[SECURITY] Fedora Core 6 Update: php-5.1.6-3.4.fc6

Joe Orton jorton at redhat.com
Wed Feb 21 04:17:27 UTC 2007 

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-261
2007-02-20
---------------------------------------------------------------------

Product     : Fedora Core 6
Name        : php
Version     : 5.1.6
Release     : 3.4.fc6
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module which adds support for the PHP
language to Apache HTTP Server.

---------------------------------------------------------------------
Update Information:

This update fixes a number of security issues in PHP.

A number of buffer overflow flaws were found in the PHP
session extension, the str_replace() function, and the
imap_mail_compose() function.  If very long strings under
the control of an attacker are passed to the str_replace()
function then an integer overflow could occur in memory
allocation.  If a script uses the imap_mail_compose()
function to create a new MIME message based on an input body
from an untrusted source, it could result in a heap
overflow.  An attacker who is able to access a PHP
application affected by any these issues could trigger these
flaws and possibly execute arbitrary code as the 'apache'
user. (CVE-2007-0906)

If unserializing untrusted data on 64-bit platforms, the
zend_hash_init() function can be forced to enter an infinite
loop, consuming CPU resources for a limited length of time,
until the script timeout alarm aborts execution of the
script. (CVE-2007-0988)

If the wddx extension is used to import WDDX data from an
untrusted source, certain WDDX input packets may allow a
random portion of heap memory to be exposed. (CVE-2007-0908)

If the odbc_result_all() function is used to display data
from a database, and the contents of the database table are
under the control of an attacker, a format string
vulnerability is possible which could lead to the execution
of arbitrary code.  (CVE-2007-0909)

A one byte memory read will always occur before the
beginning of a buffer, which could be triggered for example
by any use of the header() function in a script.  However it
is unlikely that this would have any effect. (CVE-2007-0907)

Several flaws in PHP could allows attackers to "clobber"
certain super-global variables via unspecified vectors.
(CVE-2007-0910)

The Fedora Project would like to thank Stefan Esser for his
help diagnosing these issues.
---------------------------------------------------------------------
* Fri Feb 16 2007 Joe Orton <jorton at redhat.com> 5.1.6-3.4.fc6
- add security fixes for: CVE-2007-0906, CVE-2007-0907, 
  CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988 (#228011)
- package /usr/share/php and append to default include_path (#225434)
- add php(api), php(zend-abi) provides (#221302)
- fix magic file used by mime-magic (Kir Kolyshkin, #177926)

---------------------------------------------------------------------
This update can be downloaded from:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/

7b9b09babaa380dc8d587a63dd8079abca2c1f47  SRPMS/php-5.1.6-3.4.fc6.src.rpm
7b9b09babaa380dc8d587a63dd8079abca2c1f47  noarch/php-5.1.6-3.4.fc6.src.rpm
9b8c93b07ce55cf46269eed4f14be2117502fa35  ppc/php-dba-5.1.6-3.4.fc6.ppc.rpm
0d3276247300e32005e63733dac8e9d8abfebf2a  ppc/php-cli-5.1.6-3.4.fc6.ppc.rpm
27c273659f4876bec4a764d6c9dabd3a6d8ce47e  ppc/php-common-5.1.6-3.4.fc6.ppc.rpm
f8bf63002e18b2204335f0f699b21844d10ed692  ppc/php-snmp-5.1.6-3.4.fc6.ppc.rpm
d2f76a00d4146beb9931bfa62a0d9133a0631725  ppc/php-pgsql-5.1.6-3.4.fc6.ppc.rpm
a12fe3a9f9a21a66d773d00f01f967070dbe1db4  ppc/php-ncurses-5.1.6-3.4.fc6.ppc.rpm
406c4930f71b5ee7598972bbd5a0fad108595d87  ppc/php-odbc-5.1.6-3.4.fc6.ppc.rpm
b1e3a2eccc1e004713897100964fc23ab6034332  ppc/php-soap-5.1.6-3.4.fc6.ppc.rpm
c61eff9975e3759b50a2c01f9e43484bbd570673  ppc/php-devel-5.1.6-3.4.fc6.ppc.rpm
662b8cd81d18d41647fd17967ebfbf97c9e47733  ppc/php-pdo-5.1.6-3.4.fc6.ppc.rpm
06c697a807bae46bff25d19640295aa5ac6af363  ppc/php-xmlrpc-5.1.6-3.4.fc6.ppc.rpm
f97ccc141d638bcb0d6ab9dc330098dd92c357aa  ppc/php-5.1.6-3.4.fc6.ppc.rpm
025dc3700043b40dac0cd2ea74da2427183e2829  ppc/php-gd-5.1.6-3.4.fc6.ppc.rpm
d70740454c0779318d375d4c75fa1008184adbfd  ppc/php-mysql-5.1.6-3.4.fc6.ppc.rpm
7f1b6cffb8136eae282e18920a592ad0599a46b6  ppc/php-ldap-5.1.6-3.4.fc6.ppc.rpm
67bb7febc969014df3f8beb3b1ecc231c86c9067  ppc/php-xml-5.1.6-3.4.fc6.ppc.rpm
a223d6c4a9bc29b9732538f0d321a1c8489c7197  ppc/php-imap-5.1.6-3.4.fc6.ppc.rpm
192b26bc0e30825d39c638065a763f452ad2c054  ppc/php-bcmath-5.1.6-3.4.fc6.ppc.rpm
4b09d78251135ddeadbba06801429cce1816aaa3  ppc/php-mbstring-5.1.6-3.4.fc6.ppc.rpm
435a2d2dec67e406b47f861a1c7e75389bb4f0ec  ppc/debug/php-debuginfo-5.1.6-3.4.fc6.ppc.rpm
04f7c9846d98e2e8d1d8f4679ea6c66e140d37f3  x86_64/php-cli-5.1.6-3.4.fc6.x86_64.rpm
c91d9cb9463d33703e94a0dcef8199b6df6955aa  x86_64/php-dba-5.1.6-3.4.fc6.x86_64.rpm
711ca7310f0080b2cdf6d9c0c18225c090a56bf0  x86_64/debug/php-debuginfo-5.1.6-3.4.fc6.x86_64.rpm
8f823d70a331464c66b4d36158252251f4bb188b  x86_64/php-xml-5.1.6-3.4.fc6.x86_64.rpm
74d5a0f5f52bbc1279ebf57335697a18b633e4bf  x86_64/php-5.1.6-3.4.fc6.x86_64.rpm
2193a252d2aba8579de10edfe18b2e7c9dcea2d3  x86_64/php-snmp-5.1.6-3.4.fc6.x86_64.rpm
a51a85403e132dd45a4b4154872f9f6bfab94140  x86_64/php-pgsql-5.1.6-3.4.fc6.x86_64.rpm
f825093b1b80729d490e27a92add197ee177b623  x86_64/php-bcmath-5.1.6-3.4.fc6.x86_64.rpm
9eb9abb190d8409ce729fdf9b6c2b813fdbb50fb  x86_64/php-common-5.1.6-3.4.fc6.x86_64.rpm
3dbb57bab24e6763524dd934cdfbc92998c28f20  x86_64/php-xmlrpc-5.1.6-3.4.fc6.x86_64.rpm
8142a27894e25cd408aeb354d136081af7980d28  x86_64/php-mysql-5.1.6-3.4.fc6.x86_64.rpm
e98fbc0d4dba2f264084bb59a38fc608d9583a54  x86_64/php-ncurses-5.1.6-3.4.fc6.x86_64.rpm
7968041fe2dd3900a66e7efbd0bfe3258779ecb5  x86_64/php-ldap-5.1.6-3.4.fc6.x86_64.rpm
3639702a352af9bf361a037932232a6aa2723262  x86_64/php-pdo-5.1.6-3.4.fc6.x86_64.rpm
4baf7cb8263d29ebad74f82e7dec5e82c4a944c6  x86_64/php-soap-5.1.6-3.4.fc6.x86_64.rpm
02e78ef41299b7b453c41370054ff32a19ab45b9  x86_64/php-odbc-5.1.6-3.4.fc6.x86_64.rpm
10d43aa4413a91a50af466a93827523151e82c1b  x86_64/php-mbstring-5.1.6-3.4.fc6.x86_64.rpm
d89d395cb04877824d0013bf0052dc4fcc02851a  x86_64/php-devel-5.1.6-3.4.fc6.x86_64.rpm
46b355db5d40d8cb1d2b37a97ff73826ad8f9b9a  x86_64/php-imap-5.1.6-3.4.fc6.x86_64.rpm
e4d3af22b8216172c1e6869c84560237af000a48  x86_64/php-gd-5.1.6-3.4.fc6.x86_64.rpm
8854dbd2cdac7b8c5e1b2c0df66e1a240ec94374  i386/php-ldap-5.1.6-3.4.fc6.i386.rpm
83806c3c738000dde90ad071ef099accc7bdea87  i386/php-devel-5.1.6-3.4.fc6.i386.rpm
29131458541011f152e5dd4f8fc17e0a2bb65dfe  i386/php-ncurses-5.1.6-3.4.fc6.i386.rpm
c7db44fc3b662517f5adc08f1abb8b6dbb2de969  i386/php-soap-5.1.6-3.4.fc6.i386.rpm
afc792f641459062889556e7ddc6f58d49cddcbb  i386/php-gd-5.1.6-3.4.fc6.i386.rpm
3f32c58eeffeae2d00dea03646b850c79300ff4c  i386/php-mbstring-5.1.6-3.4.fc6.i386.rpm
2e40e27b0c8f4ea8ecd98263865d52d9165674cd  i386/php-xml-5.1.6-3.4.fc6.i386.rpm
25994dd791746536ec68513c61093869f57869d6  i386/php-xmlrpc-5.1.6-3.4.fc6.i386.rpm
fe3321e73d118822b7e96eefbcbbafef7dfab48b  i386/php-common-5.1.6-3.4.fc6.i386.rpm
7166241a4dc4494a51f88ed569ff045ea43c5cff  i386/debug/php-debuginfo-5.1.6-3.4.fc6.i386.rpm
f867ebd1e07dbc90fe94aecff36be2d9c283af90  i386/php-odbc-5.1.6-3.4.fc6.i386.rpm
2d61834a838c8b61c41aedcfd063e8fc6083cdb0  i386/php-dba-5.1.6-3.4.fc6.i386.rpm
a06e00e158acebb953808198d608da92cde271e0  i386/php-bcmath-5.1.6-3.4.fc6.i386.rpm
c778f92d0d3e3ed148d57b18febe46230362aec7  i386/php-pgsql-5.1.6-3.4.fc6.i386.rpm
87c95b809a0e77dbc0400709e197ebfcb676ac97  i386/php-snmp-5.1.6-3.4.fc6.i386.rpm
60a45e08a036090767b07a174d291db30f8fc57e  i386/php-5.1.6-3.4.fc6.i386.rpm
ae7c85a6d029868aa83d272b1f44fa5fc2774df5  i386/php-cli-5.1.6-3.4.fc6.i386.rpm
1b25d339e8416be01e93799b01f85a3b3c165591  i386/php-mysql-5.1.6-3.4.fc6.i386.rpm
66d4277e2ae840ee87a7a8940112abc30e88206d  i386/php-imap-5.1.6-3.4.fc6.i386.rpm
4808d76752ae8866198512026fdbf8debb66b7d9  i386/php-pdo-5.1.6-3.4.fc6.i386.rpm

This update can be installed with the 'yum' update program.  Use 'yum update
package-name' at the command line.  For more information, refer to 'Managing
Software with yum,' available at http://fedora.redhat.com/docs/yum/.
---------------------------------------------------------------------

More information about the Fedora-package-announce mailing list