Red Hat 9042 Published by

A php security update has been released for Red Hat Enterprise Linux

----------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: php security update
Advisory ID: RHSA-2005:564-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2005-564.html
Issue date: 2005-07-07
Updated on: 2005-07-07
Product: Red Hat Enterprise Linux
CVE Names: CAN-2005-1751 CAN-2005-1921
----------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix two security issues are now available.

This update has been rated as having important security impact by the Red Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64



3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.

A bug was discovered in the PEAR XML-RPC Server package included in PHP. If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1921 to this issue.

When using the default SELinux "targeted" policy on Red Hat Enterprise Linux 4, the impact of this issue is reduced since the scripts executed by PHP are constrained within the httpd_sys_script_t security context.

A race condition in temporary file handling was discovered in the shtool script installed by PHP. If a third-party PHP module which uses shtool was compiled as root, a local user may be able to modify arbitrary files. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-1751 to this issue.

Users of PHP should upgrade to these updated packages, which contain backported fixes for these issues.

4. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

158904 - Incorrect descriptions for php-ncurses and php-gd packages
159000 - CAN-2005-1751 shtool insecure temporary file creation
162044 - CAN-2005-1921 PHP PEAR XML_RPC arbitrary code execution


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-24.ent.src.rpm
f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm

i386:
2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm
6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm
9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm
0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm
b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm
f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm
40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm

ia64:
bf9edcc8bad65c24a5d77a566c7281da php-4.3.2-24.ent.ia64.rpm
67d1d83ec5bfdde928b93f17f99e7d0f php-devel-4.3.2-24.ent.ia64.rpm
993ac980c57bd02389ac6385e6d84bdf php-imap-4.3.2-24.ent.ia64.rpm
2fe28abe48e7ea6f575e620c01684868 php-ldap-4.3.2-24.ent.ia64.rpm
bcbff7dc5e2d275d4009fed1a7a0f649 php-mysql-4.3.2-24.ent.ia64.rpm
d964fb8b9cf5b57d2c88240dc3f3cc1c php-odbc-4.3.2-24.ent.ia64.rpm
89bf421c9a0c94cce92273234ac505f1 php-pgsql-4.3.2-24.ent.ia64.rpm

ppc:
c5e7bcb825c95e74da277c3d19a3d4d5 php-4.3.2-24.ent.ppc.rpm
01a8744c7a8ff98af61c95201498c525 php-devel-4.3.2-24.ent.ppc.rpm
578871a86d0439704e9014d419e6b9fc php-imap-4.3.2-24.ent.ppc.rpm
cb801002f101b54b0b5dcb3c41df8de3 php-ldap-4.3.2-24.ent.ppc.rpm
b2b3d9fd1b64470d3b1b7ffecf07f028 php-mysql-4.3.2-24.ent.ppc.rpm
3fc69bdaffaabd90bbc1191c2725d552 php-odbc-4.3.2-24.ent.ppc.rpm
5116dab82f8b99b6c8e988934a00b683 php-pgsql-4.3.2-24.ent.ppc.rpm

s390:
50176f1192af0aeb6d72ea9245d0da62 php-4.3.2-24.ent.s390.rpm
457b588fc3df06385ae1146ca8c17ad4 php-devel-4.3.2-24.ent.s390.rpm
03ebdae3cbd4b5513b403b094af72348 php-imap-4.3.2-24.ent.s390.rpm
2ada8ab314aeb929fcac760bd817c754 php-ldap-4.3.2-24.ent.s390.rpm
024f9581408a8af35fb138902fbc8963 php-mysql-4.3.2-24.ent.s390.rpm
525e6ce35913dd0874173615f3c38862 php-odbc-4.3.2-24.ent.s390.rpm
4942a24e8f236483fa98104fff73c030 php-pgsql-4.3.2-24.ent.s390.rpm

s390x:
dbf0f7b8622ab9afc1bb0813f148839e php-4.3.2-24.ent.s390x.rpm
52e3e4da8f008924d28c8aac308c8712 php-devel-4.3.2-24.ent.s390x.rpm
70456a949a2e08a9beb79abe8f2f054b php-imap-4.3.2-24.ent.s390x.rpm
32fc1e42fcfa36ae908aba0588b33d32 php-ldap-4.3.2-24.ent.s390x.rpm
aa1da593d994fedff26812ca5f73a997 php-mysql-4.3.2-24.ent.s390x.rpm
2fed2e7c1d7119ec16470c87f96291d1 php-odbc-4.3.2-24.ent.s390x.rpm
8c75c6b45244b9fcdc57489c08207694 php-pgsql-4.3.2-24.ent.s390x.rpm

x86_64:
42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm
4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm
cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm
b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm
19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm
08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm
e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-24.ent.src.rpm
f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm

i386:
2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm
6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm
9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm
0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm
b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm
f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm
40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm

x86_64:
42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm
4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm
cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm
b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm
19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm
08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm
e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-24.ent.src.rpm
f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm

i386:
2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm
6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm
9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm
0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm
b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm
f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm
40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm

ia64:
bf9edcc8bad65c24a5d77a566c7281da php-4.3.2-24.ent.ia64.rpm
67d1d83ec5bfdde928b93f17f99e7d0f php-devel-4.3.2-24.ent.ia64.rpm
993ac980c57bd02389ac6385e6d84bdf php-imap-4.3.2-24.ent.ia64.rpm
2fe28abe48e7ea6f575e620c01684868 php-ldap-4.3.2-24.ent.ia64.rpm
bcbff7dc5e2d275d4009fed1a7a0f649 php-mysql-4.3.2-24.ent.ia64.rpm
d964fb8b9cf5b57d2c88240dc3f3cc1c php-odbc-4.3.2-24.ent.ia64.rpm
89bf421c9a0c94cce92273234ac505f1 php-pgsql-4.3.2-24.ent.ia64.rpm

x86_64:
42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm
4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm
cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm
b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm
19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm
08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm
e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-24.ent.src.rpm
f1cfc8d156f05e5c5335b77e908abb74 php-4.3.2-24.ent.src.rpm

i386:
2c832233eb906bb908834f02b49cf8d7 php-4.3.2-24.ent.i386.rpm
6bae0be978ef769933258cf5726d55ee php-devel-4.3.2-24.ent.i386.rpm
9e32e325ba17d4474f548f7b640c3281 php-imap-4.3.2-24.ent.i386.rpm
0f9565ad72a11b3be701165911c4fcc3 php-ldap-4.3.2-24.ent.i386.rpm
b7779c8914c75d57bf5d26b0aa179411 php-mysql-4.3.2-24.ent.i386.rpm
f0a1131f9993e77d85f8005a6fda53f1 php-odbc-4.3.2-24.ent.i386.rpm
40e58d2017985f005e16e6fcf4753329 php-pgsql-4.3.2-24.ent.i386.rpm

ia64:
bf9edcc8bad65c24a5d77a566c7281da php-4.3.2-24.ent.ia64.rpm
67d1d83ec5bfdde928b93f17f99e7d0f php-devel-4.3.2-24.ent.ia64.rpm
993ac980c57bd02389ac6385e6d84bdf php-imap-4.3.2-24.ent.ia64.rpm
2fe28abe48e7ea6f575e620c01684868 php-ldap-4.3.2-24.ent.ia64.rpm
bcbff7dc5e2d275d4009fed1a7a0f649 php-mysql-4.3.2-24.ent.ia64.rpm
d964fb8b9cf5b57d2c88240dc3f3cc1c php-odbc-4.3.2-24.ent.ia64.rpm
89bf421c9a0c94cce92273234ac505f1 php-pgsql-4.3.2-24.ent.ia64.rpm

x86_64:
42c173f2c67e94a1a509d1bcadb8f510 php-4.3.2-24.ent.x86_64.rpm
4a62a390d57fb2978f113d047eb3fa19 php-devel-4.3.2-24.ent.x86_64.rpm
cea3feea684963db599cab4020386ed1 php-imap-4.3.2-24.ent.x86_64.rpm
b54a4819c8c963c77149dc485e85cfe3 php-ldap-4.3.2-24.ent.x86_64.rpm
19f0c16a227a41fa1caee1e69de26893 php-mysql-4.3.2-24.ent.x86_64.rpm
08878e694d2bfbf830135ce1baf26fdd php-odbc-4.3.2-24.ent.x86_64.rpm
e4859d51fbcfcdad8f6be906365e04a5 php-pgsql-4.3.2-24.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.7.src.rpm
7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm

i386:
8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm
7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm
b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm
0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm
d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm
ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm
b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm
5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm
df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm
3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm
0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm
316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm
e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm
67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm

ia64:
410b0e9d8a099cd5d8a0f37afccfbcd0 php-4.3.9-3.7.ia64.rpm
58e9f505cf765fc639e41d71e8639156 php-devel-4.3.9-3.7.ia64.rpm
4de3a1a48b4158c7ba3c13cd026f37f4 php-domxml-4.3.9-3.7.ia64.rpm
5291135ea39a2a9fe4f0af2fc57c9b61 php-gd-4.3.9-3.7.ia64.rpm
7d38c8bf8b78e115077811d7a278dfa2 php-imap-4.3.9-3.7.ia64.rpm
4fdbd0f6612aa22643cb7b20a65c17b7 php-ldap-4.3.9-3.7.ia64.rpm
4f663052297e30e3416d966292178e63 php-mbstring-4.3.9-3.7.ia64.rpm
7da544253feee4a1b34b0fd340f228c2 php-mysql-4.3.9-3.7.ia64.rpm
5a4ed5f91f667344a29f2edd000f01c6 php-ncurses-4.3.9-3.7.ia64.rpm
27adbd1e9d30eb164e1873ab58ab0a25 php-odbc-4.3.9-3.7.ia64.rpm
8f440b7591f8d7678f6732f79a1497cc php-pear-4.3.9-3.7.ia64.rpm
ef486b5089d644697a7384fd3c5b3c5a php-pgsql-4.3.9-3.7.ia64.rpm
c9f8e7537336f293b93665bdd65f99f8 php-snmp-4.3.9-3.7.ia64.rpm
98f7065ed3ef6f5501684a5598c03479 php-xmlrpc-4.3.9-3.7.ia64.rpm

ppc:
9b767d6b7cc8169c7500af5ec54440bd php-4.3.9-3.7.ppc.rpm
520efe3d7aa43f658438db2124bb2e89 php-devel-4.3.9-3.7.ppc.rpm
29263976528e49b8cba91e777b23d6d5 php-domxml-4.3.9-3.7.ppc.rpm
651290657f9f3efe4e298ec00adafe1a php-gd-4.3.9-3.7.ppc.rpm
8ff5fceb90bc9a470fc96b09e914dd29 php-imap-4.3.9-3.7.ppc.rpm
067d6aec5c880d76037104ee7aff36fc php-ldap-4.3.9-3.7.ppc.rpm
4c01da7a962c99dabd718eaa4d1a770c php-mbstring-4.3.9-3.7.ppc.rpm
437bffdd9d3f6d199a361db3701e855e php-mysql-4.3.9-3.7.ppc.rpm
deab11841419e619452c48a81449401a php-ncurses-4.3.9-3.7.ppc.rpm
8da559385e89177cc916d9958a5562fd php-odbc-4.3.9-3.7.ppc.rpm
9cbfe13f588ab2dd5681de604be35906 php-pear-4.3.9-3.7.ppc.rpm
c8ff870fddcea9727d4efa29556487ef php-pgsql-4.3.9-3.7.ppc.rpm
7b37f9cd955ee99ef460cb71853ec46f php-snmp-4.3.9-3.7.ppc.rpm
33a3d25709154521ced462debb453046 php-xmlrpc-4.3.9-3.7.ppc.rpm

s390:
cb912cb18556828f579763c57894085c php-4.3.9-3.7.s390.rpm
d958230d42baf65357cb853d0c1c9640 php-devel-4.3.9-3.7.s390.rpm
3d8e25de53579e9439a479c9ee27aa5c php-domxml-4.3.9-3.7.s390.rpm
32c159e9f339f6012c8c9b21f0885e51 php-gd-4.3.9-3.7.s390.rpm
b01e429ee34648452f97b749dd175967 php-imap-4.3.9-3.7.s390.rpm
5ce501c28f62774fdf2923a2ec1ddb80 php-ldap-4.3.9-3.7.s390.rpm
974155dc8e6ebcf62bf64803966c024b php-mbstring-4.3.9-3.7.s390.rpm
4a9961cb08a84c864a508a90fa805b25 php-mysql-4.3.9-3.7.s390.rpm
7988dac4cbfda1ae37f291f92fff8a60 php-ncurses-4.3.9-3.7.s390.rpm
84e58c44ea8f26700fb58c8321b4bed4 php-odbc-4.3.9-3.7.s390.rpm
c6af35745c56c2f10052f6e3d6417992 php-pear-4.3.9-3.7.s390.rpm
447e4d38ca1230e046513c2c08830d7a php-pgsql-4.3.9-3.7.s390.rpm
3f7c23b552ceff684bb21e5115ee0bc5 php-snmp-4.3.9-3.7.s390.rpm
0246b3e8171f4b9a490502f1874e9840 php-xmlrpc-4.3.9-3.7.s390.rpm

s390x:
0bb83d7489d27b060b92cf86b1efddb6 php-4.3.9-3.7.s390x.rpm
b638c7c0d9ba77ddbccf2cb84a159015 php-devel-4.3.9-3.7.s390x.rpm
382d058aaa5f89a3ec4585c919c86803 php-domxml-4.3.9-3.7.s390x.rpm
f970b6e56b71b64c96cbb3bfae04b451 php-gd-4.3.9-3.7.s390x.rpm
a725286bb6807e77fab312bef07a64cc php-imap-4.3.9-3.7.s390x.rpm
4f209a066beb07bc1caf0edc31fd152a php-ldap-4.3.9-3.7.s390x.rpm
7fe2d9f955a012604fdcf5b1530986f4 php-mbstring-4.3.9-3.7.s390x.rpm
f2b4cb261fc78aef254043c3c226a094 php-mysql-4.3.9-3.7.s390x.rpm
879d75684edc4865a56a9d62bc76c2e4 php-ncurses-4.3.9-3.7.s390x.rpm
ffb67a20f14362d890073c1673384a20 php-odbc-4.3.9-3.7.s390x.rpm
f664e7ba528e01d83597724518258d12 php-pear-4.3.9-3.7.s390x.rpm
a0d2d00384ba23ad1cd55065b827ab89 php-pgsql-4.3.9-3.7.s390x.rpm
69521c6628814ad1636277f6d36decaa php-snmp-4.3.9-3.7.s390x.rpm
32288a3119a5073e36a141a06a06c2d6 php-xmlrpc-4.3.9-3.7.s390x.rpm

x86_64:
da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm
3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm
74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm
2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm
485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm
435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm
ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm
dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm
4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm
a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm
347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm
bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm
7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm
88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.7.src.rpm
7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm

i386:
8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm
7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm
b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm
0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm
d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm
ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm
b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm
5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm
df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm
3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm
0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm
316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm
e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm
67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm

x86_64:
da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm
3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm
74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm
2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm
485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm
435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm
ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm
dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm
4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm
a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm
347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm
bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm
7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm
88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.7.src.rpm
7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm

i386:
8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm
7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm
b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm
0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm
d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm
ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm
b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm
5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm
df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm
3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm
0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm
316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm
e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm
67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm

ia64:
410b0e9d8a099cd5d8a0f37afccfbcd0 php-4.3.9-3.7.ia64.rpm
58e9f505cf765fc639e41d71e8639156 php-devel-4.3.9-3.7.ia64.rpm
4de3a1a48b4158c7ba3c13cd026f37f4 php-domxml-4.3.9-3.7.ia64.rpm
5291135ea39a2a9fe4f0af2fc57c9b61 php-gd-4.3.9-3.7.ia64.rpm
7d38c8bf8b78e115077811d7a278dfa2 php-imap-4.3.9-3.7.ia64.rpm
4fdbd0f6612aa22643cb7b20a65c17b7 php-ldap-4.3.9-3.7.ia64.rpm
4f663052297e30e3416d966292178e63 php-mbstring-4.3.9-3.7.ia64.rpm
7da544253feee4a1b34b0fd340f228c2 php-mysql-4.3.9-3.7.ia64.rpm
5a4ed5f91f667344a29f2edd000f01c6 php-ncurses-4.3.9-3.7.ia64.rpm
27adbd1e9d30eb164e1873ab58ab0a25 php-odbc-4.3.9-3.7.ia64.rpm
8f440b7591f8d7678f6732f79a1497cc php-pear-4.3.9-3.7.ia64.rpm
ef486b5089d644697a7384fd3c5b3c5a php-pgsql-4.3.9-3.7.ia64.rpm
c9f8e7537336f293b93665bdd65f99f8 php-snmp-4.3.9-3.7.ia64.rpm
98f7065ed3ef6f5501684a5598c03479 php-xmlrpc-4.3.9-3.7.ia64.rpm

x86_64:
da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm
3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm
74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm
2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm
485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm
435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm
ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm
dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm
4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm
a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm
347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm
bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm
7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm
88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.7.src.rpm
7b6c0d2a2dad4ab3a99d947ffef9156c php-4.3.9-3.7.src.rpm

i386:
8d9da71fa1217dd627936f1c82be8d86 php-4.3.9-3.7.i386.rpm
7b60f885677095a8e37725ae5dc2cf0d php-devel-4.3.9-3.7.i386.rpm
b2dada766347db8db2bd29feb3155775 php-domxml-4.3.9-3.7.i386.rpm
0fac4ce7d155a942c7169f915469f572 php-gd-4.3.9-3.7.i386.rpm
d0abc03d91ca6b51a4a5e9f4a25010f5 php-imap-4.3.9-3.7.i386.rpm
ce690b68f90e1541ec002b9ed67617ff php-ldap-4.3.9-3.7.i386.rpm
b59e374eb37d95830df67b1c215ecf87 php-mbstring-4.3.9-3.7.i386.rpm
5deb85d98df958fe5f3ee86876367e1c php-mysql-4.3.9-3.7.i386.rpm
df189d05b000685a057ae7ef35461316 php-ncurses-4.3.9-3.7.i386.rpm
3e5f29ffa6de2d6614bbe32f3cb387d5 php-odbc-4.3.9-3.7.i386.rpm
0b890cba22610dada87a3aca35b0981a php-pear-4.3.9-3.7.i386.rpm
316a4281a22833468f382b2f8c3cd23c php-pgsql-4.3.9-3.7.i386.rpm
e8ad69614176b25550d713dc1ebfedb0 php-snmp-4.3.9-3.7.i386.rpm
67220ba9fc6c152326c3aa63acceef9c php-xmlrpc-4.3.9-3.7.i386.rpm

ia64:
410b0e9d8a099cd5d8a0f37afccfbcd0 php-4.3.9-3.7.ia64.rpm
58e9f505cf765fc639e41d71e8639156 php-devel-4.3.9-3.7.ia64.rpm
4de3a1a48b4158c7ba3c13cd026f37f4 php-domxml-4.3.9-3.7.ia64.rpm
5291135ea39a2a9fe4f0af2fc57c9b61 php-gd-4.3.9-3.7.ia64.rpm
7d38c8bf8b78e115077811d7a278dfa2 php-imap-4.3.9-3.7.ia64.rpm
4fdbd0f6612aa22643cb7b20a65c17b7 php-ldap-4.3.9-3.7.ia64.rpm
4f663052297e30e3416d966292178e63 php-mbstring-4.3.9-3.7.ia64.rpm
7da544253feee4a1b34b0fd340f228c2 php-mysql-4.3.9-3.7.ia64.rpm
5a4ed5f91f667344a29f2edd000f01c6 php-ncurses-4.3.9-3.7.ia64.rpm
27adbd1e9d30eb164e1873ab58ab0a25 php-odbc-4.3.9-3.7.ia64.rpm
8f440b7591f8d7678f6732f79a1497cc php-pear-4.3.9-3.7.ia64.rpm
ef486b5089d644697a7384fd3c5b3c5a php-pgsql-4.3.9-3.7.ia64.rpm
c9f8e7537336f293b93665bdd65f99f8 php-snmp-4.3.9-3.7.ia64.rpm
98f7065ed3ef6f5501684a5598c03479 php-xmlrpc-4.3.9-3.7.ia64.rpm

x86_64:
da47c875380da00b7482d94f6200df9d php-4.3.9-3.7.x86_64.rpm
3a9b3b7a862b3600cdd8ade7311a204e php-devel-4.3.9-3.7.x86_64.rpm
74955592ca8e886ff999a639d19daa6e php-domxml-4.3.9-3.7.x86_64.rpm
2b989f68bea4aa3bace67f4ced1d361c php-gd-4.3.9-3.7.x86_64.rpm
485af31fbd8a3577b4185363916d1e77 php-imap-4.3.9-3.7.x86_64.rpm
435369aa3c43c51f29e58f0ce895d967 php-ldap-4.3.9-3.7.x86_64.rpm
ada66b18d904dd331a64580a77318dc0 php-mbstring-4.3.9-3.7.x86_64.rpm
dcb189740fddd778372f123466707df3 php-mysql-4.3.9-3.7.x86_64.rpm
4f96bb6806427d9793ac00e0416c719f php-ncurses-4.3.9-3.7.x86_64.rpm
a7711e81a078394ade5bfcb23e6bea01 php-odbc-4.3.9-3.7.x86_64.rpm
347dcbb53e3345b59325807bbeb849a7 php-pear-4.3.9-3.7.x86_64.rpm
bd8561da78d9a8295df2c788053008e1 php-pgsql-4.3.9-3.7.x86_64.rpm
7f9c72c815ee0e5e121671b78f724989 php-snmp-4.3.9-3.7.x86_64.rpm
88090da9e26232cfc4adc86e35271b9d php-xmlrpc-4.3.9-3.7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1751
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.