Alerts This Week
Warning Icon 1 483
Alerts This Week
Warning Icon 1 483

Fedora Core 3: FEDORA-2023-1234 Important: PHP Deserialization Issue

fedora
Calendar Grey December 21, 2004
Dist Fedora Esm H88
The latest patch for Fedora Core 3 incorporates security enhancements for PHP 4.3.10, addressing vulnerabilities related to exif data processing and the unserialization of objects.
This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer (CVE CAN-2004-1019) and exif image parsing (CVE CAN-2004-1065).

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated webpages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts. The

mod_php module enables the Apache Web server to understand and process

the embedded PHP language in Web pages.

for security issues in the unserializer (CVE CAN-2004-1019) and exif

image parsing (CVE CAN-2004-1065).

- fix umask patch (#143286)

* Wed Dec 15 2004 Joe Orton 4.3.10-3.1

- update to 4.3.10, including security fixes (#141135):

* unserializer integer overflows, CAN-2004-1019

* exif image parsing overflow, CAN-2004-1065

445609a1342e91f32320fa5864bda37b SRPMS/php-4.3.10-3.2.src.rpm

657606317c0a9ed5bcf37f06dba42538 x86_64/php-4.3.10-3.2.x86_64.rpm

5ddda1be3f052f3cb409cf73363be2ae x86_64/php-devel-4.3.10-3.2.x86_64.rpm

9163bfe74081828227f757b133b076fc x86_64/php-pear-4.3.10-3.2.x86_64.rpm

80b7bf655541e14064c2bd6eaa311077 x86_64/php-imap-4.3.10-3.2.x86_64.rpm

e7e92d9b5bd9ea4a245eba6a39ee2536 x86_64/php-ldap-4.3.10-3.2.x86_64.rpm

eae6fbeb1108970cd8fd9a7a38d32a9a x86_64/php-mysql-4.3.10-3.2.x86_64.rpm

88dcfa1990eb7bdbdd92715dace2c03e x86_64/php-pgsql-4.3.10-3.2.x86_64.rpm

05966b8d09a58702ba43c9be149ecbaa x86_64/php-odbc-4.3.10-3.2.x86_64.rpm

34cdb5151b5da048f7470170bfb31978 x86_64/php-snmp-4.3.10-3.2.x86_64.rpm

df3d6d00a6949d17495c8b99eac5f7c9 x86_64/php-domxml-4.3.10-3.2.x86_64.rpm

7422b0dc974e702a4c96eeecf11ec761 x86_64/php-xmlrpc-4.3.10-3.2.x86_64.rpm

c1d70465ed28e238c4a09cbcb356b209 x86_64/php-mbstring-4.3.10-3.2.x86_64.rpm

16a82e15b0e5b3b16fc5eda47133b2f6 x86_64/php-ncurses-4.3.10-3.2.x86_64.rpm

eea5e17b82709e33619fa4959db5c766 x86_64/php-gd-4.3.10-3.2.x86_64.rpm

b969eb4dc267a438bb7eb742e6c20f2b x86_64/debug/php-debuginfo-4.3.10-3.2.x86_64.rpm

f510eb1784120ca41c69d7adc189852b i386/php-4.3.10-3.2.i386.rpm

d5f291074444c1dc04f36cedf7395a06 i386/php-devel-4.3.10-3.2.i386.rpm

652ca5be92e965c23150c9c58f875a5c i386/php-pear-4.3.10-3.2.i386.rpm

11399157471806b342090305ef29c474 i386/php-imap-4.3.10-3.2.i386.rpm

190d53059632b6b80b9f757742ae9a60 i386/php-ldap-4.3.10-3.2.i386.rpm

6fc5c6d4a9326e2bb7208573fead0510 i386/php-mysql-4.3.10-3.2.i386.rpm

5c88f752e470135c5c665ef8fb1284d9 i386/php-pgsql-4.3.10-3.2.i386.rpm

4b0eb8f79673794cf6a677cbc3ae255d i386/php-odbc-4.3.10-3.2.i386.rpm

a4f62eb0dd02593f9529b141bde10676 i386/php-snmp-4.3.10-3.2.i386.rpm

3591ab4da5e4efe7cd1e1876d589b173 i386/php-domxml-4.3.10-3.2.i386.rpm

0ddcc0fe3c79a2545d8bb2235837044c i386/php-xmlrpc-4.3.10-3.2.i386.rpm

1eae4104b33ee7021403025865de92e0 i386/php-mbstring-4.3.10-3.2.i386.rpm

c7fb403a6374fdb70adbadc62eb022cf i386/php-ncurses-4.3.10-3.2.i386.rpm

606c76b1b4e9b0fdd6de1a093ce3190b i386/php-gd-4.3.10-3.2.i386.rpm

864a01494e29026096135b3229363025 i386/debug/php-debuginfo-4.3.10-3.2.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

Change Log

References

Update Instructions

Severity
important
Lowest
Low
Medium
High
Critical

Name: php
Version: 4.3.10
Release: 3.2
Summary: The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here