[SECURITY] Fedora Core 5 Update: php-5.1.6-1.4

Joe Orton jorton at redhat.com
Mon Feb 26 22:09:19 UTC 2007 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-287
2007-02-26
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : php
Version     : 5.1.6
Release     : 1.4
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------
Update Information:

This update fixes a number of security issues in PHP.

A number of buffer overflow flaws were found in the PHP
session extension, the str_replace() function, and the
imap_mail_compose() function. If very long strings under
the control of an attacker are passed to the str_replace()
function then an integer overflow could occur in memory
allocation. If a script uses the imap_mail_compose()
function to create a new MIME message based on an input body
from an untrusted source, it could result in a heap
overflow. An attacker who is able to access a PHP
application affected by any these issues could trigger these
flaws and possibly execute arbitrary code as the 'apache'
user. (CVE-2007-0906)

If unserializing untrusted data on 64-bit platforms, the
zend_hash_init() function can be forced to enter an infinite
loop, consuming CPU resources for a limited length of time,
until the script timeout alarm aborts execution of the
script. (CVE-2007-0988)

If the wddx extension is used to import WDDX data from an
untrusted source, certain WDDX input packets may allow a
random portion of heap memory to be exposed. (CVE-2007-0908)

If the odbc_result_all() function is used to display data
from a database, and the contents of the database table are
under the control of an attacker, a format string
vulnerability is possible which could lead to the execution
of arbitrary code. (CVE-2007-0909)

A one byte memory read will always occur before the
beginning of a buffer, which could be triggered for example
by any use of the header() function in a script. However it
is unlikely that this would have any effect. (CVE-2007-0907)

Several flaws in PHP could allows attackers to "clobber"
certain super-global variables via unspecified vectors.
(CVE-2007-0910)

The Fedora Project would like to thank Stefan Esser for his
help diagnosing these issues.
---------------------------------------------------------------------
* Fri Feb 23 2007 Joe Orton <jorton at redhat.com> 5.1.6-1.4
- fix pdo-abi provide
* Tue Feb 20 2007 Joe Orton <jorton at redhat.com> 5.1.6-1.3
- add security fixes for: CVE-2007-0906, CVE-2007-0907, 
  CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988 (#228011)
* Fri Nov  3 2006 Joe Orton <jorton at redhat.com> 5.1.6-1.2
- add security fix for CVE-2006-5465 (#213732)
* Fri Oct  6 2006 Joe Orton <jorton at redhat.com> 5.1.6-1.1
- update to 5.1.6 (#201767, #204995)
- add fix for upstream #38801
- add security fix for CVE-2006-4812
- drop Obsoletes for mod_php (#194590)
- add php-pdo-abi versioning (#193202)
- move php{-config,ize} man pages to -devel (#199382)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

3b061f65b70b34fbef62f1f65a3fa4333e41ab36  SRPMS/php-5.1.6-1.4.src.rpm
3b061f65b70b34fbef62f1f65a3fa4333e41ab36  noarch/php-5.1.6-1.4.src.rpm
5a24afb3d013455ced3218c8f523d8f84c25e0bb  ppc/php-xml-5.1.6-1.4.ppc.rpm
fbac82de6d56570922fb8fa8acc5d19b8e2eaac5  ppc/php-dba-5.1.6-1.4.ppc.rpm
54d559127fec3e1768c77c72ec8fc5b7beef18e9  ppc/php-ldap-5.1.6-1.4.ppc.rpm
c8bc707f9aa2d1c306e21ac1aa22ff7bb48e1956  ppc/debug/php-debuginfo-5.1.6-1.4.ppc.rpm
26cc27f8f20800e022e4855c16fe6f7dd2b6b687  ppc/php-devel-5.1.6-1.4.ppc.rpm
f299be701a27f58a62452fca8fb8d3a8c3116049  ppc/php-gd-5.1.6-1.4.ppc.rpm
abf6d49a87cd7fa5ed94fe47b06e9b94dcbc720b  ppc/php-mysql-5.1.6-1.4.ppc.rpm
edeac14484f1609e4966283556970c5d78985a35  ppc/php-imap-5.1.6-1.4.ppc.rpm
cdebab22f3df6b56801b3a6d828f0431a7840670  ppc/php-mbstring-5.1.6-1.4.ppc.rpm
ef6704adc6b52bf60acefa5a40fe8820dd260985  ppc/php-odbc-5.1.6-1.4.ppc.rpm
7913e46a19cc00212b81540872da77dd90ed93fe  ppc/php-soap-5.1.6-1.4.ppc.rpm
12fae23a7b9b22d281d6de822d9bd34ec9073c1b  ppc/php-bcmath-5.1.6-1.4.ppc.rpm
dabcbedca192d691affa5e1b6e8fabdcd9a09699  ppc/php-pdo-5.1.6-1.4.ppc.rpm
4d080964aae1aabab21cc771d3234d052974a03a  ppc/php-snmp-5.1.6-1.4.ppc.rpm
2cbef2bc81e6b723ac3123fa19d35cb31704306f  ppc/php-ncurses-5.1.6-1.4.ppc.rpm
d5831de4dd6f97dd5e50b1e35c0b5d3d94c549b3  ppc/php-xmlrpc-5.1.6-1.4.ppc.rpm
c41ae9293ff357a569f90e41f5ffdbe370e78981  ppc/php-5.1.6-1.4.ppc.rpm
25ccdd34065887149bdc76f4433609f3990bcbf2  ppc/php-pgsql-5.1.6-1.4.ppc.rpm
f7342fc8a87b31c7769341038be009453e57969e  x86_64/php-xml-5.1.6-1.4.x86_64.rpm
4094d3cddd923db58e3a9d35539c38ec007c30ae  x86_64/php-snmp-5.1.6-1.4.x86_64.rpm
c00a3e4d87c1903d9ace44c82952a69cf748ae3a  x86_64/php-dba-5.1.6-1.4.x86_64.rpm
92cfd6eee0a9f69432ae033963071339bf41bded  x86_64/debug/php-debuginfo-5.1.6-1.4.x86_64.rpm
79b95535324568f59a90cabafff598ce681cefe3  x86_64/php-odbc-5.1.6-1.4.x86_64.rpm
3f3d2724105055a14eb3e5ae84a4bd6f78d51dfb  x86_64/php-mbstring-5.1.6-1.4.x86_64.rpm
583a38aa3e5eba89b750e992c837907686707b38  x86_64/php-soap-5.1.6-1.4.x86_64.rpm
23b0902bd5031e7f17f8ed49e1915ccad8e2756c  x86_64/php-ncurses-5.1.6-1.4.x86_64.rpm
26589ce878963b6f01816bc80fcd233619a12531  x86_64/php-pgsql-5.1.6-1.4.x86_64.rpm
2bb6f903f4d09589195b8bfa0ea2d4b05ddff522  x86_64/php-5.1.6-1.4.x86_64.rpm
8ae38b5104656752920f26f62023959e3aaff3a2  x86_64/php-mysql-5.1.6-1.4.x86_64.rpm
2cb9256ffaa99045934bdc55a91f859c2026aea5  x86_64/php-gd-5.1.6-1.4.x86_64.rpm
dfb4127a9e9bdd09f7ea41be49299b70d9e14547  x86_64/php-xmlrpc-5.1.6-1.4.x86_64.rpm
54bcf579c5bb9d6ea0fa45546acadf2e3303a6dc  x86_64/php-bcmath-5.1.6-1.4.x86_64.rpm
c92791ccc84d497821fc98f59ec40ff83acadf45  x86_64/php-imap-5.1.6-1.4.x86_64.rpm
cf32946c0300070d55dae8f46a87579da2303689  x86_64/php-pdo-5.1.6-1.4.x86_64.rpm
d40876346a93f3b9f38f8dc803bdd19b3b7f3cf5  x86_64/php-devel-5.1.6-1.4.x86_64.rpm
ca3c44aeea84297a96d42facdd31df442d06e316  x86_64/php-ldap-5.1.6-1.4.x86_64.rpm
9f0f3806b77b7936acfd4d3977a9364ee167c76a  i386/php-xml-5.1.6-1.4.i386.rpm
f74abb78eae104c405cdfe158ab68ee3b52b7b9b  i386/php-ldap-5.1.6-1.4.i386.rpm
cef9f63236317fad46ccb8009314054a7507369e  i386/php-pdo-5.1.6-1.4.i386.rpm
2953d1aa54f7bbe01a13433742f5303747606107  i386/php-xmlrpc-5.1.6-1.4.i386.rpm
688e979d9625c287ff04ab732a7a157da8976f2a  i386/php-mbstring-5.1.6-1.4.i386.rpm
86fd40c463190725748d8a0ff35a26e40cef8d40  i386/php-5.1.6-1.4.i386.rpm
6014c512fe4ef0512f0ca1f850fc8d06951b5aea  i386/php-odbc-5.1.6-1.4.i386.rpm
00f9574c62f0f767762ec94b85e6ff65e991f56b  i386/php-snmp-5.1.6-1.4.i386.rpm
8195b41ba6e9b60c1a0694cfa0b30e232061ee98  i386/debug/php-debuginfo-5.1.6-1.4.i386.rpm
2716cbc9275df6555673ccae4e33624e01fb50f4  i386/php-soap-5.1.6-1.4.i386.rpm
ab52b2c0e9ee2b5e9995eecfc42acb84d259b464  i386/php-dba-5.1.6-1.4.i386.rpm
aa0fbf478c12b0176693475831c41149f467f39b  i386/php-devel-5.1.6-1.4.i386.rpm
de5fb54e3497c36f32517693f10c1147c291cf5a  i386/php-gd-5.1.6-1.4.i386.rpm
032a7a160711274d5815447bd4e258d80eb375e3  i386/php-ncurses-5.1.6-1.4.i386.rpm
871275a31e13729362db4a83d1e4464cfcd0338f  i386/php-bcmath-5.1.6-1.4.i386.rpm
4bb0aed5c2ffcc87a71d14d7609e31d60453b7e1  i386/php-pgsql-5.1.6-1.4.i386.rpm
ad9b8790b30146d5be9184f951628c22e903bd1e  i386/php-mysql-5.1.6-1.4.i386.rpm
5fc2d3423da640a14cace07b14340405cb44c07e  i386/php-imap-5.1.6-1.4.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

More information about the package-announce mailing list