Before applying this update, make sure all previously released errata
relevant to your system have been applied.
This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
5. Bug IDs fixed (http://bugzilla.redhat.com/):
150778 - issue in fix for CAN-2004-1019
172207 - CVE-2005-3390 PHP register globals arbitrary code execution
172209 - CVE-2005-3389 PHP parse_str can enable register_globals
172212 - CVE-2005-3388 PHP phpinfo() XSS attack
6. RPMs required:
Red Hat Enterprise Linux AS (Advanced Server) version 2.1:
SRPMS:
5886716b98a26c634a47ccdae93b2376 php-4.1.2-2.3.src.rpm
i386:
1307e0df5575fe3fe0f504fa856a5213 php-4.1.2-2.3.i386.rpm
d13142fa106a04e49b2ad3e072a553bb php-devel-4.1.2-2.3.i386.rpm
02289114da87f3ab414635cabfa9aa4e php-imap-4.1.2-2.3.i386.rpm
b6cc703eecf0a75bd51ada87c24086e9 php-ldap-4.1.2-2.3.i386.rpm
cdb35266ca56df967ff79faa39043fe3 php-manual-4.1.2-2.3.i386.rpm
18684ae7a20e829f7c3f6858028df123 php-mysql-4.1.2-2.3.i386.rpm
10c39ba29c0e04bf23fa05f4fb068334 php-odbc-4.1.2-2.3.i386.rpm
e531eea461e475eef5f282d345335a9c php-pgsql-4.1.2-2.3.i386.rpm
ia64:
d0d09ee077240bf6cc9b183dba8a262a php-4.1.2-2.3.ia64.rpm
9e8911159b49c09d1c8c4ac0a76b0c5f php-devel-4.1.2-2.3.ia64.rpm
72a8934072f5998304da4da594839ec2 php-imap-4.1.2-2.3.ia64.rpm
29c9dfebe06c8990d7f25bd121233bb6 php-ldap-4.1.2-2.3.ia64.rpm
e8c417f675129a4ae2253c1b7425a998 php-manual-4.1.2-2.3.ia64.rpm
5942a9f44723e1ba0a6514f9a29a409a php-mysql-4.1.2-2.3.ia64.rpm
5bddd0395d572dd424fa5809c4cd1be3 php-odbc-4.1.2-2.3.ia64.rpm
ddf9f178c22cd9b785ef6393c3067bcd php-pgsql-4.1.2-2.3.ia64.rpm
Red Hat Linux Advanced Workstation 2.1:
SRPMS:
5886716b98a26c634a47ccdae93b2376 php-4.1.2-2.3.src.rpm
ia64:
d0d09ee077240bf6cc9b183dba8a262a php-4.1.2-2.3.ia64.rpm
9e8911159b49c09d1c8c4ac0a76b0c5f php-devel-4.1.2-2.3.ia64.rpm
72a8934072f5998304da4da594839ec2 php-imap-4.1.2-2.3.ia64.rpm
29c9dfebe06c8990d7f25bd121233bb6 php-ldap-4.1.2-2.3.ia64.rpm
e8c417f675129a4ae2253c1b7425a998 php-manual-4.1.2-2.3.ia64.rpm
5942a9f44723e1ba0a6514f9a29a409a php-mysql-4.1.2-2.3.ia64.rpm
5bddd0395d572dd424fa5809c4cd1be3 php-odbc-4.1.2-2.3.ia64.rpm
ddf9f178c22cd9b785ef6393c3067bcd php-pgsql-4.1.2-2.3.ia64.rpm
Red Hat Enterprise Linux ES version 2.1:
SRPMS:
5886716b98a26c634a47ccdae93b2376 php-4.1.2-2.3.src.rpm
i386:
1307e0df5575fe3fe0f504fa856a5213 php-4.1.2-2.3.i386.rpm
d13142fa106a04e49b2ad3e072a553bb php-devel-4.1.2-2.3.i386.rpm
02289114da87f3ab414635cabfa9aa4e php-imap-4.1.2-2.3.i386.rpm
b6cc703eecf0a75bd51ada87c24086e9 php-ldap-4.1.2-2.3.i386.rpm
cdb35266ca56df967ff79faa39043fe3 php-manual-4.1.2-2.3.i386.rpm
18684ae7a20e829f7c3f6858028df123 php-mysql-4.1.2-2.3.i386.rpm
10c39ba29c0e04bf23fa05f4fb068334 php-odbc-4.1.2-2.3.i386.rpm
e531eea461e475eef5f282d345335a9c php-pgsql-4.1.2-2.3.i386.rpm
Red Hat Enterprise Linux WS version 2.1:
SRPMS:
5886716b98a26c634a47ccdae93b2376 php-4.1.2-2.3.src.rpm
i386:
1307e0df5575fe3fe0f504fa856a5213 php-4.1.2-2.3.i386.rpm
d13142fa106a04e49b2ad3e072a553bb php-devel-4.1.2-2.3.i386.rpm
02289114da87f3ab414635cabfa9aa4e php-imap-4.1.2-2.3.i386.rpm
b6cc703eecf0a75bd51ada87c24086e9 php-ldap-4.1.2-2.3.i386.rpm
cdb35266ca56df967ff79faa39043fe3 php-manual-4.1.2-2.3.i386.rpm
18684ae7a20e829f7c3f6858028df123 php-mysql-4.1.2-2.3.i386.rpm
10c39ba29c0e04bf23fa05f4fb068334 php-odbc-4.1.2-2.3.i386.rpm
e531eea461e475eef5f282d345335a9c php-pgsql-4.1.2-2.3.i386.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/#package
https://www.cve.org/CVERecord?id=CVE-2005-3388 https://www.cve.org/CVERecord?id=CVE-2005-3389 https://www.cve.org/CVERecord?id=CVE-2005-3390
Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64
Red Hat Linux Advanced Workstation 2.1 - ia64
Red Hat Enterprise Linux ES version 2.1 - i386
Red Hat Enterprise Linux WS version 2.1 - i386
Get the latest Linux and open source security news straight to your inbox.