[SECURITY] Fedora Core 5 Update: php-5.1.6-1.2
Joe Orton
jorton at redhat.com
Mon Nov 6 15:56:34 UTC 2006
---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2006-1168
2006-11-06
---------------------------------------------------------------------
Product : Fedora Core 5
Name : php
Version : 5.1.6
Release : 1.2
Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.
---------------------------------------------------------------------
Update Information:
This update fixes a security vulnerability in PHP.
The Hardened-PHP Project discovered an overflow in the PHP
htmlentities() and htmlspecialchars() routines. If a PHP
script used the vulnerable functions to parse UTF-8 data, a
remote attacker sending a carefully crafted request could
trigger the overflow and potentially execute arbitrary code
as the 'apache' user. (CVE-2006-5465)
---------------------------------------------------------------------
* Fri Nov 3 2006 Joe Orton <jorton at redhat.com> 5.1.6-1.2
- add security fix for CVE-2006-5465 (#213732)
* Fri Oct 6 2006 Joe Orton <jorton at redhat.com> 5.1.6-1.1
- update to 5.1.6 (#201767, #204995)
- add fix for upstream #38801
- add security fix for CVE-2006-4812
- drop Obsoletes for mod_php (#194590)
- add php-pdo-abi versioning (#193202)
- move php{-config,ize} man pages to -devel (#199382)
---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/5/
bff633c8ad940ae896bb046b113ef0c8f12de51c SRPMS/php-5.1.6-1.2.src.rpm
bff633c8ad940ae896bb046b113ef0c8f12de51c noarch/php-5.1.6-1.2.src.rpm
bd6fc1dda014a5bb23fa4b2fc956cc24abd43649 ppc/php-odbc-5.1.6-1.2.ppc.rpm
31f96bcdfb50dc8b0bb81c7cdd7f85927bcf2001 ppc/php-xmlrpc-5.1.6-1.2.ppc.rpm
8035ffd5d7c3f6e7c646a68e04815f966270f7f2 ppc/php-ldap-5.1.6-1.2.ppc.rpm
cde3923768d8c18d930d12b5a16c7a0032d49a65 ppc/php-imap-5.1.6-1.2.ppc.rpm
cc7a7084c2007080948a919c21402d93fc777782 ppc/php-dba-5.1.6-1.2.ppc.rpm
66ed82fb62b3602f33bd61a99c0c752e9cb69f44 ppc/php-xml-5.1.6-1.2.ppc.rpm
c9b92115646fa3e42cb5a78be841d6434d1c30d2 ppc/php-pdo-5.1.6-1.2.ppc.rpm
2c6db23904015ff7c98e1fa0a23d24935379fc6c ppc/php-soap-5.1.6-1.2.ppc.rpm
a2fc85fb72399e8fd0d05f80c662fa7a1f1c3933 ppc/php-mbstring-5.1.6-1.2.ppc.rpm
3541b950ead159bf79e58569ba510456f74e3a2f ppc/php-bcmath-5.1.6-1.2.ppc.rpm
2e34c835a687369699f4ed27e43bbe4977b35832 ppc/php-pgsql-5.1.6-1.2.ppc.rpm
1b204e9e6f20ef334c334074853b219042aaf3c9 ppc/php-gd-5.1.6-1.2.ppc.rpm
9ee03eeac15c80ebeb11b8ba5072c5a4ec8394ab ppc/php-mysql-5.1.6-1.2.ppc.rpm
d147d49d2d332a57f2658253f7abcf815a133714 ppc/php-snmp-5.1.6-1.2.ppc.rpm
e2a16e70682963b9c1ba4e6638523b0688ef24b2 ppc/debug/php-debuginfo-5.1.6-1.2.ppc.rpm
69edd9e0dc0d0dbfc38b753503d1d5c5fd9a579c ppc/php-5.1.6-1.2.ppc.rpm
15927b504069c14b5e161bc2c098e9090bb002c8 ppc/php-devel-5.1.6-1.2.ppc.rpm
601bce2f6a7b855b0f670801f0d7337eb83d8602 ppc/php-ncurses-5.1.6-1.2.ppc.rpm
5b3c980aad87a3f14a7833b7cb3b29d7111117ce x86_64/php-ncurses-5.1.6-1.2.x86_64.rpm
70587623f754af6c6294f84079cf7db6dbe555d8 x86_64/php-5.1.6-1.2.x86_64.rpm
87d2927aacf253fc0fba49ed6a64eda5abf2d7f6 x86_64/php-devel-5.1.6-1.2.x86_64.rpm
9e52b6b55a2a195a348b46dcac3e7e12f05dd6ec x86_64/php-ldap-5.1.6-1.2.x86_64.rpm
e5aaa950afb119b0e905db2b0bd1769413f6bf93 x86_64/php-mbstring-5.1.6-1.2.x86_64.rpm
29d3d207ae70ee622bc54958e8b916915f2a62c3 x86_64/php-mysql-5.1.6-1.2.x86_64.rpm
e5238f8d9f56d117edaf52b436fa0220fb411ba8 x86_64/debug/php-debuginfo-5.1.6-1.2.x86_64.rpm
14bad3ab96cc594869808b7a305ce1896c7e4c4b x86_64/php-bcmath-5.1.6-1.2.x86_64.rpm
546c5c204ad6c62c17f50153360396716e33a940 x86_64/php-imap-5.1.6-1.2.x86_64.rpm
79adc80660d5e03566e3dcc3d96ea05e8c7a4c51 x86_64/php-pdo-5.1.6-1.2.x86_64.rpm
6a984f1d689e9d306a37b6109dedc600dece9bf6 x86_64/php-pgsql-5.1.6-1.2.x86_64.rpm
d89c566e9bc51bbb10f6541999901d43f1ff2eda x86_64/php-snmp-5.1.6-1.2.x86_64.rpm
57b7cd706c71075eebd148e537b8fc5d113fef07 x86_64/php-xml-5.1.6-1.2.x86_64.rpm
2fa64f2b3e4777b621d74b5f419cc1947b131e4b x86_64/php-xmlrpc-5.1.6-1.2.x86_64.rpm
c9ff5fe6e1406d13353656ed5046a53ea2bb6ac6 x86_64/php-soap-5.1.6-1.2.x86_64.rpm
066e53533aa8b1b6168169ffe390a17da794be17 x86_64/php-odbc-5.1.6-1.2.x86_64.rpm
d9b709bf34c32d378b47a43bc32ed4cde8e796fc x86_64/php-dba-5.1.6-1.2.x86_64.rpm
a59826b1761b3495cf20dc551fd329c4fdae02f5 x86_64/php-gd-5.1.6-1.2.x86_64.rpm
d436718a76620b04418fec7e9a599f74cf2d6ad9 i386/php-devel-5.1.6-1.2.i386.rpm
7d86cf903fcaa4d256d462bdddd2b18ac1ab6ae1 i386/php-xmlrpc-5.1.6-1.2.i386.rpm
60504ead834b0444e13c7c3bff7ce8b469ee0e6f i386/php-imap-5.1.6-1.2.i386.rpm
5aefb6a649088cac4d91d1bc2eb3eef428834d58 i386/php-gd-5.1.6-1.2.i386.rpm
49f17ac6fad2844972564861e60dd72c8ae44f37 i386/php-odbc-5.1.6-1.2.i386.rpm
1a3f6ea3df2685ff5a225e33224ce9d798f379f6 i386/php-5.1.6-1.2.i386.rpm
be83b78dc93c864e92a95ce5cbf77a6104a825d6 i386/php-xml-5.1.6-1.2.i386.rpm
21e00eea3527594d4ee66061c8c4bbd181d3ba05 i386/php-pgsql-5.1.6-1.2.i386.rpm
89fb1a2d1c26a630d411d715a6a8859ab908be00 i386/php-snmp-5.1.6-1.2.i386.rpm
2766e06ba5349391f8d2e2d3b10cf75505518b03 i386/php-pdo-5.1.6-1.2.i386.rpm
7b85fec406ee33e508aae272ff6118cc819064fd i386/php-soap-5.1.6-1.2.i386.rpm
73c94b32b5b1baddabd6f73d6f4d2e8eabada028 i386/debug/php-debuginfo-5.1.6-1.2.i386.rpm
423b0e83484c42f1d3de7aa43cb7e962bd827104 i386/php-mysql-5.1.6-1.2.i386.rpm
2348043db923043687f01d21b21c71c54d062a83 i386/php-bcmath-5.1.6-1.2.i386.rpm
6d3a9cbc9d618000badefac8d4f6ffb65760c809 i386/php-ldap-5.1.6-1.2.i386.rpm
4bded5f1a74af7a46d229ffb3869d29d1e11425a i386/php-mbstring-5.1.6-1.2.i386.rpm
a60baa3b27ebee463399225c41fcefbc2eaf55df i386/php-ncurses-5.1.6-1.2.i386.rpm
8e994c3d06fd5c00d950692ca0eaddf015f8f805 i386/php-dba-5.1.6-1.2.i386.rpm
This update can be installed with the 'yum' update program. Use 'yum update
package-name' at the command line. For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list