Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Red Hat 5: RHSA-2007:0082-02 Critical: PHP Denial Of Service

red hat
Calendar Grey March 14, 2007
Dist Redhat Esm H88
A vital patch for Red Hat Enterprise Linux PHP resolves various vulnerabilities that compromise system security.
Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 5

Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

229013 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988) 231597 - CVE-2007-1285 PHP Variable Destructor Deep Recursion Stack Overflow

6. RPMs required:

RHEL Desktop Workstation (v. 5 client):

SRPMS: d346826e0a542ea5f6a0c21ec5c0de89 php-5.1.6-7.el5.src.rpm

i386: a769b8752da878a65ad0991e5f35f1f3 php-5.1.6-7.el5.i386.rpm 26c852cd82b4a12e69fda6cc8a915ff2 php-bcmath-5.1.6-7.el5.i386.rpm 091678f9d2328099ef5e04fc97df370b php-cli-5.1.6-7.el5.i386.rpm d41ed2907aec10d018e934c0c24c3ef6 php-common-5.1.6-7.el5.i386.rpm 97be9e8c8bfd86eead518ca713160b09 php-dba-5.1.6-7.el5.i386.rpm 975b56045493472002d6f670adc77a9e php-debuginfo-5.1.6-7.el5.i386.rpm c5d05e5fc1b528ffdb140c9d6a6e273d php-devel-5.1.6-7.el5.i386.rpm 7d341380dc2fcbc68acb88c950e91aaa php-gd-5.1.6-7.el5.i386.rpm 269b687f020b595b6a9447a1c361c559 php-imap-5.1.6-7.el5.i386.rpm 34f13e8e682038c7b4523a1db3507b17 php-ldap-5.1.6-7.el5.i386.rpm 926de31a1232612a801e75ffda10a922 php-mbstring-5.1.6-7.el5.i386.rpm 60bf1b4f73996c34a2e2533925b58799 php-mysql-5.1.6-7.el5.i386.rpm ed479d680c6766b3f21a8ee3340c4cc6 php-ncurses-5.1.6-7.el5.i386.rpm 795129d527b17823d1b9ac0fb612a397 php-odbc-5.1.6-7.el5.i386.rpm 0c57393535d5823010d992dabcebe745 php-pdo-5.1.6-7.el5.i386.rpm 753ace56f59708f10e4ad03d466d0471 php-pgsql-5.1.6-7.el5.i386.rpm 31d5fe411fc3d13715c61da09e8a3b34 php-snmp-5.1.6-7.el5.i386.rpm 3778e27df82016b0726b54febaed59cb php-soap-5.1.6-7.el5.i386.rpm 9d091c7a236f7a3c465899ee787e94a8 php-xml-5.1.6-7.el5.i386.rpm b5d9236d70e76d14cac5acda60275d0c php-xmlrpc-5.1.6-7.el5.i386.rpm

x86_64: 71badbd6e44d51cfba34a32a23cd95b2 php-5.1.6-7.el5.x86_64.rpm 960ae9a9d0e00cd547da7eec1955a5d9 php-bcmath-5.1.6-7.el5.x86_64.rpm c9d24ac66104b4d096acb6822fb9f8c6 php-cli-5.1.6-7.el5.x86_64.rpm 1cd6237e2d51c55c19d6d3b7e2f81f5e php-common-5.1.6-7.el5.x86_64.rpm b079b7af288906711ccd3bf02b1a0027 php-dba-5.1.6-7.el5.x86_64.rpm 84f7f59eaab122c2e147279cb2bb23b3 php-debuginfo-5.1.6-7.el5.x86_64.rpm 6c69af2c7ed239a43c518b272c6cd3c8 php-devel-5.1.6-7.el5.x86_64.rpm f2c4004d69f4eb094e80f5829fb33fc3 php-gd-5.1.6-7.el5.x86_64.rpm 26c944eb0a556ba0d6a634613b7f67bb php-imap-5.1.6-7.el5.x86_64.rpm eff06352104b02ccc24a85e68714a9e2 php-ldap-5.1.6-7.el5.x86_64.rpm 39592d7a4e4c48323ba426f48a56647d php-mbstring-5.1.6-7.el5.x86_64.rpm a5224c1cc1b10ebe5e4173e933ae5767 php-mysql-5.1.6-7.el5.x86_64.rpm d3c8038ca9e8ac81aab049a2147b50b7 php-ncurses-5.1.6-7.el5.x86_64.rpm 67e7ee807842e2c6963b0fe558b8f311 php-odbc-5.1.6-7.el5.x86_64.rpm c89b0119f58fd306ac673f338cc15b5f php-pdo-5.1.6-7.el5.x86_64.rpm 55338806427f9d63e7400410ab563198 php-pgsql-5.1.6-7.el5.x86_64.rpm b4c50e81b595e80ef9aa09f53c7c5eed php-snmp-5.1.6-7.el5.x86_64.rpm dd23b2ff36947c8bfe99e089837f664f php-soap-5.1.6-7.el5.x86_64.rpm 71ea5f61663fd7e3d5c344eb7bfdce9a php-xml-5.1.6-7.el5.x86_64.rpm 98ad623c7547160267c38608882c4109 php-xmlrpc-5.1.6-7.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS: d346826e0a542ea5f6a0c21ec5c0de89 php-5.1.6-7.el5.src.rpm

i386: a769b8752da878a65ad0991e5f35f1f3 php-5.1.6-7.el5.i386.rpm 26c852cd82b4a12e69fda6cc8a915ff2 php-bcmath-5.1.6-7.el5.i386.rpm 091678f9d2328099ef5e04fc97df370b php-cli-5.1.6-7.el5.i386.rpm d41ed2907aec10d018e934c0c24c3ef6 php-common-5.1.6-7.el5.i386.rpm 97be9e8c8bfd86eead518ca713160b09 php-dba-5.1.6-7.el5.i386.rpm 975b56045493472002d6f670adc77a9e php-debuginfo-5.1.6-7.el5.i386.rpm c5d05e5fc1b528ffdb140c9d6a6e273d php-devel-5.1.6-7.el5.i386.rpm 7d341380dc2fcbc68acb88c950e91aaa php-gd-5.1.6-7.el5.i386.rpm 269b687f020b595b6a9447a1c361c559 php-imap-5.1.6-7.el5.i386.rpm 34f13e8e682038c7b4523a1db3507b17 php-ldap-5.1.6-7.el5.i386.rpm 926de31a1232612a801e75ffda10a922 php-mbstring-5.1.6-7.el5.i386.rpm 60bf1b4f73996c34a2e2533925b58799 php-mysql-5.1.6-7.el5.i386.rpm ed479d680c6766b3f21a8ee3340c4cc6 php-ncurses-5.1.6-7.el5.i386.rpm 795129d527b17823d1b9ac0fb612a397 php-odbc-5.1.6-7.el5.i386.rpm 0c57393535d5823010d992dabcebe745 php-pdo-5.1.6-7.el5.i386.rpm 753ace56f59708f10e4ad03d466d0471 php-pgsql-5.1.6-7.el5.i386.rpm 31d5fe411fc3d13715c61da09e8a3b34 php-snmp-5.1.6-7.el5.i386.rpm 3778e27df82016b0726b54febaed59cb php-soap-5.1.6-7.el5.i386.rpm 9d091c7a236f7a3c465899ee787e94a8 php-xml-5.1.6-7.el5.i386.rpm b5d9236d70e76d14cac5acda60275d0c php-xmlrpc-5.1.6-7.el5.i386.rpm

ia64: 59deca45db02df88f078a90d4b63a5e0 php-5.1.6-7.el5.ia64.rpm 78724383db37df0b5b6d3238d0546a4b php-bcmath-5.1.6-7.el5.ia64.rpm 35a4becee4cba77a326cb5065e518aac php-cli-5.1.6-7.el5.ia64.rpm 81211a5929b97c9b61f768ef7afa59fa php-common-5.1.6-7.el5.ia64.rpm a30941ed55d65041bd2fc02da0b4eec5 php-dba-5.1.6-7.el5.ia64.rpm 5303ed94098f13a8a73f616930a38bee php-debuginfo-5.1.6-7.el5.ia64.rpm 44c8d443ec2c792f7645492956795d8c php-devel-5.1.6-7.el5.ia64.rpm 956d3a5cfad2ced91d9abd53c2d54d2e php-gd-5.1.6-7.el5.ia64.rpm 7d1dc114f00391a3ed80b7abce52bd42 php-imap-5.1.6-7.el5.ia64.rpm c9f494abcaccb0dc69f5da39b5ef6e3c php-ldap-5.1.6-7.el5.ia64.rpm 54c5bf8b6188859ccf89bd8ee5f1479c php-mbstring-5.1.6-7.el5.ia64.rpm cdd50f81d23f0970cbf6676943024e27 php-mysql-5.1.6-7.el5.ia64.rpm 363ef052d679f52e52060596971d984e php-ncurses-5.1.6-7.el5.ia64.rpm 8e74366714aa43bca1ee3d7523e3308d php-odbc-5.1.6-7.el5.ia64.rpm a31e6f3cb40333d91cfea4cc1dc31be5 php-pdo-5.1.6-7.el5.ia64.rpm c8a9283cb3b466074f8e2b5b71695cf9 php-pgsql-5.1.6-7.el5.ia64.rpm 54b5685395b3e38507253f6fceb3ad7a php-snmp-5.1.6-7.el5.ia64.rpm 4fa28d4d0eea108631ae11dc24c507a7 php-soap-5.1.6-7.el5.ia64.rpm f3b3cf435a9a27ea4508508b52be5e51 php-xml-5.1.6-7.el5.ia64.rpm ba31d4201e6ba1c47a2be5d205ea320b php-xmlrpc-5.1.6-7.el5.ia64.rpm

ppc: b1431b1febce8f6a0da1b706b3e4a65d php-5.1.6-7.el5.ppc.rpm f6a464c2ee63ce883b41b6bd06c2525d php-bcmath-5.1.6-7.el5.ppc.rpm 9c08683931c05da19969c88ed37dfa20 php-cli-5.1.6-7.el5.ppc.rpm 976bc9b3bef1c643d5f2bc4f4889263c php-common-5.1.6-7.el5.ppc.rpm 41f8e6c1d21bf2aaecbd5f99aef96fc8 php-dba-5.1.6-7.el5.ppc.rpm 7f78105c12345bd1d8df7189b94f4c39 php-debuginfo-5.1.6-7.el5.ppc.rpm 56718bdd1283ebcf7d8e482e9b4bb45e php-devel-5.1.6-7.el5.ppc.rpm a884ad0bb5c9ccddb2aa48e5ec84b0ea php-gd-5.1.6-7.el5.ppc.rpm 966418dde96d45630db83ab784a07b23 php-imap-5.1.6-7.el5.ppc.rpm d13978e5285271326934106918a6c272 php-ldap-5.1.6-7.el5.ppc.rpm d1e1122d2723ce66af63298629703d49 php-mbstring-5.1.6-7.el5.ppc.rpm 292b11fbcc67e277e0971758a55a60e1 php-mysql-5.1.6-7.el5.ppc.rpm 57763f1feff7a785191d5224a1ae9290 php-ncurses-5.1.6-7.el5.ppc.rpm aac7f53adff7b9173fc581be6809cedc php-odbc-5.1.6-7.el5.ppc.rpm 6aec0a62b0305cd4a887bb3d54b6ab91 php-pdo-5.1.6-7.el5.ppc.rpm 91a79293698ccafcea817a49576b6b1c php-pgsql-5.1.6-7.el5.ppc.rpm 8176898811a0e898bfb0158adcd1228f php-snmp-5.1.6-7.el5.ppc.rpm cd324c31c751ce87d5e2875811979d7e php-soap-5.1.6-7.el5.ppc.rpm 8374aaa3195e80cf03f21970aacdea06 php-xml-5.1.6-7.el5.ppc.rpm 1699a4cede424374f53db51a40d6c23f php-xmlrpc-5.1.6-7.el5.ppc.rpm

s390x: b4a2955f08aa005731c012c813801d5b php-5.1.6-7.el5.s390x.rpm b56b3928b80aeabef61cbe3198e482d2 php-bcmath-5.1.6-7.el5.s390x.rpm 7443d3356b3d062889d44eab3863fc8a php-cli-5.1.6-7.el5.s390x.rpm 49c9eef065dbde46a4dd48cd074e004f php-common-5.1.6-7.el5.s390x.rpm d2cfd29995ce8dca7db53b85634dfe18 php-dba-5.1.6-7.el5.s390x.rpm a8d0842fc94886bfed462d5df2be7de1 php-debuginfo-5.1.6-7.el5.s390x.rpm 37d02d98287aa59b7ebd1dd5b2ea3f04 php-devel-5.1.6-7.el5.s390x.rpm 9efbd00b56547364d6ca50e8c1321d00 php-gd-5.1.6-7.el5.s390x.rpm 75932b10f243bace44feaad9370dd9a8 php-imap-5.1.6-7.el5.s390x.rpm 6f45228c38354873e0d6b72a371ff932 php-ldap-5.1.6-7.el5.s390x.rpm 2b4708e0e7d21060c57a84721d714c26 php-mbstring-5.1.6-7.el5.s390x.rpm 0b6d512aeb6489877db6aefaf0e2df09 php-mysql-5.1.6-7.el5.s390x.rpm 9f7f86b4d351f5bd2c44b909c0911c4c php-ncurses-5.1.6-7.el5.s390x.rpm d488c8e34ed2d15d4cd1d66e3757da0e php-odbc-5.1.6-7.el5.s390x.rpm 28628c46d048241cf3670b93309a364b php-pdo-5.1.6-7.el5.s390x.rpm 768215dba4ffd10112b7d31507898802 php-pgsql-5.1.6-7.el5.s390x.rpm 95755db467614b64b65531616206bb3e php-snmp-5.1.6-7.el5.s390x.rpm 48d2893c0e654f5973ca6588faa362d9 php-soap-5.1.6-7.el5.s390x.rpm 01ecda2d3055673ade18449218ca1995 php-xml-5.1.6-7.el5.s390x.rpm cac4acbde1d01621fe6bf9ca332e4ebc php-xmlrpc-5.1.6-7.el5.s390x.rpm

x86_64: 71badbd6e44d51cfba34a32a23cd95b2 php-5.1.6-7.el5.x86_64.rpm 960ae9a9d0e00cd547da7eec1955a5d9 php-bcmath-5.1.6-7.el5.x86_64.rpm c9d24ac66104b4d096acb6822fb9f8c6 php-cli-5.1.6-7.el5.x86_64.rpm 1cd6237e2d51c55c19d6d3b7e2f81f5e php-common-5.1.6-7.el5.x86_64.rpm b079b7af288906711ccd3bf02b1a0027 php-dba-5.1.6-7.el5.x86_64.rpm 84f7f59eaab122c2e147279cb2bb23b3 php-debuginfo-5.1.6-7.el5.x86_64.rpm 6c69af2c7ed239a43c518b272c6cd3c8 php-devel-5.1.6-7.el5.x86_64.rpm f2c4004d69f4eb094e80f5829fb33fc3 php-gd-5.1.6-7.el5.x86_64.rpm 26c944eb0a556ba0d6a634613b7f67bb php-imap-5.1.6-7.el5.x86_64.rpm eff06352104b02ccc24a85e68714a9e2 php-ldap-5.1.6-7.el5.x86_64.rpm 39592d7a4e4c48323ba426f48a56647d php-mbstring-5.1.6-7.el5.x86_64.rpm a5224c1cc1b10ebe5e4173e933ae5767 php-mysql-5.1.6-7.el5.x86_64.rpm d3c8038ca9e8ac81aab049a2147b50b7 php-ncurses-5.1.6-7.el5.x86_64.rpm 67e7ee807842e2c6963b0fe558b8f311 php-odbc-5.1.6-7.el5.x86_64.rpm c89b0119f58fd306ac673f338cc15b5f php-pdo-5.1.6-7.el5.x86_64.rpm 55338806427f9d63e7400410ab563198 php-pgsql-5.1.6-7.el5.x86_64.rpm b4c50e81b595e80ef9aa09f53c7c5eed php-snmp-5.1.6-7.el5.x86_64.rpm dd23b2ff36947c8bfe99e089837f664f php-soap-5.1.6-7.el5.x86_64.rpm 71ea5f61663fd7e3d5c344eb7bfdce9a php-xml-5.1.6-7.el5.x86_64.rpm 98ad623c7547160267c38608882c4109 php-xmlrpc-5.1.6-7.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-0906 https://www.cve.org/CVERecord?id=CVE-2007-0907 https://www.cve.org/CVERecord?id=CVE-2007-0908 https://www.cve.org/CVERecord?id=CVE-2007-0909 https://www.cve.org/CVERecord?id=CVE-2007-0988 https://www.cve.org/CVERecord?id=CVE-2007-0910 https://www.cve.org/CVERecord?id=CVE-2007-1285 https://access.redhat.com/security/updates/classification#important

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0082-02
Issue date: 2007-03-13
Updated on: 2007-03-14
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

RHEL Desktop Workstation (v. 5 client) - i386, x86_64

Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here