Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Red Hat: RHSA-2007:0088-01 Important: PHP Buffer Overflow Risk

red hat
Calendar Grey February 22, 2007
Dist Redhat Esm H88
The latest PHP security patch from Red Hat tackles several vulnerabilities, significantly improving overall application security for its users.
Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs.

Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

229337 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988)

6. RPMs required:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4):

SRPMS: 65c254f44be0f72149d1a6d2481f83d1 php-5.1.6-3.el4s1.5.src.rpm

i386: 78d8e01b70f58962f336c8bfb5ba4b96 php-5.1.6-3.el4s1.5.i386.rpm 6d2e8fa3d1b7c38b238e1ac3f7476956 php-bcmath-5.1.6-3.el4s1.5.i386.rpm 6b8b46df3e7baa0f8d3f172f17282259 php-cli-5.1.6-3.el4s1.5.i386.rpm 8ced783df3b11e6d0f6dd1f6b6829fdf php-common-5.1.6-3.el4s1.5.i386.rpm 740a6c287dcbac0661a253ed3ff66814 php-dba-5.1.6-3.el4s1.5.i386.rpm f7e791945b706248c53a01c1b45bfdce php-debuginfo-5.1.6-3.el4s1.5.i386.rpm f35f870ec7d08950d8e62ce9525c4c70 php-devel-5.1.6-3.el4s1.5.i386.rpm 23e2fd214a78125b380c59dce8b866cc php-gd-5.1.6-3.el4s1.5.i386.rpm ffca8a8be48b47ac67d3dafe706a17c6 php-imap-5.1.6-3.el4s1.5.i386.rpm 4c1f239d32b5e6ae2e26198116a2df40 php-ldap-5.1.6-3.el4s1.5.i386.rpm 4ab5f2d77d903027e47cde5ce2b00391 php-mbstring-5.1.6-3.el4s1.5.i386.rpm 70f18b061ad856f91d752afc602321fb php-mysql-5.1.6-3.el4s1.5.i386.rpm dc8653b119d187f4502ea7768d0b4df3 php-ncurses-5.1.6-3.el4s1.5.i386.rpm eaeeb0c20afcc2f6092f2ee86026b289 php-odbc-5.1.6-3.el4s1.5.i386.rpm 8626f179feb2edf6a65592e8b7ccf4ac php-pdo-5.1.6-3.el4s1.5.i386.rpm 29394ec7b3a94bf7800984b6261645dc php-pgsql-5.1.6-3.el4s1.5.i386.rpm 1458d727cb6e7ca1f8b157e7e9e6647b php-snmp-5.1.6-3.el4s1.5.i386.rpm 2852e877c69badc913b3d45508f6174d php-soap-5.1.6-3.el4s1.5.i386.rpm 83fc3d913035f739d9f467760141131a php-xml-5.1.6-3.el4s1.5.i386.rpm 72e4d8d62154edd162e302e4ef998237 php-xmlrpc-5.1.6-3.el4s1.5.i386.rpm

x86_64: 9febc8aa7713fcc6e6d782e8cfad8b6b php-5.1.6-3.el4s1.5.x86_64.rpm a50b99d084118534a60713dc7072bfe8 php-bcmath-5.1.6-3.el4s1.5.x86_64.rpm ec1c3659254920ee751528b70048dc8f php-cli-5.1.6-3.el4s1.5.x86_64.rpm a5d8daf2c536b025cc7916c93b29dba9 php-common-5.1.6-3.el4s1.5.x86_64.rpm 6759778469af7a9a70258aa3e07e57fc php-dba-5.1.6-3.el4s1.5.x86_64.rpm fdcc247456d423f893f83277525191d0 php-debuginfo-5.1.6-3.el4s1.5.x86_64.rpm f2d186ccf814a716661e05f9b9e8b968 php-devel-5.1.6-3.el4s1.5.x86_64.rpm e9ae0a6fcb0a383c5e0ccce6d5625d10 php-gd-5.1.6-3.el4s1.5.x86_64.rpm 007ccf652a68a291f02ea20a64b17c19 php-imap-5.1.6-3.el4s1.5.x86_64.rpm e3438ac7fa45ec4d18c5b440e6ab8b51 php-ldap-5.1.6-3.el4s1.5.x86_64.rpm 2ff48b915dd6a96e0218fbd22eb38e18 php-mbstring-5.1.6-3.el4s1.5.x86_64.rpm a7249f1c5007a3cbaa1db03db1947e08 php-mysql-5.1.6-3.el4s1.5.x86_64.rpm 6bca262f258fa401f85ba494b2c31e6f php-ncurses-5.1.6-3.el4s1.5.x86_64.rpm f0300356cfa9a0ec53f06b22bf9831bc php-odbc-5.1.6-3.el4s1.5.x86_64.rpm cc1d0f4eb90a42bf2b97c901dc7e675e php-pdo-5.1.6-3.el4s1.5.x86_64.rpm 281e15be5c482bf80b9b364baa18c464 php-pgsql-5.1.6-3.el4s1.5.x86_64.rpm 5974ebe042e427a9bb63ebc3efd0e503 php-snmp-5.1.6-3.el4s1.5.x86_64.rpm 5504e7372468eb793607c7050109a7c9 php-soap-5.1.6-3.el4s1.5.x86_64.rpm ec5eeca15244e5e676c2dd438bc4add0 php-xml-5.1.6-3.el4s1.5.x86_64.rpm 55e2405c3136cd7ba733391770d8e4ba php-xmlrpc-5.1.6-3.el4s1.5.x86_64.rpm

Red Hat Application Stack v1 for Enterprise Linux ES (v.4):

SRPMS: 65c254f44be0f72149d1a6d2481f83d1 php-5.1.6-3.el4s1.5.src.rpm

i386: 78d8e01b70f58962f336c8bfb5ba4b96 php-5.1.6-3.el4s1.5.i386.rpm 6d2e8fa3d1b7c38b238e1ac3f7476956 php-bcmath-5.1.6-3.el4s1.5.i386.rpm 6b8b46df3e7baa0f8d3f172f17282259 php-cli-5.1.6-3.el4s1.5.i386.rpm 8ced783df3b11e6d0f6dd1f6b6829fdf php-common-5.1.6-3.el4s1.5.i386.rpm 740a6c287dcbac0661a253ed3ff66814 php-dba-5.1.6-3.el4s1.5.i386.rpm f7e791945b706248c53a01c1b45bfdce php-debuginfo-5.1.6-3.el4s1.5.i386.rpm f35f870ec7d08950d8e62ce9525c4c70 php-devel-5.1.6-3.el4s1.5.i386.rpm 23e2fd214a78125b380c59dce8b866cc php-gd-5.1.6-3.el4s1.5.i386.rpm ffca8a8be48b47ac67d3dafe706a17c6 php-imap-5.1.6-3.el4s1.5.i386.rpm 4c1f239d32b5e6ae2e26198116a2df40 php-ldap-5.1.6-3.el4s1.5.i386.rpm 4ab5f2d77d903027e47cde5ce2b00391 php-mbstring-5.1.6-3.el4s1.5.i386.rpm 70f18b061ad856f91d752afc602321fb php-mysql-5.1.6-3.el4s1.5.i386.rpm dc8653b119d187f4502ea7768d0b4df3 php-ncurses-5.1.6-3.el4s1.5.i386.rpm eaeeb0c20afcc2f6092f2ee86026b289 php-odbc-5.1.6-3.el4s1.5.i386.rpm 8626f179feb2edf6a65592e8b7ccf4ac php-pdo-5.1.6-3.el4s1.5.i386.rpm 29394ec7b3a94bf7800984b6261645dc php-pgsql-5.1.6-3.el4s1.5.i386.rpm 1458d727cb6e7ca1f8b157e7e9e6647b php-snmp-5.1.6-3.el4s1.5.i386.rpm 2852e877c69badc913b3d45508f6174d php-soap-5.1.6-3.el4s1.5.i386.rpm 83fc3d913035f739d9f467760141131a php-xml-5.1.6-3.el4s1.5.i386.rpm 72e4d8d62154edd162e302e4ef998237 php-xmlrpc-5.1.6-3.el4s1.5.i386.rpm

x86_64: 9febc8aa7713fcc6e6d782e8cfad8b6b php-5.1.6-3.el4s1.5.x86_64.rpm a50b99d084118534a60713dc7072bfe8 php-bcmath-5.1.6-3.el4s1.5.x86_64.rpm ec1c3659254920ee751528b70048dc8f php-cli-5.1.6-3.el4s1.5.x86_64.rpm a5d8daf2c536b025cc7916c93b29dba9 php-common-5.1.6-3.el4s1.5.x86_64.rpm 6759778469af7a9a70258aa3e07e57fc php-dba-5.1.6-3.el4s1.5.x86_64.rpm fdcc247456d423f893f83277525191d0 php-debuginfo-5.1.6-3.el4s1.5.x86_64.rpm f2d186ccf814a716661e05f9b9e8b968 php-devel-5.1.6-3.el4s1.5.x86_64.rpm e9ae0a6fcb0a383c5e0ccce6d5625d10 php-gd-5.1.6-3.el4s1.5.x86_64.rpm 007ccf652a68a291f02ea20a64b17c19 php-imap-5.1.6-3.el4s1.5.x86_64.rpm e3438ac7fa45ec4d18c5b440e6ab8b51 php-ldap-5.1.6-3.el4s1.5.x86_64.rpm 2ff48b915dd6a96e0218fbd22eb38e18 php-mbstring-5.1.6-3.el4s1.5.x86_64.rpm a7249f1c5007a3cbaa1db03db1947e08 php-mysql-5.1.6-3.el4s1.5.x86_64.rpm 6bca262f258fa401f85ba494b2c31e6f php-ncurses-5.1.6-3.el4s1.5.x86_64.rpm f0300356cfa9a0ec53f06b22bf9831bc php-odbc-5.1.6-3.el4s1.5.x86_64.rpm cc1d0f4eb90a42bf2b97c901dc7e675e php-pdo-5.1.6-3.el4s1.5.x86_64.rpm 281e15be5c482bf80b9b364baa18c464 php-pgsql-5.1.6-3.el4s1.5.x86_64.rpm 5974ebe042e427a9bb63ebc3efd0e503 php-snmp-5.1.6-3.el4s1.5.x86_64.rpm 5504e7372468eb793607c7050109a7c9 php-soap-5.1.6-3.el4s1.5.x86_64.rpm ec5eeca15244e5e676c2dd438bc4add0 php-xml-5.1.6-3.el4s1.5.x86_64.rpm 55e2405c3136cd7ba733391770d8e4ba php-xmlrpc-5.1.6-3.el4s1.5.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2007-0906 https://www.cve.org/CVERecord?id=CVE-2007-0907 https://www.cve.org/CVERecord?id=CVE-2007-0908 https://www.cve.org/CVERecord?id=CVE-2007-0909 https://www.cve.org/CVERecord?id=CVE-2007-0910 https://www.cve.org/CVERecord?id=CVE-2007-0988 https://access.redhat.com/security/updates/classification#important

Package List


Severity
important
Lowest
Low
Medium
High
Critical

Advisory ID: RHSA-2007:0088-01
Issue date: 2007-02-22
Updated on: 2007-02-22
Product: Red Hat Application Stack

Topic

Relevant Releases Architectures

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64

Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here