Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 573
Alerts This Week
Warning Icon 1 573

Scientific Linux: CVE-2012-0830 Critical: Php53 Remote Code Execution

Scientific Large Esm H446
Critical: php53 security update
Date: Fri, 3 Feb 2012 09:53:50 -0600
Reply-To: This email address is being protected from spambots. You need JavaScript enabled to view it.
Sender: Security Errata for Scientific Linux
 
From: This email address is being protected from spambots. You need JavaScript enabled to view it.
Subject: Security ERRATA Critical: php53 on SL5.x i386/x86_64
Comments: To: This email address is being protected from spambots. You need JavaScript enabled to view it.

Synopsis: Critical: php53 security update
Issue Date: 2012-02-02
CVE Numbers: CVE-2012-0830

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.

It was discovered that the fix for CVE-2011-4885 (released via in a previous
update for php53) introduced an uninitialized memory use flaw. A remote
attacker could send a specially-crafted HTTP request to cause the PHP
interpreter to crash or, possibly, execute arbitrary code. (CVE-2012-0830)

All php53 users should upgrade to these updated packages, which contain a
backported patch to resolve this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.

SL5:
 i386
 php53-5.3.3-1.el5_7.6.i386.rpm
 php53-bcmath-5.3.3-1.el5_7.6.i386.rpm
 php53-cli-5.3.3-1.el5_7.6.i386.rpm
 php53-common-5.3.3-1.el5_7.6.i386.rpm
 php53-dba-5.3.3-1.el5_7.6.i386.rpm
 php53-debuginfo-5.3.3-1.el5_7.6.i386.rpm
 php53-devel-5.3.3-1.el5_7.6.i386.rpm
 php53-gd-5.3.3-1.el5_7.6.i386.rpm
 php53-imap-5.3.3-1.el5_7.6.i386.rpm
 php53-intl-5.3.3-1.el5_7.6.i386.rpm
 php53-ldap-5.3.3-1.el5_7.6.i386.rpm
 php53-mbstring-5.3.3-1.el5_7.6.i386.rpm
 php53-mysql-5.3.3-1.el5_7.6.i386.rpm
 php53-odbc-5.3.3-1.el5_7.6.i386.rpm
 php53-pdo-5.3.3-1.el5_7.6.i386.rpm
 php53-pgsql-5.3.3-1.el5_7.6.i386.rpm
 php53-process-5.3.3-1.el5_7.6.i386.rpm
 php53-pspell-5.3.3-1.el5_7.6.i386.rpm
 php53-snmp-5.3.3-1.el5_7.6.i386.rpm
 php53-soap-5.3.3-1.el5_7.6.i386.rpm
 php53-xml-5.3.3-1.el5_7.6.i386.rpm
 php53-xmlrpc-5.3.3-1.el5_7.6.i386.rpm
 x86_64
 php53-5.3.3-1.el5_7.6.x86_64.rpm
 php53-bcmath-5.3.3-1.el5_7.6.x86_64.rpm
 php53-cli-5.3.3-1.el5_7.6.x86_64.rpm
 php53-common-5.3.3-1.el5_7.6.x86_64.rpm
 php53-dba-5.3.3-1.el5_7.6.x86_64.rpm
 php53-debuginfo-5.3.3-1.el5_7.6.x86_64.rpm
 php53-devel-5.3.3-1.el5_7.6.x86_64.rpm
 php53-gd-5.3.3-1.el5_7.6.x86_64.rpm
 php53-imap-5.3.3-1.el5_7.6.x86_64.rpm
 php53-intl-5.3.3-1.el5_7.6.x86_64.rpm
 php53-ldap-5.3.3-1.el5_7.6.x86_64.rpm
 php53-mbstring-5.3.3-1.el5_7.6.x86_64.rpm
 php53-mysql-5.3.3-1.el5_7.6.x86_64.rpm
 php53-odbc-5.3.3-1.el5_7.6.x86_64.rpm
 php53-pdo-5.3.3-1.el5_7.6.x86_64.rpm
 php53-pgsql-5.3.3-1.el5_7.6.x86_64.rpm
 php53-process-5.3.3-1.el5_7.6.x86_64.rpm
 php53-pspell-5.3.3-1.el5_7.6.x86_64.rpm
 php53-snmp-5.3.3-1.el5_7.6.x86_64.rpm
 php53-soap-5.3.3-1.el5_7.6.x86_64.rpm
 php53-xml-5.3.3-1.el5_7.6.x86_64.rpm
 php53-xmlrpc-5.3.3-1.el5_7.6.x86_64.rpm

- Scientific Linux Development Team