A PHP security update has been released for Red HAt Enterprise Linux 4
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Moderate: PHP security update
Advisory ID: RHSA-2005:406-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-406.html
Issue date: 2005-05-04
Updated on: 2005-05-04
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-1392 CAN-2005-0524 CAN-2005-0525 CAN-2005-1042 CAN-2005-1043
----------------------------------------------------------------------
1. Summary:
Updated PHP packages that fix various security issues are now available.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.
A bug was found in the way PHP processes IFF and JPEG images. It is possible to cause PHP to consume CPU resources for a short period of time by supplying a carefully crafted IFF or JPEG image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0524 and CAN-2005-0525 to these issues.
A buffer overflow bug was also found in the way PHP processes EXIF image headers. It is possible for an attacker to construct an image file in such a way it could execute arbitrary instructions when processed by PHP. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1042 to this issue.
A denial of service bug was found in the way PHP processes EXIF image headers. It is possible for an attacker to cause PHP to enter an infinite loop for a short period of time by supplying a carefully crafted image file to PHP for processing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1043 to this issue.
Several bug fixes are also included in this update:
- - some performance issues in the unserialize() function have been fixed
- - the behaviour of the interpreter when handling integer overflow during conversion of a floating variable to an integer has been reverted to match the behaviour used upstream; the integer will now be wrapped rather than truncated
- - a fix for the virtual() function in the Apache httpd module which would flush the response prematurely
- - the hard-coded default "safe mode" setting is now "disabled" rather than "enabled"; to match the default /etc/php.ini setting
- - in the curl extension, safe mode was not enforced for 'file:///' URL lookups (CAN-2004-1392).
Users of PHP should upgrade to these updated packages, which contain backported fixes for these issues.
4. Solution:
Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
153140 - CAN-2005-0524 PHP getimagesize() Multiple Denial of Service Vulnerabilities CAN-2005-0525
154021 - CAN-2005-1042 PHP exif buffer overflow
154025 - CAN-2005-1043 PHP exif infinite stack recursion
153108 - Error in configure prevents php SRPM rebuild on x86_64 w/ mssql module
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
ia64:
ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm
edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm
b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm
5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm
8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm
8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm
702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm
4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm
a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm
d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm
5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm
c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm
d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm
c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm
ppc:
ede8214fb515e266ad136e0b1b09e32d php-4.3.9-3.6.ppc.rpm
eef46e64ddfc55cfbf7222097db2a7cc php-devel-4.3.9-3.6.ppc.rpm
46f381bc8a436d716f85929cae872d1e php-domxml-4.3.9-3.6.ppc.rpm
a4150d0a17884105b01fa3d22d0d7167 php-gd-4.3.9-3.6.ppc.rpm
a370de5427bae762e7df6b82fb6be871 php-imap-4.3.9-3.6.ppc.rpm
7ae574dea5a63d621b58cea3adff2389 php-ldap-4.3.9-3.6.ppc.rpm
4782b4e5bc81da7a38f6afd33b30fff4 php-mbstring-4.3.9-3.6.ppc.rpm
ac87e3535affd8cc4d2df68e6459cadf php-mysql-4.3.9-3.6.ppc.rpm
dbf229c34dcd81904992f9e8c8850c8b php-ncurses-4.3.9-3.6.ppc.rpm
5323449a1500ce2967dea7b6c1071b99 php-odbc-4.3.9-3.6.ppc.rpm
6f71d37033929f5a365953dac0061d44 php-pear-4.3.9-3.6.ppc.rpm
a5b319e2e00b379bf4046a34fa97ee0b php-pgsql-4.3.9-3.6.ppc.rpm
d2f65ab2a6d501c92192924a6c07a7fe php-snmp-4.3.9-3.6.ppc.rpm
5bf06ac7bc707b606f6692ff991cef12 php-xmlrpc-4.3.9-3.6.ppc.rpm
s390:
510fa9fa6249b9da36e0e642a4b4c65b php-4.3.9-3.6.s390.rpm
ba5b1804681cd24b7db772775fbba22e php-devel-4.3.9-3.6.s390.rpm
8cc4e9be48f3ef0571b3354bcaffbd95 php-domxml-4.3.9-3.6.s390.rpm
625509481232205bdb863e1e6e22afae php-gd-4.3.9-3.6.s390.rpm
7983b29819c09a252e47172190c80d81 php-imap-4.3.9-3.6.s390.rpm
567ec382643db941f83abf8f16edc6c0 php-ldap-4.3.9-3.6.s390.rpm
05d4f05fc4c4094a06f1b8207f9ad89d php-mbstring-4.3.9-3.6.s390.rpm
d53ffa2d6e0923e7166c8022bbc30a4d php-mysql-4.3.9-3.6.s390.rpm
a89757eeb6436209123b2036d749a764 php-ncurses-4.3.9-3.6.s390.rpm
c682bf5b7279171e62f8d87cb70be19d php-odbc-4.3.9-3.6.s390.rpm
45384794b6a55f3d1b8a3ea21df42426 php-pear-4.3.9-3.6.s390.rpm
da312b4db79a2f9afe110e2fcbc56192 php-pgsql-4.3.9-3.6.s390.rpm
085d9f402800236a472f019735a11f50 php-snmp-4.3.9-3.6.s390.rpm
c605a266583b2df2f1c1c91dafb83754 php-xmlrpc-4.3.9-3.6.s390.rpm
s390x:
902564cdf58b6cb0f89cd5f38623a8ab php-4.3.9-3.6.s390x.rpm
e080ca24c93f9a18dbb38e9d24d3611d php-devel-4.3.9-3.6.s390x.rpm
86985195834fed37a74cce10dc27e5f0 php-domxml-4.3.9-3.6.s390x.rpm
f957b6e31cd779e40af80ec2df8edd80 php-gd-4.3.9-3.6.s390x.rpm
c07157fa45efa675c4d5a0756556744e php-imap-4.3.9-3.6.s390x.rpm
7f294299196a582156b00e024203db11 php-ldap-4.3.9-3.6.s390x.rpm
8945c474ccb0d4bd9c075b70a35d4f61 php-mbstring-4.3.9-3.6.s390x.rpm
37ea59a51039caa0598b499386dcb9e8 php-mysql-4.3.9-3.6.s390x.rpm
fab10b9b14e2198173f05bc558707426 php-ncurses-4.3.9-3.6.s390x.rpm
01b6987c00cd409792ed892edf6af0e9 php-odbc-4.3.9-3.6.s390x.rpm
3859d5435c30ecbf81a91a475c7cc884 php-pear-4.3.9-3.6.s390x.rpm
8aca4a1314205f0d5b27d750f5b81aaf php-pgsql-4.3.9-3.6.s390x.rpm
03367720dabc350dd390ce9381009978 php-snmp-4.3.9-3.6.s390x.rpm
bcef904a595e3426e89a811d95e1e2cf php-xmlrpc-4.3.9-3.6.s390x.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
ia64:
ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm
edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm
b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm
5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm
8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm
8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm
702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm
4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm
a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm
d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm
5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm
c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm
d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm
c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
ia64:
ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm
edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm
b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm
5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm
8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm
8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm
702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm
4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm
a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm
d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm
5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm
c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm
d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm
c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/
Copyright 2005 Red Hat, Inc.
----------------------------------------------------------------------
Red Hat Security Advisory
Synopsis: Moderate: PHP security update
Advisory ID: RHSA-2005:406-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-406.html
Issue date: 2005-05-04
Updated on: 2005-05-04
Product: Red Hat Enterprise Linux
CVE Names: CAN-2004-1392 CAN-2005-0524 CAN-2005-0525 CAN-2005-1042 CAN-2005-1043
----------------------------------------------------------------------
1. Summary:
Updated PHP packages that fix various security issues are now available.
This update has been rated as having moderate security impact by the Red Hat Security Response Team.
2. Relevant releases/architectures:
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
3. Problem description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.
A bug was found in the way PHP processes IFF and JPEG images. It is possible to cause PHP to consume CPU resources for a short period of time by supplying a carefully crafted IFF or JPEG image. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the names CAN-2005-0524 and CAN-2005-0525 to these issues.
A buffer overflow bug was also found in the way PHP processes EXIF image headers. It is possible for an attacker to construct an image file in such a way it could execute arbitrary instructions when processed by PHP. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1042 to this issue.
A denial of service bug was found in the way PHP processes EXIF image headers. It is possible for an attacker to cause PHP to enter an infinite loop for a short period of time by supplying a carefully crafted image file to PHP for processing. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1043 to this issue.
Several bug fixes are also included in this update:
- - some performance issues in the unserialize() function have been fixed
- - the behaviour of the interpreter when handling integer overflow during conversion of a floating variable to an integer has been reverted to match the behaviour used upstream; the integer will now be wrapped rather than truncated
- - a fix for the virtual() function in the Apache httpd module which would flush the response prematurely
- - the hard-coded default "safe mode" setting is now "disabled" rather than "enabled"; to match the default /etc/php.ini setting
- - in the curl extension, safe mode was not enforced for 'file:///' URL lookups (CAN-2004-1392).
Users of PHP should upgrade to these updated packages, which contain backported fixes for these issues.
4. Solution:
Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use the following command:
up2date
For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system:
http://www.redhat.com/docs/manuals/enterprise/
5. Bug IDs fixed (http://bugzilla.redhat.com/):
153140 - CAN-2005-0524 PHP getimagesize() Multiple Denial of Service Vulnerabilities CAN-2005-0525
154021 - CAN-2005-1042 PHP exif buffer overflow
154025 - CAN-2005-1043 PHP exif infinite stack recursion
153108 - Error in configure prevents php SRPM rebuild on x86_64 w/ mssql module
6. RPMs required:
Red Hat Enterprise Linux AS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
ia64:
ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm
edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm
b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm
5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm
8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm
8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm
702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm
4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm
a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm
d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm
5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm
c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm
d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm
c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm
ppc:
ede8214fb515e266ad136e0b1b09e32d php-4.3.9-3.6.ppc.rpm
eef46e64ddfc55cfbf7222097db2a7cc php-devel-4.3.9-3.6.ppc.rpm
46f381bc8a436d716f85929cae872d1e php-domxml-4.3.9-3.6.ppc.rpm
a4150d0a17884105b01fa3d22d0d7167 php-gd-4.3.9-3.6.ppc.rpm
a370de5427bae762e7df6b82fb6be871 php-imap-4.3.9-3.6.ppc.rpm
7ae574dea5a63d621b58cea3adff2389 php-ldap-4.3.9-3.6.ppc.rpm
4782b4e5bc81da7a38f6afd33b30fff4 php-mbstring-4.3.9-3.6.ppc.rpm
ac87e3535affd8cc4d2df68e6459cadf php-mysql-4.3.9-3.6.ppc.rpm
dbf229c34dcd81904992f9e8c8850c8b php-ncurses-4.3.9-3.6.ppc.rpm
5323449a1500ce2967dea7b6c1071b99 php-odbc-4.3.9-3.6.ppc.rpm
6f71d37033929f5a365953dac0061d44 php-pear-4.3.9-3.6.ppc.rpm
a5b319e2e00b379bf4046a34fa97ee0b php-pgsql-4.3.9-3.6.ppc.rpm
d2f65ab2a6d501c92192924a6c07a7fe php-snmp-4.3.9-3.6.ppc.rpm
5bf06ac7bc707b606f6692ff991cef12 php-xmlrpc-4.3.9-3.6.ppc.rpm
s390:
510fa9fa6249b9da36e0e642a4b4c65b php-4.3.9-3.6.s390.rpm
ba5b1804681cd24b7db772775fbba22e php-devel-4.3.9-3.6.s390.rpm
8cc4e9be48f3ef0571b3354bcaffbd95 php-domxml-4.3.9-3.6.s390.rpm
625509481232205bdb863e1e6e22afae php-gd-4.3.9-3.6.s390.rpm
7983b29819c09a252e47172190c80d81 php-imap-4.3.9-3.6.s390.rpm
567ec382643db941f83abf8f16edc6c0 php-ldap-4.3.9-3.6.s390.rpm
05d4f05fc4c4094a06f1b8207f9ad89d php-mbstring-4.3.9-3.6.s390.rpm
d53ffa2d6e0923e7166c8022bbc30a4d php-mysql-4.3.9-3.6.s390.rpm
a89757eeb6436209123b2036d749a764 php-ncurses-4.3.9-3.6.s390.rpm
c682bf5b7279171e62f8d87cb70be19d php-odbc-4.3.9-3.6.s390.rpm
45384794b6a55f3d1b8a3ea21df42426 php-pear-4.3.9-3.6.s390.rpm
da312b4db79a2f9afe110e2fcbc56192 php-pgsql-4.3.9-3.6.s390.rpm
085d9f402800236a472f019735a11f50 php-snmp-4.3.9-3.6.s390.rpm
c605a266583b2df2f1c1c91dafb83754 php-xmlrpc-4.3.9-3.6.s390.rpm
s390x:
902564cdf58b6cb0f89cd5f38623a8ab php-4.3.9-3.6.s390x.rpm
e080ca24c93f9a18dbb38e9d24d3611d php-devel-4.3.9-3.6.s390x.rpm
86985195834fed37a74cce10dc27e5f0 php-domxml-4.3.9-3.6.s390x.rpm
f957b6e31cd779e40af80ec2df8edd80 php-gd-4.3.9-3.6.s390x.rpm
c07157fa45efa675c4d5a0756556744e php-imap-4.3.9-3.6.s390x.rpm
7f294299196a582156b00e024203db11 php-ldap-4.3.9-3.6.s390x.rpm
8945c474ccb0d4bd9c075b70a35d4f61 php-mbstring-4.3.9-3.6.s390x.rpm
37ea59a51039caa0598b499386dcb9e8 php-mysql-4.3.9-3.6.s390x.rpm
fab10b9b14e2198173f05bc558707426 php-ncurses-4.3.9-3.6.s390x.rpm
01b6987c00cd409792ed892edf6af0e9 php-odbc-4.3.9-3.6.s390x.rpm
3859d5435c30ecbf81a91a475c7cc884 php-pear-4.3.9-3.6.s390x.rpm
8aca4a1314205f0d5b27d750f5b81aaf php-pgsql-4.3.9-3.6.s390x.rpm
03367720dabc350dd390ce9381009978 php-snmp-4.3.9-3.6.s390x.rpm
bcef904a595e3426e89a811d95e1e2cf php-xmlrpc-4.3.9-3.6.s390x.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
Red Hat Enterprise Linux Desktop version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
Red Hat Enterprise Linux ES version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
ia64:
ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm
edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm
b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm
5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm
8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm
8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm
702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm
4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm
a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm
d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm
5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm
c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm
d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm
c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
Red Hat Enterprise Linux WS version 4:
SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.6.src.rpm
d5fe9ec64d9b088d33fba6b422692759 php-4.3.9-3.6.src.rpm
i386:
e6b3dec49276a9f55f649ee11ad9a57f php-4.3.9-3.6.i386.rpm
dec68f32f7b6a81ef65eba621fa1a0d9 php-devel-4.3.9-3.6.i386.rpm
c477c8715216df92374dd2eb8a413a1c php-domxml-4.3.9-3.6.i386.rpm
b280f4af2d6f4f22fe4166b551fd555f php-gd-4.3.9-3.6.i386.rpm
388d1fd84b71b73d08e1760c1c7631b0 php-imap-4.3.9-3.6.i386.rpm
68596bd50cf862b05f06aea2a50840fc php-ldap-4.3.9-3.6.i386.rpm
161ee9a99f1de705b0c29039433c5860 php-mbstring-4.3.9-3.6.i386.rpm
dd619659f914b0bb2b529953e96bc4c3 php-mysql-4.3.9-3.6.i386.rpm
f9c79b705fdf2cb6094c364de136dad1 php-ncurses-4.3.9-3.6.i386.rpm
6a6fa57c82b88efbbac814e85f87a437 php-odbc-4.3.9-3.6.i386.rpm
7a27e0a44227fc28f4f6359efea74ac0 php-pear-4.3.9-3.6.i386.rpm
f9af896be1f91ce5a86761c59abb5724 php-pgsql-4.3.9-3.6.i386.rpm
42c9c29f2a458e6135272129107d254a php-snmp-4.3.9-3.6.i386.rpm
b6358e214ce0b6fcd55326fe01f5b283 php-xmlrpc-4.3.9-3.6.i386.rpm
ia64:
ca48b359773117e4ac25c13674b8239a php-4.3.9-3.6.ia64.rpm
edf8a6473c645a320e56db25ee5c5f77 php-devel-4.3.9-3.6.ia64.rpm
b506cff6040c02c458614709f93deb72 php-domxml-4.3.9-3.6.ia64.rpm
5b996f675e56b1fd9c41728369d2f695 php-gd-4.3.9-3.6.ia64.rpm
8f51d934a3565e140eea30c606f9578b php-imap-4.3.9-3.6.ia64.rpm
8c53a9213e712ee18c732703315c70f2 php-ldap-4.3.9-3.6.ia64.rpm
702bd6a773d83bf3cad7a6ed88053a20 php-mbstring-4.3.9-3.6.ia64.rpm
4cbcc793616a3efe929a27ed97ac5dc7 php-mysql-4.3.9-3.6.ia64.rpm
a6d4bebfdb50cb47d5c63b8e9e9fb067 php-ncurses-4.3.9-3.6.ia64.rpm
d84ce81aba2c288106c581fa860779f6 php-odbc-4.3.9-3.6.ia64.rpm
5a9ffec4e4d66303f6fb798fefb2cc92 php-pear-4.3.9-3.6.ia64.rpm
c3a8e95043607e36cc58c2c4231ec182 php-pgsql-4.3.9-3.6.ia64.rpm
d3a77b7803e095d07ebbc302e1d2375c php-snmp-4.3.9-3.6.ia64.rpm
c82f852d1d085813add96006b57b72f9 php-xmlrpc-4.3.9-3.6.ia64.rpm
x86_64:
36ad952143370c9681749219bfcc29b9 php-4.3.9-3.6.x86_64.rpm
4929a11c872deafc1ba16d6b50655979 php-devel-4.3.9-3.6.x86_64.rpm
24afded4f53e74ed856506525c259139 php-domxml-4.3.9-3.6.x86_64.rpm
f8c965c5c51f5b0d3878c4c0d4ac8c9b php-gd-4.3.9-3.6.x86_64.rpm
0465b619b7c336fa93bcfcf5efe4f1df php-imap-4.3.9-3.6.x86_64.rpm
a9d50a65606a521692f644a74a68ca62 php-ldap-4.3.9-3.6.x86_64.rpm
4d4bb76106ffc2e6681e392d399f1794 php-mbstring-4.3.9-3.6.x86_64.rpm
7de7ccad652ca3a20f3008c8d6114292 php-mysql-4.3.9-3.6.x86_64.rpm
cab9624b284fd3d48b0ddd8f79a6e9cb php-ncurses-4.3.9-3.6.x86_64.rpm
4ea2d7abdc356e4f2774fc015c61a780 php-odbc-4.3.9-3.6.x86_64.rpm
4ddb8fd7521302a6fdfdf64532f03097 php-pear-4.3.9-3.6.x86_64.rpm
c5d2da0d469a4b07914fbe7acbf8dd7f php-pgsql-4.3.9-3.6.x86_64.rpm
0a3316402b15ee07e8426840ca266f0a php-snmp-4.3.9-3.6.x86_64.rpm
191ae444e1a69424e6663ba1bc559e34 php-xmlrpc-4.3.9-3.6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package
7. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1392
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/
Copyright 2005 Red Hat, Inc.