Fedora Core 3: php-4.3.11-2.7 Critical XML_RPC Parsing Issue
fedora
August 25, 2005
This update includes the latest upstream version of the PEAR XML_RPC package, which fixes a security issue in request parsing in the XML_RPC Server code
Summary
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.
This update includes the latest upstream version of the PEAR
XML_RPC package, which fixes a security issue in request
parsing in the XML_RPC Server code. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2005-2498 to this issue.
- pear: update to XML_RPC 1.4.0 (CAN-2005-2498, #165847)
8ee124ab881288fd6bbfb2fd9c7ea13e SRPMS/php-4.3.11-2.7.src.rpm
913fb86266b1c68e686f0ba3f2b414c2 x86_64/php-4.3.11-2.7.x86_64.rpm
c68ec21fa6a61c67f942e5445c7e1743 x86_64/php-devel-4.3.11-2.7.x86_64.rpm
08f69204bc70f2f12e0a086e375c331e x86_64/php-pear-4.3.11-2.7.x86_64.rpm
2bf2480fb69fc136038a634fbcfcce48 x86_64/php-imap-4.3.11-2.7.x86_64.rpm
d3bacd5fdbf67254c705bc7bc61d281e x86_64/php-ldap-4.3.11-2.7.x86_64.rpm
3344ccc2e07d4b3397706e1872989482 x86_64/php-mysql-4.3.11-2.7.x86_64.rpm
de65d833cb8e07eca0f56e018c828bbf x86_64/php-pgsql-4.3.11-2.7.x86_64.rpm
7e76bc8bd1bac00d2571bb97ea42cc9b x86_64/php-odbc-4.3.11-2.7.x86_64.rpm
9537ed06161fcc317831ffeaf7026f9e x86_64/php-snmp-4.3.11-2.7.x86_64.rpm
e84e3bf1da132eb91e0be70f01edd3a5 x86_64/php-domxml-4.3.11-2.7.x86_64.rpm
922a1ea8060e709a06d26d594242ee32 x86_64/php-xmlrpc-4.3.11-2.7.x86_64.rpm
b6145a24e3798e6e61a4a8bc89e8c0c5 x86_64/php-mbstring-4.3.11-2.7.x86_64.rpm
90dd25b292a8e2c823e5b5d98168d43a x86_64/php-ncurses-4.3.11-2.7.x86_64.rpm
09806af9f54acee63f849e2e60ef2b91 x86_64/php-gd-4.3.11-2.7.x86_64.rpm
3bbeb07601b8ec69463c336c0c205fff x86_64/debug/php-debuginfo-4.3.11-2.7.x86_64.rpm
1e4265fc6ef11f87897ab6a35aff6aa3 i386/php-4.3.11-2.7.i386.rpm
c02d99c3007643a3a1a7bd9e1bac2e50 i386/php-devel-4.3.11-2.7.i386.rpm
11925259bae2e97e3f77b73d87d1fb70 i386/php-pear-4.3.11-2.7.i386.rpm
195b3c6e2479dcfdedcaa11859a7bd6b i386/php-imap-4.3.11-2.7.i386.rpm
18115f4afa5c36802e9014d5f3f0d7f7 i386/php-ldap-4.3.11-2.7.i386.rpm
77c0eaa6b267a24fd6635425dfb54743 i386/php-mysql-4.3.11-2.7.i386.rpm
b1b8decc25e8f58711e00e5a26c90392 i386/php-pgsql-4.3.11-2.7.i386.rpm
f563dd6f5b41da7c42f5689bfeaea825 i386/php-odbc-4.3.11-2.7.i386.rpm
f47b90f3573f6abf1eb03feb6bcdf069 i386/php-snmp-4.3.11-2.7.i386.rpm
d4e19949fe88844cc1bfdac03613fa74 i386/php-domxml-4.3.11-2.7.i386.rpm
74b4eafd808d15d93096be7e448a3749 i386/php-xmlrpc-4.3.11-2.7.i386.rpm
e81c3b236495308bd48a05600c003afc i386/php-mbstring-4.3.11-2.7.i386.rpm
4731638caeeeffb16f4d45671a70de68 i386/php-ncurses-4.3.11-2.7.i386.rpm
4063e0d5f86bdfcf9a38f4fcb6426d33 i386/php-gd-4.3.11-2.7.i386.rpm
971a5476be2929cc7d131b84351a9137 i386/debug/php-debuginfo-4.3.11-2.7.i386.rpm
This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
fedora-announce-list mailing list
fedora-announce-list@redhat.com
Change Log
References
Update Instructions
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: php
Version: 4.3.11
Release: 2.7
Summary: The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!