Login
Newsletter
Werbung

Sicherheit: Ausführen beliebigen Codes in php
Aktuelle Meldungen Distributionen
Name: Ausführen beliebigen Codes in php
ID: FEDORA-2005-518
Distribution: Fedora
Plattformen: Fedora Core 4
Datum: Mi, 6. Juli 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1751
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1921
Applikationen: PHP

Originalnachricht

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-518
2005-07-05
---------------------------------------------------------------------

Product : Fedora Core 4
Name : php
Version : 5.0.4
Release : 10.3
Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext
Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------
Update Information:

This update includes the PEAR XML_RPC 1.3.1 package, which fixes a
security issue in the XML_RPC server implementation. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
name CAN-2005-1921 to this issue.

The bundled version of shtool is also updated, to fix some temporary
file handling races. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2005-1751 to this issue.

Bug fixes for the dom, ldap, and gd extensions are also included in
this update.

---------------------------------------------------------------------
* Mon Jul 4 2005 Joe Orton <jorton@redhat.com> 5.0.4-10.3

- pear: update to XML_RPC 1.3.1 (CAN-2005-1921, #162045)
- update bundled shtool to 2.0.2 (CAN-2005-1751, #158998)

* Tue Jun 21 2005 Joe Orton <jorton@redhat.com> 5.0.4-10.2

- fix imports from dom module (Rob Richards, #161447)
- fix detection and support for ldap_start_tls (#160527)
- fix imagettftext et al (upstream, #161001)
- mark php.ini and php.conf as noreplace again for updates

---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/

0c6522a88226f54f5e5b7de87fbc0c11 SRPMS/php-5.0.4-10.3.src.rpm
bfaea50f076c4e099c268da5e7620f4b ppc/php-5.0.4-10.3.ppc.rpm
8a07fa05c8405b8e57d132b6ea1f35b1 ppc/php-devel-5.0.4-10.3.ppc.rpm
565d15f4846387a847f8ec46b5c0b396 ppc/php-pear-5.0.4-10.3.ppc.rpm
dbec56b97f22708db35526087110f421 ppc/php-imap-5.0.4-10.3.ppc.rpm
3ae7074cf4ab82f5c8204f72b126dde0 ppc/php-ldap-5.0.4-10.3.ppc.rpm
51836fcd1e96516e78a4e1d109733674 ppc/php-mysql-5.0.4-10.3.ppc.rpm
ea5e7470d83768e1ac5c68796b5b84f3 ppc/php-pgsql-5.0.4-10.3.ppc.rpm
d56a9554078b3b24840025487aa9dfed ppc/php-odbc-5.0.4-10.3.ppc.rpm
5c785d8775d0a627ea2ba976245824e4 ppc/php-soap-5.0.4-10.3.ppc.rpm
bffafd1150b30fde9993f928d4a2d7c0 ppc/php-snmp-5.0.4-10.3.ppc.rpm
784f81cc2692689a585c1fc370a2f17d ppc/php-xml-5.0.4-10.3.ppc.rpm
57bee6798a5722698e33d03132f56583 ppc/php-xmlrpc-5.0.4-10.3.ppc.rpm
b0f76a1c4b916b21f47264f5f87c52bb ppc/php-mbstring-5.0.4-10.3.ppc.rpm
579b1ed7ce37a414adb620cbae082dd1 ppc/php-ncurses-5.0.4-10.3.ppc.rpm
64bef62199d03684373798f4f9c10e06 ppc/php-gd-5.0.4-10.3.ppc.rpm
f1efef76a385b5a0dd021a893a8bae82 ppc/php-bcmath-5.0.4-10.3.ppc.rpm
478a276f46917bb4d6dcea26d9fa661c ppc/php-dba-5.0.4-10.3.ppc.rpm
322bc6293f6c8deb9221241c18c93c82 ppc/debug/php-debuginfo-5.0.4-10.3.ppc.rpm
8efec10a38d939add4eb3c3282e15a61 x86_64/php-5.0.4-10.3.x86_64.rpm
d673f5d0bbed054802b976c7f64325f2 x86_64/php-devel-5.0.4-10.3.x86_64.rpm
5d45dc58614ff16f725e975e20d9405e x86_64/php-pear-5.0.4-10.3.x86_64.rpm
aada20087705846a32f51eb479a340e4 x86_64/php-imap-5.0.4-10.3.x86_64.rpm
9c38732c237643b6ab15d9eb8ac38690 x86_64/php-ldap-5.0.4-10.3.x86_64.rpm
2509b955a13e7d4dc5b601b4378eb73e x86_64/php-mysql-5.0.4-10.3.x86_64.rpm
7733267f9c4aee9145b1150ad066c15b x86_64/php-pgsql-5.0.4-10.3.x86_64.rpm
69e34aadb84a83984f4f1e5f8f0351f1 x86_64/php-odbc-5.0.4-10.3.x86_64.rpm
421f3f0e308ac094dfdd3e9e33f5a2ab x86_64/php-soap-5.0.4-10.3.x86_64.rpm
c392b1c9377612dfacbb739b091e802d x86_64/php-snmp-5.0.4-10.3.x86_64.rpm
7ff88a5d7a91e4d5038257deadae3b0f x86_64/php-xml-5.0.4-10.3.x86_64.rpm
f9d2c7f91395ab69be20f1872fc97842 x86_64/php-xmlrpc-5.0.4-10.3.x86_64.rpm
16a3f115bfaa44ac7d5ff92e9146253b x86_64/php-mbstring-5.0.4-10.3.x86_64.rpm
44826fa9acef498c42eb49f1e51f87d7 x86_64/php-ncurses-5.0.4-10.3.x86_64.rpm
5c2556e825a490c2db2f555dc4d016b9 x86_64/php-gd-5.0.4-10.3.x86_64.rpm
21568c6ad605a84b1a240f414b7166be x86_64/php-bcmath-5.0.4-10.3.x86_64.rpm
cdc560b1d7c7237dc918764c1370f08e x86_64/php-dba-5.0.4-10.3.x86_64.rpm
233dc431c4fccc4adbb0797007b1a78a
x86_64/debug/php-debuginfo-5.0.4-10.3.x86_64.rpm
8e745631a8ac72c8beb28707dda1b407 i386/php-5.0.4-10.3.i386.rpm
fdfd59d4504f9ac5c52a251dad404a8b i386/php-devel-5.0.4-10.3.i386.rpm
90bddaf9f48d94e584c35a82c7fe89fe i386/php-pear-5.0.4-10.3.i386.rpm
4fcbed04dfe357a9b2c4a5fb85058304 i386/php-imap-5.0.4-10.3.i386.rpm
dea52cc729d8f224e0ea17bf219f320b i386/php-ldap-5.0.4-10.3.i386.rpm
e6ee42402a1cbd8a01a58b84e790efb3 i386/php-mysql-5.0.4-10.3.i386.rpm
8d562d334790734b3a7fda48d43c3cb9 i386/php-pgsql-5.0.4-10.3.i386.rpm
24a01a9e32073783a56cf487228ab9be i386/php-odbc-5.0.4-10.3.i386.rpm
7308e2120909b36d3d7e98bcc0ee0400 i386/php-soap-5.0.4-10.3.i386.rpm
438b9b67b75e0ff9a3d797d091be3670 i386/php-snmp-5.0.4-10.3.i386.rpm
483af673a9d33df179dcfca20eb94e73 i386/php-xml-5.0.4-10.3.i386.rpm
2ee878c5bca760a4f3ed01549657ec74 i386/php-xmlrpc-5.0.4-10.3.i386.rpm
a7b3d134abda5a134de5fb8b86558086 i386/php-mbstring-5.0.4-10.3.i386.rpm
4ccd1e7dd776cc5a13f9b4071755a36c i386/php-ncurses-5.0.4-10.3.i386.rpm
c447d59cec28198b72e63de1d34416d0 i386/php-gd-5.0.4-10.3.i386.rpm
d411c4ed89ada9f064fe43e793df09f7 i386/php-bcmath-5.0.4-10.3.i386.rpm
50c8efd1eba45c3cdecf6f94429816f1 i386/php-dba-5.0.4-10.3.i386.rpm
6cc243c39853ec33401b5fb772378c98 i386/debug/php-debuginfo-5.0.4-10.3.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------



--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung