Red Hat 9062 Published by

A new update is available for Red Hat Enterprise Linux. Here the announcement:



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: php security update
Advisory ID: RHSA-2007:0076-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0076.html
Issue date: 2007-02-19
Updated on: 2007-02-19
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-0906 CVE-2007-0907 CVE-2007-0908
CVE-2007-0909 CVE-2007-0910 CVE-2007-0988
- ---------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix several security issues are now available for
Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

A number of buffer overflow flaws were found in the PHP session extension,
the str_replace() function, and the imap_mail_compose() function.
If very long strings under the control of an attacker are passed to the
str_replace() function then an integer overflow could occur in memory
allocation. If a script uses the imap_mail_compose() function to create a
new MIME message based on an input body from an untrusted source, it could
result in a heap overflow. An attacker who is able to access a PHP
application affected by any these issues could trigger these flaws and
possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906)

If unserializing untrusted data on 64-bit platforms, the zend_hash_init()
function can be forced to enter an infinite loop, consuming CPU resources
for a limited length of time, until the script timeout alarm aborts
execution of the script. (CVE-2007-0988)

If the wddx extension is used to import WDDX data from an untrusted source,
certain WDDX input packets may allow a random portion of heap memory to be
exposed. (CVE-2007-0908)

If the odbc_result_all() function is used to display data from a database,
and the contents of the database table are under the control of an
attacker, a format string vulnerability is possible which could lead to the
execution of arbitrary code. (CVE-2007-0909)

A one byte memory read will always occur before the beginning of a buffer,
which could be triggered for example by any use of the header() function in
a script. However it is unlikely that this would have any effect.
(CVE-2007-0907)

Several flaws in PHP could allows attackers to "clobber" certain
super-global variables via unspecified vectors. (CVE-2007-0910)

Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.

Red Hat would like to thank Stefan Esser for his help diagnosing these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

228858 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988)

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-39.ent.src.rpm
334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm

i386:
4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm
b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm
ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm
475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm
de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm
f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm
366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm
5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm

ia64:
04df8afa411b481774159a6476ae3214 php-4.3.2-39.ent.ia64.rpm
3e83702897d41920353388bfe1aeb462 php-debuginfo-4.3.2-39.ent.ia64.rpm
2565b31e867991e88121b078a244cc79 php-devel-4.3.2-39.ent.ia64.rpm
3b1f70a9b262d767c34a75d8d6fe7fe6 php-imap-4.3.2-39.ent.ia64.rpm
4cfacf6c0a7ea7aa03d5586f713b3fb1 php-ldap-4.3.2-39.ent.ia64.rpm
5c4157bcd2ee71c720b2ffc53126a4a7 php-mysql-4.3.2-39.ent.ia64.rpm
144cbe6b4a99f94d2d1fc3e49b8253a7 php-odbc-4.3.2-39.ent.ia64.rpm
fdfe65bb679218761fafa7432a4e001f php-pgsql-4.3.2-39.ent.ia64.rpm

ppc:
7465741a07e8d5e5702f85c704ccc2bc php-4.3.2-39.ent.ppc.rpm
5ebfe076326477485cef095fc4c25b94 php-debuginfo-4.3.2-39.ent.ppc.rpm
571565d467036b47579c1508a3703015 php-devel-4.3.2-39.ent.ppc.rpm
c475fb7a8f81bb316593281efc5dda9f php-imap-4.3.2-39.ent.ppc.rpm
2412e790daa5951f66634ff70b61080d php-ldap-4.3.2-39.ent.ppc.rpm
82493eaf9f32662ed2742c8bf87f5067 php-mysql-4.3.2-39.ent.ppc.rpm
ff57932d8c7d20649ec6c8e8f47933b6 php-odbc-4.3.2-39.ent.ppc.rpm
f1c911a7f10b0fc5b52aba5515b44880 php-pgsql-4.3.2-39.ent.ppc.rpm

s390:
a2e29ef870928aa6b2feec96f69602bd php-4.3.2-39.ent.s390.rpm
b75b1c3ad2c470476f193c2be83b5a6f php-debuginfo-4.3.2-39.ent.s390.rpm
c78c492d448b3f654a23a895d4bfcef1 php-devel-4.3.2-39.ent.s390.rpm
a0d4c13550b9483d76ab30adb5546a27 php-imap-4.3.2-39.ent.s390.rpm
2931347356432db8c09726aedf8252ef php-ldap-4.3.2-39.ent.s390.rpm
5f67485c37b9ebf8583c61c8748667b3 php-mysql-4.3.2-39.ent.s390.rpm
864de5e6321e968c427ec10eadf18929 php-odbc-4.3.2-39.ent.s390.rpm
9c9659dd8ad1efe1f8125b437eb834b9 php-pgsql-4.3.2-39.ent.s390.rpm

s390x:
84217cb13326032f516c2080f81d07f0 php-4.3.2-39.ent.s390x.rpm
a9743a797892495c563b49777f0bfe7e php-debuginfo-4.3.2-39.ent.s390x.rpm
1e6d9d709d3fa232dbeb025837d8de88 php-devel-4.3.2-39.ent.s390x.rpm
58418ba5e99cdda2782bc978ae37c727 php-imap-4.3.2-39.ent.s390x.rpm
03b1e6d2b6191e50468c203ca7633894 php-ldap-4.3.2-39.ent.s390x.rpm
03048c57fd7d242fde135d1c418c7c5b php-mysql-4.3.2-39.ent.s390x.rpm
dde98c2319a57db8f94a90dd674c5837 php-odbc-4.3.2-39.ent.s390x.rpm
cada85f8c79710c38cba22fa1096a04c php-pgsql-4.3.2-39.ent.s390x.rpm

x86_64:
d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm
38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm
27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm
d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm
132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm
d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm
baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm
ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-39.ent.src.rpm
334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm

i386:
4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm
b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm
ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm
475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm
de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm
f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm
366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm
5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm

x86_64:
d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm
38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm
27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm
d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm
132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm
d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm
baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm
ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-39.ent.src.rpm
334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm

i386:
4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm
b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm
ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm
475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm
de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm
f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm
366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm
5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm

ia64:
04df8afa411b481774159a6476ae3214 php-4.3.2-39.ent.ia64.rpm
3e83702897d41920353388bfe1aeb462 php-debuginfo-4.3.2-39.ent.ia64.rpm
2565b31e867991e88121b078a244cc79 php-devel-4.3.2-39.ent.ia64.rpm
3b1f70a9b262d767c34a75d8d6fe7fe6 php-imap-4.3.2-39.ent.ia64.rpm
4cfacf6c0a7ea7aa03d5586f713b3fb1 php-ldap-4.3.2-39.ent.ia64.rpm
5c4157bcd2ee71c720b2ffc53126a4a7 php-mysql-4.3.2-39.ent.ia64.rpm
144cbe6b4a99f94d2d1fc3e49b8253a7 php-odbc-4.3.2-39.ent.ia64.rpm
fdfe65bb679218761fafa7432a4e001f php-pgsql-4.3.2-39.ent.ia64.rpm

x86_64:
d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm
38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm
27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm
d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm
132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm
d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm
baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm
ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-39.ent.src.rpm
334e0e7ff2f38110fb88e1083ba06e2e php-4.3.2-39.ent.src.rpm

i386:
4da9c3e985be256827b4fc3efb999381 php-4.3.2-39.ent.i386.rpm
b3063a608e6b7dd48145dcc6849f47c2 php-debuginfo-4.3.2-39.ent.i386.rpm
ed89834a88454fccbcd45d6003a4c769 php-devel-4.3.2-39.ent.i386.rpm
475ea2ea5ea293380d90cb6f1abef9f9 php-imap-4.3.2-39.ent.i386.rpm
de62a7d6c1904aa928fe98e0f9272439 php-ldap-4.3.2-39.ent.i386.rpm
f4b5bf5a21a529db128fec9123725c7b php-mysql-4.3.2-39.ent.i386.rpm
366dd5a2fa353a6f8a67477a00a21849 php-odbc-4.3.2-39.ent.i386.rpm
5f5fe2a3a77dd74582c1d8658320ba4c php-pgsql-4.3.2-39.ent.i386.rpm

ia64:
04df8afa411b481774159a6476ae3214 php-4.3.2-39.ent.ia64.rpm
3e83702897d41920353388bfe1aeb462 php-debuginfo-4.3.2-39.ent.ia64.rpm
2565b31e867991e88121b078a244cc79 php-devel-4.3.2-39.ent.ia64.rpm
3b1f70a9b262d767c34a75d8d6fe7fe6 php-imap-4.3.2-39.ent.ia64.rpm
4cfacf6c0a7ea7aa03d5586f713b3fb1 php-ldap-4.3.2-39.ent.ia64.rpm
5c4157bcd2ee71c720b2ffc53126a4a7 php-mysql-4.3.2-39.ent.ia64.rpm
144cbe6b4a99f94d2d1fc3e49b8253a7 php-odbc-4.3.2-39.ent.ia64.rpm
fdfe65bb679218761fafa7432a4e001f php-pgsql-4.3.2-39.ent.ia64.rpm

x86_64:
d1002b5ad6955cc920f9d0519d6e4c29 php-4.3.2-39.ent.x86_64.rpm
38e00f9bbbc328bcd61b20af896c3704 php-debuginfo-4.3.2-39.ent.x86_64.rpm
27f692d05bb39aa498c765a31846e330 php-devel-4.3.2-39.ent.x86_64.rpm
d1d70ae13f11ef4f29636c5158b7fa46 php-imap-4.3.2-39.ent.x86_64.rpm
132041f96278993aa8d5cf66118972ef php-ldap-4.3.2-39.ent.x86_64.rpm
d6341e87d708600fc38bbe4c63ea98ab php-mysql-4.3.2-39.ent.x86_64.rpm
baffdb94002ae386b97d6c56805cacd3 php-odbc-4.3.2-39.ent.x86_64.rpm
ae97cf37342f6352e7ee3904a35d747e php-pgsql-4.3.2-39.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm
a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm

i386:
144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm
90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm
9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm
fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm
1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm
b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm
4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm
861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm
f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm
9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm
6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm
81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm
e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm
1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm
c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm

ia64:
199ca047b66ee4a6557d7d3f3c38f873 php-4.3.9-3.22.3.ia64.rpm
f9cc7842a4aa8b70f384df7c779bd667 php-debuginfo-4.3.9-3.22.3.ia64.rpm
ff3ec026286d1a34114cb72672ecd3f4 php-devel-4.3.9-3.22.3.ia64.rpm
e8493183ededf4a0e3a0e83c0b592f2a php-domxml-4.3.9-3.22.3.ia64.rpm
f4c0d643c08b85787f57107ff51041b0 php-gd-4.3.9-3.22.3.ia64.rpm
44842ad7449d6bff948a085865e0af54 php-imap-4.3.9-3.22.3.ia64.rpm
cb11e0b06cdd4fbe89ba7f4ed092d923 php-ldap-4.3.9-3.22.3.ia64.rpm
568a7912d2ed6423bfda734c08f6d437 php-mbstring-4.3.9-3.22.3.ia64.rpm
d1574241f8b4c86b026edca3724e7488 php-mysql-4.3.9-3.22.3.ia64.rpm
6152d7b768392cb4c7f4420f87498e76 php-ncurses-4.3.9-3.22.3.ia64.rpm
4f43bb7a7147b3956104033bd19c08e1 php-odbc-4.3.9-3.22.3.ia64.rpm
2960bbeba55607269bfde8513249b23d php-pear-4.3.9-3.22.3.ia64.rpm
331830c2e27c787f89f6c550fce68223 php-pgsql-4.3.9-3.22.3.ia64.rpm
d168c65023f344b7664774a5fcd7ed79 php-snmp-4.3.9-3.22.3.ia64.rpm
301669eaa23485727c8f07a2fe960c9f php-xmlrpc-4.3.9-3.22.3.ia64.rpm

ppc:
4c6db07fe089fef7f36b7bc077b716d3 php-4.3.9-3.22.3.ppc.rpm
beca9f4732d60b2c8e68a08f2ac91bc7 php-debuginfo-4.3.9-3.22.3.ppc.rpm
62097749817eee902a9b80384cc8d59c php-devel-4.3.9-3.22.3.ppc.rpm
9d00fabdbc9fd0915f9b85beb9efd2eb php-domxml-4.3.9-3.22.3.ppc.rpm
ac71759c8b4ef95b06fefe86b6e4341d php-gd-4.3.9-3.22.3.ppc.rpm
df5b079c0688d34d124970817b4ba0fe php-imap-4.3.9-3.22.3.ppc.rpm
9047a48cd3991369483acc2e7f72c48a php-ldap-4.3.9-3.22.3.ppc.rpm
cc0468ff78fb1405314128adba5b4347 php-mbstring-4.3.9-3.22.3.ppc.rpm
1f6079f3a80e697196747ed401e77a06 php-mysql-4.3.9-3.22.3.ppc.rpm
bfa51d88bf8c52bc51edf9a9e06cea60 php-ncurses-4.3.9-3.22.3.ppc.rpm
0ebdfcc733aa21f10d1bf8639054cf7a php-odbc-4.3.9-3.22.3.ppc.rpm
df4889b7caf343e6c9d3f9971c5882df php-pear-4.3.9-3.22.3.ppc.rpm
2e6c51f81322fec95fdf3af8a835df46 php-pgsql-4.3.9-3.22.3.ppc.rpm
1ad1067065a1e6b55954f102cefacecc php-snmp-4.3.9-3.22.3.ppc.rpm
2edb715c10def75b6c92b8c5253e5b37 php-xmlrpc-4.3.9-3.22.3.ppc.rpm

s390:
0c140ffb303370bfce0af6ac947b3bd6 php-4.3.9-3.22.3.s390.rpm
393ff435b9a477c618eab815f98b72c7 php-debuginfo-4.3.9-3.22.3.s390.rpm
66824af01d592309f5673d74ba13797a php-devel-4.3.9-3.22.3.s390.rpm
98099e79816000aa22340f30a550d7ac php-domxml-4.3.9-3.22.3.s390.rpm
f3c3eb16034b039e8d1a3e77f2d4e383 php-gd-4.3.9-3.22.3.s390.rpm
7d1ecf3f77ff01249c447fb6e78757ab php-imap-4.3.9-3.22.3.s390.rpm
2f1c85fd9c6947b518d8cf275e968735 php-ldap-4.3.9-3.22.3.s390.rpm
b1b767c04c83c7c70d37226de7dba8c5 php-mbstring-4.3.9-3.22.3.s390.rpm
89c43d1afe38989d87fa6a57116c9d7a php-mysql-4.3.9-3.22.3.s390.rpm
c4a2ea5228fd6c22e498612fc7d2e17e php-ncurses-4.3.9-3.22.3.s390.rpm
847a8e841356375aebd4282da79955a4 php-odbc-4.3.9-3.22.3.s390.rpm
209f109e589459e4e2e19545dd4bc512 php-pear-4.3.9-3.22.3.s390.rpm
c2b09474ea5073b8424680067b1ad6c4 php-pgsql-4.3.9-3.22.3.s390.rpm
f96afc95bfda9c253379bbca1be10900 php-snmp-4.3.9-3.22.3.s390.rpm
5b56f025bee8ec4eb4eeb169b63d3c60 php-xmlrpc-4.3.9-3.22.3.s390.rpm

s390x:
3535b24a963d2fff0d700c9713678e5e php-4.3.9-3.22.3.s390x.rpm
1cfcccdd5f0e02995a51c3ea3e849dba php-debuginfo-4.3.9-3.22.3.s390x.rpm
7949f28643e128b73bd73db619bff818 php-devel-4.3.9-3.22.3.s390x.rpm
987cbab849a42b5523d8b77d78aa9bea php-domxml-4.3.9-3.22.3.s390x.rpm
821c61382dbefca04424c88befb5681c php-gd-4.3.9-3.22.3.s390x.rpm
f47ace8f09516615d873df2485bd43bd php-imap-4.3.9-3.22.3.s390x.rpm
24f06687af8986e93f25ffaf246ec493 php-ldap-4.3.9-3.22.3.s390x.rpm
7ed585f4536cc8348cec85a56ffa3b18 php-mbstring-4.3.9-3.22.3.s390x.rpm
0c6b315195f6a047e574e0e0d539fdd7 php-mysql-4.3.9-3.22.3.s390x.rpm
190521a81ca21b264c6741904fe4b53b php-ncurses-4.3.9-3.22.3.s390x.rpm
bf0deae5bc75cb7fb2d2463201c5e7dd php-odbc-4.3.9-3.22.3.s390x.rpm
b3711111e4b4777ef66cdaaceb6e5b89 php-pear-4.3.9-3.22.3.s390x.rpm
b2272a3b079671f2c7744f2589baf475 php-pgsql-4.3.9-3.22.3.s390x.rpm
34bb6ec8d7950f30b02a1da5f9693333 php-snmp-4.3.9-3.22.3.s390x.rpm
f88518164a17902d0c3f45d5e6291113 php-xmlrpc-4.3.9-3.22.3.s390x.rpm

x86_64:
1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm
59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm
477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm
434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm
dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm
ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm
37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm
c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm
9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm
5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm
f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm
7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm
24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm
b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm
cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm
a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm

i386:
144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm
90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm
9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm
fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm
1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm
b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm
4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm
861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm
f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm
9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm
6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm
81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm
e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm
1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm
c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm

x86_64:
1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm
59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm
477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm
434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm
dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm
ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm
37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm
c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm
9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm
5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm
f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm
7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm
24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm
b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm
cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm
a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm

i386:
144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm
90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm
9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm
fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm
1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm
b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm
4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm
861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm
f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm
9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm
6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm
81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm
e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm
1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm
c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm

ia64:
199ca047b66ee4a6557d7d3f3c38f873 php-4.3.9-3.22.3.ia64.rpm
f9cc7842a4aa8b70f384df7c779bd667 php-debuginfo-4.3.9-3.22.3.ia64.rpm
ff3ec026286d1a34114cb72672ecd3f4 php-devel-4.3.9-3.22.3.ia64.rpm
e8493183ededf4a0e3a0e83c0b592f2a php-domxml-4.3.9-3.22.3.ia64.rpm
f4c0d643c08b85787f57107ff51041b0 php-gd-4.3.9-3.22.3.ia64.rpm
44842ad7449d6bff948a085865e0af54 php-imap-4.3.9-3.22.3.ia64.rpm
cb11e0b06cdd4fbe89ba7f4ed092d923 php-ldap-4.3.9-3.22.3.ia64.rpm
568a7912d2ed6423bfda734c08f6d437 php-mbstring-4.3.9-3.22.3.ia64.rpm
d1574241f8b4c86b026edca3724e7488 php-mysql-4.3.9-3.22.3.ia64.rpm
6152d7b768392cb4c7f4420f87498e76 php-ncurses-4.3.9-3.22.3.ia64.rpm
4f43bb7a7147b3956104033bd19c08e1 php-odbc-4.3.9-3.22.3.ia64.rpm
2960bbeba55607269bfde8513249b23d php-pear-4.3.9-3.22.3.ia64.rpm
331830c2e27c787f89f6c550fce68223 php-pgsql-4.3.9-3.22.3.ia64.rpm
d168c65023f344b7664774a5fcd7ed79 php-snmp-4.3.9-3.22.3.ia64.rpm
301669eaa23485727c8f07a2fe960c9f php-xmlrpc-4.3.9-3.22.3.ia64.rpm

x86_64:
1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm
59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm
477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm
434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm
dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm
ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm
37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm
c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm
9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm
5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm
f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm
7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm
24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm
b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm
cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.22.3.src.rpm
a954d249ca8cd0e03864c3cbac5f26b8 php-4.3.9-3.22.3.src.rpm

i386:
144c9a64ae174706ae864d5bf94a8cb2 php-4.3.9-3.22.3.i386.rpm
90971f6472640809c494f46cbcaf1bdd php-debuginfo-4.3.9-3.22.3.i386.rpm
9aff6b4cfe675f62b986cbdfd401ef48 php-devel-4.3.9-3.22.3.i386.rpm
fc7d8f3ff093d36417259cb45d53b597 php-domxml-4.3.9-3.22.3.i386.rpm
1c7d95325faf1f7f1c7719190543411e php-gd-4.3.9-3.22.3.i386.rpm
b87ac2b80f5498fece096172afedf31d php-imap-4.3.9-3.22.3.i386.rpm
4681e79b4b0a37b41b3b1c99c68408d0 php-ldap-4.3.9-3.22.3.i386.rpm
861437499c4426cb220cac6332ea67ff php-mbstring-4.3.9-3.22.3.i386.rpm
f93b8e4156ac609e56bd29a9987f9b2d php-mysql-4.3.9-3.22.3.i386.rpm
9ec4c2486345f7ed3192a07ad10ec32e php-ncurses-4.3.9-3.22.3.i386.rpm
6cf3e8b518946cfca6fb02601731811a php-odbc-4.3.9-3.22.3.i386.rpm
81369039016e43d6f2559ae112b76272 php-pear-4.3.9-3.22.3.i386.rpm
e0a1147400141dc32ba7a73efd774c5b php-pgsql-4.3.9-3.22.3.i386.rpm
1b4822fd2069e98a59ca5a8fbca369e8 php-snmp-4.3.9-3.22.3.i386.rpm
c6d716435a59be6d286afef87c580a25 php-xmlrpc-4.3.9-3.22.3.i386.rpm

ia64:
199ca047b66ee4a6557d7d3f3c38f873 php-4.3.9-3.22.3.ia64.rpm
f9cc7842a4aa8b70f384df7c779bd667 php-debuginfo-4.3.9-3.22.3.ia64.rpm
ff3ec026286d1a34114cb72672ecd3f4 php-devel-4.3.9-3.22.3.ia64.rpm
e8493183ededf4a0e3a0e83c0b592f2a php-domxml-4.3.9-3.22.3.ia64.rpm
f4c0d643c08b85787f57107ff51041b0 php-gd-4.3.9-3.22.3.ia64.rpm
44842ad7449d6bff948a085865e0af54 php-imap-4.3.9-3.22.3.ia64.rpm
cb11e0b06cdd4fbe89ba7f4ed092d923 php-ldap-4.3.9-3.22.3.ia64.rpm
568a7912d2ed6423bfda734c08f6d437 php-mbstring-4.3.9-3.22.3.ia64.rpm
d1574241f8b4c86b026edca3724e7488 php-mysql-4.3.9-3.22.3.ia64.rpm
6152d7b768392cb4c7f4420f87498e76 php-ncurses-4.3.9-3.22.3.ia64.rpm
4f43bb7a7147b3956104033bd19c08e1 php-odbc-4.3.9-3.22.3.ia64.rpm
2960bbeba55607269bfde8513249b23d php-pear-4.3.9-3.22.3.ia64.rpm
331830c2e27c787f89f6c550fce68223 php-pgsql-4.3.9-3.22.3.ia64.rpm
d168c65023f344b7664774a5fcd7ed79 php-snmp-4.3.9-3.22.3.ia64.rpm
301669eaa23485727c8f07a2fe960c9f php-xmlrpc-4.3.9-3.22.3.ia64.rpm

x86_64:
1a8f622a55edc590bc836dc577c67313 php-4.3.9-3.22.3.x86_64.rpm
59661959dafc76be8db0c6c5534c04ed php-debuginfo-4.3.9-3.22.3.x86_64.rpm
477b586dd9dd24e7208a254894f426aa php-devel-4.3.9-3.22.3.x86_64.rpm
434e194613624591bc2945d402b335c8 php-domxml-4.3.9-3.22.3.x86_64.rpm
dde9c8dc92ba9aa7b3b82abe7eca1a46 php-gd-4.3.9-3.22.3.x86_64.rpm
ce88add4f6b234c16e27cdc8617ad1ee php-imap-4.3.9-3.22.3.x86_64.rpm
37a0092e51c14be7b4dab993c85c8f3d php-ldap-4.3.9-3.22.3.x86_64.rpm
c5b16f7a2d4da01a38e18eb0b92e329a php-mbstring-4.3.9-3.22.3.x86_64.rpm
9f5b2f72b73928a3eb274edd8a99fed5 php-mysql-4.3.9-3.22.3.x86_64.rpm
5d60bbf151f212ea1dc61086919315c4 php-ncurses-4.3.9-3.22.3.x86_64.rpm
f62a0a8783433f67818e3a88597dd754 php-odbc-4.3.9-3.22.3.x86_64.rpm
7c16f8eb089b2c044f0c70b33437ceab php-pear-4.3.9-3.22.3.x86_64.rpm
24fc5e41ed8e3617e593c20389ef5252 php-pgsql-4.3.9-3.22.3.x86_64.rpm
b48b22e969361c70682f3d8c1fbdbede php-snmp-4.3.9-3.22.3.x86_64.rpm
cd14e8a88891b0a17d5a3ef57b8e015e php-xmlrpc-4.3.9-3.22.3.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFF2hKoXlSAg2UNWIIRAg2xAJ4uVDFUwG/D/1CWNA3F9auqYKjtJwCgq0+8
jA26yJX67GUzCLK+N8OhNVw=
=oCH9
-----END PGP SIGNATURE-----