Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Red Hat Enterprise Linux 2.1 RHSA-2006:0682-01 Moderate: PHP Update

red hat
Calendar Grey September 21, 2006
Dist Redhat Esm H88
Newly released PHP updates for Red Hat Enterprise Linux resolve security vulnerabilities; assessed with moderate severity by Red Hat.
Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 2.1

Solution

Before applying this update, make sure all previously released errata relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

206934 - CVE-2006-4482 PHP heap overflow 206935 - metaphone() function causing Apache segfaults 206936 - CVE-2006-4486 PHP integer overflows in Zend 206937 - CVE-2006-4020 PHP buffer overread flaw 206964 - CVE-2006-3016 PHP session ID validation

6. RPMs required:

Red Hat Enterprise Linux AS (Advanced Server) version 2.1:

SRPMS: dd5bc1563b29fde5c829bdcefc39eac4 php-4.1.2-2.11.src.rpm

i386: 3a3d5e4ae4b3aa8a9320841783f543fc php-4.1.2-2.11.i386.rpm b85a26c079218ff55fe92fcf782d5be5 php-devel-4.1.2-2.11.i386.rpm 66ab7bfe501dcf33bad4a22934947e82 php-imap-4.1.2-2.11.i386.rpm 34e203aca0a2f29b4b102cc8c48c2787 php-ldap-4.1.2-2.11.i386.rpm 3752f3f4095f3262b7b119eae0ca755e php-manual-4.1.2-2.11.i386.rpm 6272d1bc3133f429d5faf55197881339 php-mysql-4.1.2-2.11.i386.rpm 9c8da08015cd2611fa59286f4ed214db php-odbc-4.1.2-2.11.i386.rpm a74c29a6916b0e01c2266a4c9f06616a php-pgsql-4.1.2-2.11.i386.rpm

ia64: 62d9ec481bee82602963c545d4ae270d php-4.1.2-2.11.ia64.rpm 6f6c5b533f079fde524c35ac4f909eb0 php-devel-4.1.2-2.11.ia64.rpm 8ac19aed8a568996ec99e5d37dbb222e php-imap-4.1.2-2.11.ia64.rpm 62f12475db39e5cb619713c1cc73e889 php-ldap-4.1.2-2.11.ia64.rpm e947e6f327da3ddca5b2db538bb44643 php-manual-4.1.2-2.11.ia64.rpm d1de9bf1cb6674b4edf391ddea0a1c52 php-mysql-4.1.2-2.11.ia64.rpm 6f2b3fe22330361b6bde789402403484 php-odbc-4.1.2-2.11.ia64.rpm 30ac774ef5e207f9a5ef0cfb10ef5ce7 php-pgsql-4.1.2-2.11.ia64.rpm

Red Hat Linux Advanced Workstation 2.1:

SRPMS: dd5bc1563b29fde5c829bdcefc39eac4 php-4.1.2-2.11.src.rpm

ia64: 62d9ec481bee82602963c545d4ae270d php-4.1.2-2.11.ia64.rpm 6f6c5b533f079fde524c35ac4f909eb0 php-devel-4.1.2-2.11.ia64.rpm 8ac19aed8a568996ec99e5d37dbb222e php-imap-4.1.2-2.11.ia64.rpm 62f12475db39e5cb619713c1cc73e889 php-ldap-4.1.2-2.11.ia64.rpm e947e6f327da3ddca5b2db538bb44643 php-manual-4.1.2-2.11.ia64.rpm d1de9bf1cb6674b4edf391ddea0a1c52 php-mysql-4.1.2-2.11.ia64.rpm 6f2b3fe22330361b6bde789402403484 php-odbc-4.1.2-2.11.ia64.rpm 30ac774ef5e207f9a5ef0cfb10ef5ce7 php-pgsql-4.1.2-2.11.ia64.rpm

Red Hat Enterprise Linux ES version 2.1:

SRPMS: dd5bc1563b29fde5c829bdcefc39eac4 php-4.1.2-2.11.src.rpm

i386: 3a3d5e4ae4b3aa8a9320841783f543fc php-4.1.2-2.11.i386.rpm b85a26c079218ff55fe92fcf782d5be5 php-devel-4.1.2-2.11.i386.rpm 66ab7bfe501dcf33bad4a22934947e82 php-imap-4.1.2-2.11.i386.rpm 34e203aca0a2f29b4b102cc8c48c2787 php-ldap-4.1.2-2.11.i386.rpm 3752f3f4095f3262b7b119eae0ca755e php-manual-4.1.2-2.11.i386.rpm 6272d1bc3133f429d5faf55197881339 php-mysql-4.1.2-2.11.i386.rpm 9c8da08015cd2611fa59286f4ed214db php-odbc-4.1.2-2.11.i386.rpm a74c29a6916b0e01c2266a4c9f06616a php-pgsql-4.1.2-2.11.i386.rpm

Red Hat Enterprise Linux WS version 2.1:

SRPMS: dd5bc1563b29fde5c829bdcefc39eac4 php-4.1.2-2.11.src.rpm

i386: 3a3d5e4ae4b3aa8a9320841783f543fc php-4.1.2-2.11.i386.rpm b85a26c079218ff55fe92fcf782d5be5 php-devel-4.1.2-2.11.i386.rpm 66ab7bfe501dcf33bad4a22934947e82 php-imap-4.1.2-2.11.i386.rpm 34e203aca0a2f29b4b102cc8c48c2787 php-ldap-4.1.2-2.11.i386.rpm 3752f3f4095f3262b7b119eae0ca755e php-manual-4.1.2-2.11.i386.rpm 6272d1bc3133f429d5faf55197881339 php-mysql-4.1.2-2.11.i386.rpm 9c8da08015cd2611fa59286f4ed214db php-odbc-4.1.2-2.11.i386.rpm a74c29a6916b0e01c2266a4c9f06616a php-pgsql-4.1.2-2.11.i386.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package

Summary

References

https://www.cve.org/CVERecord?id=CVE-2006-3016 https://www.cve.org/CVERecord?id=CVE-2006-4020 https://www.cve.org/CVERecord?id=CVE-2006-4482 https://www.cve.org/CVERecord?id=CVE-2006-4486 https://access.redhat.com/security/updates/classification#moderate

Package List


Advisory ID: RHSA-2006:0682-01
Issue date: 2006-09-21
Updated on: 2006-09-21
Product: Red Hat Enterprise Linux

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AS (Advanced Server) version 2.1 - i386, ia64

Red Hat Linux Advanced Workstation 2.1 - ia64

Red Hat Enterprise Linux ES version 2.1 - i386

Red Hat Enterprise Linux WS version 2.1 - i386

Bugs Fixed

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here