Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in PHP
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in PHP
ID: FEDORA-2005-315
Distribution: Fedora
Plattformen: Fedora Core 3
Datum: Di, 19. April 2005, 13:00
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-1043
Applikationen: PHP

Originalnachricht

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2005-315
2005-04-15
---------------------------------------------------------------------

Product : Fedora Core 3
Name : php
Version : 4.3.11
Release : 2.4
Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext
Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------
Update Information:

This update includes the latest stable release of PHP 4.3, including a
number of security fixes to the exif extension (CVE CAN-2005-1042 and
CAN-2005-1043) and the getimagesize() function (CVE CAN-2005-0524),
along with many bug fixes.

---------------------------------------------------------------------
* Wed Apr 6 2005 Joe Orton <jorton@redhat.com> 4.3.11-2.4

- snmp: disable MSHUTDOWN function to prevent error_log noise

* Wed Apr 6 2005 Joe Orton <jorton@redhat.com> 4.3.11-2.3

- really restore Net_SMTP from PEAR

* Wed Apr 6 2005 Joe Orton <jorton@redhat.com> 4.3.11-2.2

- revert default php.ini changes since 4.3.10
- restore from PEAR: HTTP, Mail, XML_Parser, Net_Socket, Net_SMTP
- remove bundled PEAR packages HTML_Template_IT, Net_UserAgent_Detect

* Wed Apr 6 2005 Joe Orton <jorton@redhat.com> 4.3.11-2.1

- update to 4.3.11 (CAN-2005-0524, #153141)
- revert Zend double->long conversion change (#143514)
- don't configure with --enable-safe-mode (#148969)
- install gd headers (#145891)
- bundle PEAR DB-1.7.5 (omitted from 4.3.11 tarball)


---------------------------------------------------------------------
This update can be downloaded from:
http://download.fedora.redhat.com/pub/fedora/linux/core/updates/3/

37ba9891122583c69a5086c9d2fd2102 SRPMS/php-4.3.11-2.4.src.rpm
5f55d6dba7e02348783348b6759242f9 x86_64/php-4.3.11-2.4.x86_64.rpm
6a78adae0f8f9bba54387847b100fd96 x86_64/php-devel-4.3.11-2.4.x86_64.rpm
c078f4c78928558bac77a8b182cbabb2 x86_64/php-pear-4.3.11-2.4.x86_64.rpm
e437dcd4b70e0df01febae880a5bc70f x86_64/php-imap-4.3.11-2.4.x86_64.rpm
1dbef89de378f779061e49e8cb2d0e94 x86_64/php-ldap-4.3.11-2.4.x86_64.rpm
d5ae259075870e63d316229604957da8 x86_64/php-mysql-4.3.11-2.4.x86_64.rpm
a451afd4a2349c35c423db1905a768c9 x86_64/php-pgsql-4.3.11-2.4.x86_64.rpm
2e66b7cf8d2e933a069cec155c183f31 x86_64/php-odbc-4.3.11-2.4.x86_64.rpm
cfe08c4c4f8d43a7818aa8b48325ecd1 x86_64/php-snmp-4.3.11-2.4.x86_64.rpm
a51bfe897fae0a405ed2b6903cddcd50 x86_64/php-domxml-4.3.11-2.4.x86_64.rpm
0716c2c04d3bba58731b32d3d65e6770 x86_64/php-xmlrpc-4.3.11-2.4.x86_64.rpm
0eedc210d61bb40387b14061ead7d417 x86_64/php-mbstring-4.3.11-2.4.x86_64.rpm
ef1b4ca7890d51e8d75a890b4fd7fe60 x86_64/php-ncurses-4.3.11-2.4.x86_64.rpm
4dc74e7d7fd46e2ec241c12d25451c21 x86_64/php-gd-4.3.11-2.4.x86_64.rpm
b5156d2cadc5fcd4bee9a86e7610b211
x86_64/debug/php-debuginfo-4.3.11-2.4.x86_64.rpm
bd225ddda74ef2431da1ee38eb85871b i386/php-4.3.11-2.4.i386.rpm
40a45386cd76b9386efd22e09be8467a i386/php-devel-4.3.11-2.4.i386.rpm
421d85b05c9aab1d1eba602f39f50c6a i386/php-pear-4.3.11-2.4.i386.rpm
3553b774daa0a991be9eaae9815c0ddb i386/php-imap-4.3.11-2.4.i386.rpm
d102699b4264c735af2cfa0a305c9cca i386/php-ldap-4.3.11-2.4.i386.rpm
326bb7af88a83aeff7937601fbe35835 i386/php-mysql-4.3.11-2.4.i386.rpm
d917f68f2c53192eec915854c11432b8 i386/php-pgsql-4.3.11-2.4.i386.rpm
9721e9f984e8e56cdad453f5ab03182e i386/php-odbc-4.3.11-2.4.i386.rpm
8853467943485b20226e82cffb1dd321 i386/php-snmp-4.3.11-2.4.i386.rpm
c414f1735ae0fa589f20db0a8dfa88e0 i386/php-domxml-4.3.11-2.4.i386.rpm
ecfbcbb670aa6e764bd3d4c4d1a51a3c i386/php-xmlrpc-4.3.11-2.4.i386.rpm
a5d78f1be3481e3f08e634bee8141f0f i386/php-mbstring-4.3.11-2.4.i386.rpm
8a89a49c4e7e9b94067885eaa0953bb8 i386/php-ncurses-4.3.11-2.4.i386.rpm
ce51c0cda3d383b2feb27082fbfe06be i386/php-gd-4.3.11-2.4.i386.rpm
54b1730c9ce4b17df7a8f3531f27cc83 i386/debug/php-debuginfo-4.3.11-2.4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

--
fedora-announce-list mailing list
fedora-announce-list@redhat.com
http://www.redhat.com/mailman/listinfo/fedora-announce-list
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung