[SECURITY] Fedora Core 6 Update: php-5.1.6-3.7.fc6

Joe Orton jorton at redhat.com
Mon Sep 24 20:33:40 UTC 2007 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-709
2007-09-24
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : php
Version     : 5.1.6
Release     : 3.7.fc6
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module which adds support for the PHP
language to Apache HTTP Server.

---------------------------------------------------------------------
Update Information:

This update fixes a number of security issues in PHP:

* various integer overflow flaws were found in the PHP gd
extension. A script that could be forced to resize images
from an untrusted source could possibly allow a remote
attacker to execute arbitrary code as the apache user.
(CVE-2007-3996)

* an integer overflow flaw was found in the PHP chunk_split
function. If a remote attacker was able to pass arbitrary
data to the third argument of chunk_split they could
possibly execute arbitrary code as the apache user.
Note that it is unusual for a PHP script to use the
chunk_script function with a user-supplied third argument.
(CVE-2007-2872)

* a previous security update introduced a bug into PHP
session cookie handling. This could allow an attacker to
stop a victim from viewing a vulnerable web site if the
victim has first visited a malicious web page under the
control of the attacker, and that page can set a cookie for
the vulnerable web site. (CVE-2007-4670)

* a flaw was found in the PHP money_format function. If a
remote attacker was able to pass arbitrary data to the
money_format function this could possibly result in an
information leak or denial of service. Note that is
is unusual for a PHP script to pass user-supplied data to
the money_format function. (CVE-2007-4658)

* a flaw was found in the PHP wordwrap function. If a remote
attacker was able to pass arbitrary data to the wordwrap
function this could possibly result in a denial of service.
(CVE-2007-3998)

* a bug was found in PHP session cookie handling. This could
allow an attacker to create a cross-site cookie insertion
attack if a victim follows an untrusted carefully-crafted
URL. (CVE-2007-3799)

* an infinite-loop flaw was discovered in the PHP gd
extension. A script that could be forced to process PNG
images from an untrusted source could allow a remote
attacker to cause a denial of service. (CVE-2007-2756)


---------------------------------------------------------------------
* Tue Sep 18 2007 Joe Orton <jorton at redhat.com> 5.1.6-3.7.fc6
- add security fixes for CVE-2007-2756, CVE-2007-2872,
  CVE-2007-3799, CVE-2007-3996, CVE-2007-3998, CVE-2007-4658,
  CVE-2007-4670
- fix mime_content_type (Kir Kolyshkin, #177926)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

40617402ea17756914cc16cff8761708f4c84c8a  SRPMS/php-5.1.6-3.7.fc6.src.rpm
40617402ea17756914cc16cff8761708f4c84c8a  noarch/php-5.1.6-3.7.fc6.src.rpm
156a661d38364742764006f44e56c9db5a05a99c  ppc/php-soap-5.1.6-3.7.fc6.ppc.rpm
c6b3a2282c55e53ce402f389fb9d67ac0803abe4  ppc/php-common-5.1.6-3.7.fc6.ppc.rpm
3b26a05eb9ef1df3144b096957270b93e201c74a  ppc/php-mysql-5.1.6-3.7.fc6.ppc.rpm
1f66d45592fc6bbe44c44cd4352e92366d5504d0  ppc/php-xml-5.1.6-3.7.fc6.ppc.rpm
8bfa0fee16749a42cc181ad0c68f66ff5e08974c  ppc/php-bcmath-5.1.6-3.7.fc6.ppc.rpm
f6f7f8e99e028fb007cc3566620a00dd68f33731  ppc/php-odbc-5.1.6-3.7.fc6.ppc.rpm
87e606c35c72878af5625e884a57b44d0b731446  ppc/php-imap-5.1.6-3.7.fc6.ppc.rpm
3265cb00d4f29a37e6ea50cc8676fd4e5f75226d  ppc/php-mbstring-5.1.6-3.7.fc6.ppc.rpm
2da81f62336b2b3c241bc0fa424caeaa47a2d15a  ppc/php-pdo-5.1.6-3.7.fc6.ppc.rpm
4066cee3f7a00a4cd59225210d9e4cfae6d2d1cd  ppc/php-ldap-5.1.6-3.7.fc6.ppc.rpm
dcef339b4b7b21e58fbe65c79046e7d1b7c62739  ppc/php-cli-5.1.6-3.7.fc6.ppc.rpm
b8d1be39ee2913152baa65a79c3bb0927a0a91bc  ppc/debug/php-debuginfo-5.1.6-3.7.fc6.ppc.rpm
68d3da614e1e0bae323fc0f0a0ec053366f16b44  ppc/php-5.1.6-3.7.fc6.ppc.rpm
e4ed88cee8ca8ba54d10b01a3640e6281475b9ad  ppc/php-pgsql-5.1.6-3.7.fc6.ppc.rpm
ea20e1498063bc81abd19a96b8132ca7977b4762  ppc/php-dba-5.1.6-3.7.fc6.ppc.rpm
3869a097c54388ff5141b54a0ce00b8d452b1550  ppc/php-ncurses-5.1.6-3.7.fc6.ppc.rpm
355f42e6b1abbf0305cd9c70717972c25d8c0892  ppc/php-gd-5.1.6-3.7.fc6.ppc.rpm
b7c5c5b4752ca070eb8156d22b62cac5da4861bb  ppc/php-xmlrpc-5.1.6-3.7.fc6.ppc.rpm
c8e1a662404d18cd5a13206facc260a6069f2af4  ppc/php-devel-5.1.6-3.7.fc6.ppc.rpm
06cc862f246a47aa7c27a96b7be16244fd5bdde9  ppc/php-snmp-5.1.6-3.7.fc6.ppc.rpm
85d7ec4dfdb1b3beef121e133924aa930cbffda6  x86_64/debug/php-debuginfo-5.1.6-3.7.fc6.x86_64.rpm
c67c441e4e16f650c17b50529c3d55ef6d3cca2b  x86_64/php-mbstring-5.1.6-3.7.fc6.x86_64.rpm
c68cac45c3fb12cd4e0df49d92c6f1abea9874a0  x86_64/php-ncurses-5.1.6-3.7.fc6.x86_64.rpm
e42bf18d61e54ef1383072aa0dda6fd2ea9a72a3  x86_64/php-pgsql-5.1.6-3.7.fc6.x86_64.rpm
4e1fabe888a68c928c7f9a621d6a852a31b28e6a  x86_64/php-soap-5.1.6-3.7.fc6.x86_64.rpm
7651ee688a52120680ce2c19af23e13c8b9ed71a  x86_64/php-common-5.1.6-3.7.fc6.x86_64.rpm
b3ebec5c12f86a139ab64e1dd82e954f1f9ca17f  x86_64/php-dba-5.1.6-3.7.fc6.x86_64.rpm
c4e64f31b419370aa3810c78bc48736592f16184  x86_64/php-snmp-5.1.6-3.7.fc6.x86_64.rpm
53f65efacbc81e43f6cef52abf6052a28cd45958  x86_64/php-bcmath-5.1.6-3.7.fc6.x86_64.rpm
7becddfd2c95ad56704b8296c31ffb7d54a38f38  x86_64/php-xmlrpc-5.1.6-3.7.fc6.x86_64.rpm
efc10eebadf9cb94056669bddad2c84b9e9bd011  x86_64/php-devel-5.1.6-3.7.fc6.x86_64.rpm
ec7541ab90abd13e2e864bfa6f20c1571aa9ae55  x86_64/php-mysql-5.1.6-3.7.fc6.x86_64.rpm
9a1992e0ee196ba9533d5a83d15b8b10a18b58ee  x86_64/php-pdo-5.1.6-3.7.fc6.x86_64.rpm
1b1e3f81fd29a55021d1e2b5771ce6843d5fdd01  x86_64/php-gd-5.1.6-3.7.fc6.x86_64.rpm
a46df7dc6a38714fbd415574fbd71adc04384045  x86_64/php-ldap-5.1.6-3.7.fc6.x86_64.rpm
670f6464f884e1d54ebd2f5435161bb060912783  x86_64/php-imap-5.1.6-3.7.fc6.x86_64.rpm
476a85431df1f50ee9e1e93e7fb61c6f96c1483a  x86_64/php-odbc-5.1.6-3.7.fc6.x86_64.rpm
1f72d6e4b1739c955d6a543aaac4551646339247  x86_64/php-5.1.6-3.7.fc6.x86_64.rpm
b22272c21f4cb2ffbb77c76a1e8179ff287c02cb  x86_64/php-xml-5.1.6-3.7.fc6.x86_64.rpm
50d95bc2e0d5f69b14a779e74b69a1359cdbeff8  x86_64/php-cli-5.1.6-3.7.fc6.x86_64.rpm
8082b5f587e1a3b4e4430dbfe03b48da84c203a6  i386/php-snmp-5.1.6-3.7.fc6.i386.rpm
ea4786a52946c06b74100007de098297023e6cf0  i386/php-cli-5.1.6-3.7.fc6.i386.rpm
9096476c1f2c589d05b9d084433687caea0c8f3a  i386/php-mysql-5.1.6-3.7.fc6.i386.rpm
c2d4bd9640548aeef84479fb67de178f929905e9  i386/php-ncurses-5.1.6-3.7.fc6.i386.rpm
78a5544aefbb098f415fdd6683cd1780038230d3  i386/php-5.1.6-3.7.fc6.i386.rpm
f820783d03577edfe99b8e978527f2b73facfc3b  i386/php-ldap-5.1.6-3.7.fc6.i386.rpm
267039177c0206641343e6e57352687d1a66c897  i386/php-common-5.1.6-3.7.fc6.i386.rpm
3cfc1e8e5d933ecf3cf91a07cde8b30821ed8abb  i386/php-gd-5.1.6-3.7.fc6.i386.rpm
a5eca01f44a0bcf2e600527bd3c3edb868c891ba  i386/debug/php-debuginfo-5.1.6-3.7.fc6.i386.rpm
abd19d5e783596bea6790b4ccd705257948ca26c  i386/php-pdo-5.1.6-3.7.fc6.i386.rpm
e49960b6f3d2298ffb8fc9c70e2d0954771473a3  i386/php-soap-5.1.6-3.7.fc6.i386.rpm
ee4062f0368332b52fcd9a4c6fd64fca294207aa  i386/php-odbc-5.1.6-3.7.fc6.i386.rpm
65792f15eaa6a886813eb7c23f5e9a3fc2fc3471  i386/php-xml-5.1.6-3.7.fc6.i386.rpm
b33bcaa6f6ce51ec09985ce72d3ab3818299620e  i386/php-imap-5.1.6-3.7.fc6.i386.rpm
3bb5affd1bc6c5986deaa8b48efe6e866d399459  i386/php-bcmath-5.1.6-3.7.fc6.i386.rpm
412ace8bd9bc18b2a8495d70b853c492b086d9e2  i386/php-devel-5.1.6-3.7.fc6.i386.rpm
9f89a7ac45c773d8e34ce0a3dc32316c0ff5d35e  i386/php-pgsql-5.1.6-3.7.fc6.i386.rpm
9435ba4ffa9cc8d09554bbd0a58a9cba008f0492  i386/php-xmlrpc-5.1.6-3.7.fc6.i386.rpm
570069b5849458383238d3b96ab74f43e12dd1dc  i386/php-mbstring-5.1.6-3.7.fc6.i386.rpm
e5c834f592f44e433a6d444d6489b0c551636a16  i386/php-dba-5.1.6-3.7.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

More information about the package-announce mailing list