[SECURITY] Fedora 7 Update: php-pear-MDB2-2.4.1-2.fc7
updates at fedoraproject.org
updates at fedoraproject.org
Thu Nov 15 03:41:00 UTC 2007
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2007-3369
2007-11-15 03:40:53.486910
--------------------------------------------------------------------------------
Name : php-pear-MDB2
Product : Fedora 7
Version : 2.4.1
Release : 2.fc7
URL : http://pear.php.net/package/MDB2
Summary : Database Abstraction Layer
Description :
PEAR::MDB2 is a merge of the PEAR::DB and Metabase php database abstraction
layers.
It provides a common API for all supported RDBMS. The main difference to most
other DB abstraction packages is that MDB2 goes much further to ensure
portability.
--------------------------------------------------------------------------------
Update Information:
This update fixes a security flaw CVE-2007-5934 with critical impact. All users of php-pear-MDB2 are strongly advised to upgrade to these updated packages.
--------------------------------------------------------------------------------
ChangeLog:
* Tue Nov 13 2007 Christopher Stone <chris.stone at gmail.com> 2.4.1-2
- Add LOB security patch (bz #379081)
--------------------------------------------------------------------------------
References:
[ 1 ] Bug #379091 - MDB2 Data injection and disclosure [f7]
https://bugzilla.redhat.com/show_bug.cgi?id=379091
[ 2 ] Bug #379081 - CVE-2007-5934 MDB2 Data injection and disclosure
https://bugzilla.redhat.com/show_bug.cgi?id=379081
[ 3 ] Bug #379121 - MDB2 Data injection and disclosure [f7]
https://bugzilla.redhat.com/show_bug.cgi?id=379121
[ 4 ] Bug #379151 - MDB2 Data injection and disclosure [f7]
https://bugzilla.redhat.com/show_bug.cgi?id=379151
--------------------------------------------------------------------------------
Updated packages:
24a9df49d1336e8f49ad7f028813c6e22845f497 php-pear-MDB2-2.4.1-2.fc7.noarch.rpm
324479ac1c2c93fe4dfb60ce207faff0ddd4fd84 php-pear-MDB2-2.4.1-2.fc7.src.rpm
This update can be installed with the "yum" update program. Use
su -c 'yum update php-pear-MDB2'
at the command line. For more information, refer to "Managing Software
with yum", available at http://docs.fedoraproject.org/yum/.
--------------------------------------------------------------------------------
More information about the Fedora-package-announce
mailing list