses-5.1.6-1.4.ppc.rpm
d5831de4dd6f97dd5e50b1e35c0b5d3d94c549b3  ppc/php-xmlrpc-5.1.6-1.4.ppc.rpm
c41ae9293ff357a569f90e41f5ffdbe370e78981  ppc/php-5.1.6-1.4.ppc.rpm
25ccdd34065887149bdc76f4433609f3990bcbf2  ppc/php-pgsql-5.1.6-1.4.ppc.rpm
f7342fc8a87b31c7769341038be009453e57969e  x86_64/php-xml-5.1.6-1.4.x86_64.rpm
4094d3cddd923db58e3a9d35539c38ec007c30ae  x86_64/php-snmp-5.1.6-1.4.x86_64.rpm
c00a3e4d87c1903d9ace44c82952a69cf748ae3a  x86_64/php-dba-5.1.6-1.4.x86_64.rpm
92cfd6eee0a9f69432ae033963071339bf41bded  x86_64/debug/php-debuginfo-5.1.6-1.4.x86_64.rpm
79b95535324568f59a90cabafff598ce681cefe3  x86_64/php-odbc-5.1.6-1.4.x86_64.rpm
3f3d2724105055a14eb3e5ae84a4bd6f78d51dfb  x86_64/php-mbstring-5.1.6-1.4.x86_64.rpm
583a38aa3e5eba89b750e992c837907686707b38  x86_64/php-soap-5.1.6-1.4.x86_64.rpm
23b0902bd5031e7f17f8ed49e1915ccad8e2756c  x86_64/php-ncurses-5.1.6-1.4.x86_64.rpm
26589ce878963b6f01816bc80fcd233619a12531  x86_64/php-pgsql-5.1.6-1.4.x86_64.rpm
2bb6f903f4d09589195b8bfa0ea2d4b05ddff522  x86_64/php-5.1.6-1.4.x86_64.rpm
8ae38b5104656752920f26f62023959e3aaff3a2  x86_64/php-mysql-5.1.6-1.4.x86_64.rpm
2cb9256ffaa99045934bdc55a91f859c2026aea5  x86_64/php-gd-5.1.6-1.4.x86_64.rpm
dfb4127a9e9bdd09f7ea41be49299b70d9e14547  x86_64/php-xmlrpc-5.1.6-1.4.x86_64.rpm
54bcf579c5bb9d6ea0fa45546acadf2e3303a6dc  x86_64/php-bcmath-5.1.6-1.4.x86_64.rpm
c92791ccc84d497821fc98f59ec40ff83acadf45  x86_64/php-imap-5.1.6-1.4.x86_64.rpm
cf32946c0300070d55dae8f46a87579da2303689  x86_64/php-pdo-5.1.6-1.4.x86_64.rpm
d40876346a93f3b9f38f8dc803bdd19b3b7f3cf5  x86_64/php-devel-5.1.6-1.4.x86_64.rpm
ca3c44aeea84297a96d42facdd31df442d06e316  x86_64/php-ldap-5.1.6-1.4.x86_64.rpm
9f0f3806b77b7936acfd4d3977a9364ee167c76a  i386/php-xml-5.1.6-1.4.i386.rpm
f74abb78eae104c405cdfe158ab68ee3b52b7b9b  i386/php-ldap-5.1.6-1.4.i386.rpm
cef9f63236317fad46ccb8009314054a7507369e  i386/php-pdo-5.1.6-1.4.i386.rpm
2953d1aa54f7bbe01a13433742f5303747606107  i386/php-xmlrpc-5.1.6-1.4.i386.rpm
688e979d9625c287ff04ab732a7a157da8976f2a  i386/php-mbstring-5.1.6-1.4.i386.rpm
86fd40c463190725748d8a0ff35a26e40cef8d40  i386/php-5.1.6-1.4.i386.rpm
6014c512fe4ef0512f0ca1f850fc8d06951b5aea  i386/php-odbc-5.1.6-1.4.i386.rpm
00f9574c62f0f767762ec94b85e6ff65e991f56b  i386/php-snmp-5.1.6-1.4.i386.rpm
8195b41ba6e9b60c1a0694cfa0b30e232061ee98  i386/debug/php-debuginfo-5.1.6-1.4.i386.rpm
2716cbc9275df6555673ccae4e33624e01fb50f4  i386/php-soap-5.1.6-1.4.i386.rpm
ab52b2c0e9ee2b5e9995eecfc42acb84d259b464  i386/php-dba-5.1.6-1.4.i386.rpm
aa0fbf478c12b0176693475831c41149f467f39b  i386/php-devel-5.1.6-1.4.i386.rpm
de5fb54e3497c36f32517693f10c1147c291cf5a  i386/php-gd-5.1.6-1.4.i386.rpm
032a7a160711274d5815447bd4e258d80eb375e3  i386/php-ncurses-5.1.6-1.4.i386.rpm
871275a31e13729362db4a83d1e4464cfcd0338f  i386/php-bcmath-5.1.6-1.4.i386.rpm
4bb0aed5c2ffcc87a71d14d7609e31d60453b7e1  i386/php-pgsql-5.1.6-1.4.i386.rpm
ad9b8790b30146d5be9184f951628c22e903bd1e  i386/php-mysql-5.1.6-1.4.i386.rpm
5fc2d3423da640a14cace07b14340405cb44c07e  i386/php-imap-5.1.6-1.4.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

_______________________________________________
Fedora-package-announce mailing list
Fedora-package-announce@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-package-ann...
(Log in to post comments)

Copyright © 2009, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds