[SECURITY] Fedora Core 5 Update: php-5.1.6-1.2

Joe Orton jorton at redhat.com
Mon Nov 6 15:56:34 UTC 2006


---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-1168
2006-11-06
---------------------------------------------------------------------

Product     : Fedora Core 5
Name        : php
Version     : 5.1.6
Release     : 1.2
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------
Update Information:

This update fixes a security vulnerability in PHP.

The Hardened-PHP Project discovered an overflow in the PHP
htmlentities() and htmlspecialchars() routines. If a PHP
script used the vulnerable functions to parse UTF-8 data, a
remote attacker sending a carefully crafted request could
trigger the overflow and potentially execute arbitrary code
as the 'apache' user. (CVE-2006-5465) 
---------------------------------------------------------------------
* Fri Nov  3 2006 Joe Orton <jorton at redhat.com> 5.1.6-1.2
- add security fix for CVE-2006-5465 (#213732)
* Fri Oct  6 2006 Joe Orton <jorton at redhat.com> 5.1.6-1.1
- update to 5.1.6 (#201767, #204995)
- add fix for upstream #38801
- add security fix for CVE-2006-4812
- drop Obsoletes for mod_php (#194590)
- add php-pdo-abi versioning (#193202)
- move php{-config,ize} man pages to -devel (#199382)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/

bff633c8ad940ae896bb046b113ef0c8f12de51c  SRPMS/php-5.1.6-1.2.src.rpm
bff633c8ad940ae896bb046b113ef0c8f12de51c  noarch/php-5.1.6-1.2.src.rpm
bd6fc1dda014a5bb23fa4b2fc956cc24abd43649  ppc/php-odbc-5.1.6-1.2.ppc.rpm
31f96bcdfb50dc8b0bb81c7cdd7f85927bcf2001  ppc/php-xmlrpc-5.1.6-1.2.ppc.rpm
8035ffd5d7c3f6e7c646a68e04815f966270f7f2  ppc/php-ldap-5.1.6-1.2.ppc.rpm
cde3923768d8c18d930d12b5a16c7a0032d49a65  ppc/php-imap-5.1.6-1.2.ppc.rpm
cc7a7084c2007080948a919c21402d93fc777782  ppc/php-dba-5.1.6-1.2.ppc.rpm
66ed82fb62b3602f33bd61a99c0c752e9cb69f44  ppc/php-xml-5.1.6-1.2.ppc.rpm
c9b92115646fa3e42cb5a78be841d6434d1c30d2  ppc/php-pdo-5.1.6-1.2.ppc.rpm
2c6db23904015ff7c98e1fa0a23d24935379fc6c  ppc/php-soap-5.1.6-1.2.ppc.rpm
a2fc85fb72399e8fd0d05f80c662fa7a1f1c3933  ppc/php-mbstring-5.1.6-1.2.ppc.rpm
3541b950ead159bf79e58569ba510456f74e3a2f  ppc/php-bcmath-5.1.6-1.2.ppc.rpm
2e34c835a687369699f4ed27e43bbe4977b35832  ppc/php-pgsql-5.1.6-1.2.ppc.rpm
1b204e9e6f20ef334c334074853b219042aaf3c9  ppc/php-gd-5.1.6-1.2.ppc.rpm
9ee03eeac15c80ebeb11b8ba5072c5a4ec8394ab  ppc/php-mysql-5.1.6-1.2.ppc.rpm
d147d49d2d332a57f2658253f7abcf815a133714  ppc/php-snmp-5.1.6-1.2.ppc.rpm
e2a16e70682963b9c1ba4e6638523b0688ef24b2  ppc/debug/php-debuginfo-5.1.6-1.2.ppc.rpm
69edd9e0dc0d0dbfc38b753503d1d5c5fd9a579c  ppc/php-5.1.6-1.2.ppc.rpm
15927b504069c14b5e161bc2c098e9090bb002c8  ppc/php-devel-5.1.6-1.2.ppc.rpm
601bce2f6a7b855b0f670801f0d7337eb83d8602  ppc/php-ncurses-5.1.6-1.2.ppc.rpm
5b3c980aad87a3f14a7833b7cb3b29d7111117ce  x86_64/php-ncurses-5.1.6-1.2.x86_64.rpm
70587623f754af6c6294f84079cf7db6dbe555d8  x86_64/php-5.1.6-1.2.x86_64.rpm
87d2927aacf253fc0fba49ed6a64eda5abf2d7f6  x86_64/php-devel-5.1.6-1.2.x86_64.rpm
9e52b6b55a2a195a348b46dcac3e7e12f05dd6ec  x86_64/php-ldap-5.1.6-1.2.x86_64.rpm
e5aaa950afb119b0e905db2b0bd1769413f6bf93  x86_64/php-mbstring-5.1.6-1.2.x86_64.rpm
29d3d207ae70ee622bc54958e8b916915f2a62c3  x86_64/php-mysql-5.1.6-1.2.x86_64.rpm
e5238f8d9f56d117edaf52b436fa0220fb411ba8  x86_64/debug/php-debuginfo-5.1.6-1.2.x86_64.rpm
14bad3ab96cc594869808b7a305ce1896c7e4c4b  x86_64/php-bcmath-5.1.6-1.2.x86_64.rpm
546c5c204ad6c62c17f50153360396716e33a940  x86_64/php-imap-5.1.6-1.2.x86_64.rpm
79adc80660d5e03566e3dcc3d96ea05e8c7a4c51  x86_64/php-pdo-5.1.6-1.2.x86_64.rpm
6a984f1d689e9d306a37b6109dedc600dece9bf6  x86_64/php-pgsql-5.1.6-1.2.x86_64.rpm
d89c566e9bc51bbb10f6541999901d43f1ff2eda  x86_64/php-snmp-5.1.6-1.2.x86_64.rpm
57b7cd706c71075eebd148e537b8fc5d113fef07  x86_64/php-xml-5.1.6-1.2.x86_64.rpm
2fa64f2b3e4777b621d74b5f419cc1947b131e4b  x86_64/php-xmlrpc-5.1.6-1.2.x86_64.rpm
c9ff5fe6e1406d13353656ed5046a53ea2bb6ac6  x86_64/php-soap-5.1.6-1.2.x86_64.rpm
066e53533aa8b1b6168169ffe390a17da794be17  x86_64/php-odbc-5.1.6-1.2.x86_64.rpm
d9b709bf34c32d378b47a43bc32ed4cde8e796fc  x86_64/php-dba-5.1.6-1.2.x86_64.rpm
a59826b1761b3495cf20dc551fd329c4fdae02f5  x86_64/php-gd-5.1.6-1.2.x86_64.rpm
d436718a76620b04418fec7e9a599f74cf2d6ad9  i386/php-devel-5.1.6-1.2.i386.rpm
7d86cf903fcaa4d256d462bdddd2b18ac1ab6ae1  i386/php-xmlrpc-5.1.6-1.2.i386.rpm
60504ead834b0444e13c7c3bff7ce8b469ee0e6f  i386/php-imap-5.1.6-1.2.i386.rpm
5aefb6a649088cac4d91d1bc2eb3eef428834d58  i386/php-gd-5.1.6-1.2.i386.rpm
49f17ac6fad2844972564861e60dd72c8ae44f37  i386/php-odbc-5.1.6-1.2.i386.rpm
1a3f6ea3df2685ff5a225e33224ce9d798f379f6  i386/php-5.1.6-1.2.i386.rpm
be83b78dc93c864e92a95ce5cbf77a6104a825d6  i386/php-xml-5.1.6-1.2.i386.rpm
21e00eea3527594d4ee66061c8c4bbd181d3ba05  i386/php-pgsql-5.1.6-1.2.i386.rpm
89fb1a2d1c26a630d411d715a6a8859ab908be00  i386/php-snmp-5.1.6-1.2.i386.rpm
2766e06ba5349391f8d2e2d3b10cf75505518b03  i386/php-pdo-5.1.6-1.2.i386.rpm
7b85fec406ee33e508aae272ff6118cc819064fd  i386/php-soap-5.1.6-1.2.i386.rpm
73c94b32b5b1baddabd6f73d6f4d2e8eabada028  i386/debug/php-debuginfo-5.1.6-1.2.i386.rpm
423b0e83484c42f1d3de7aa43cb7e962bd827104  i386/php-mysql-5.1.6-1.2.i386.rpm
2348043db923043687f01d21b21c71c54d062a83  i386/php-bcmath-5.1.6-1.2.i386.rpm
6d3a9cbc9d618000badefac8d4f6ffb65760c809  i386/php-ldap-5.1.6-1.2.i386.rpm
4bded5f1a74af7a46d229ffb3869d29d1e11425a  i386/php-mbstring-5.1.6-1.2.i386.rpm
a60baa3b27ebee463399225c41fcefbc2eaf55df  i386/php-ncurses-5.1.6-1.2.i386.rpm
8e994c3d06fd5c00d950692ca0eaddf015f8f805  i386/php-dba-5.1.6-1.2.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------




More information about the Fedora-package-announce mailing list