Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -6 articles for you...
89
security advisoryfedoraupdateFedora 23: 2016-b4896f20b3 Critical: Roundcubemail Mail Function Issues
**Version 1.2.3** - Searching in both contacts and groups when LDAP addressbook with group_filters option is used - Fix vulnerability in handling of mail()'s 5th argument - Fix To: header encoding in mail sent with mail() method (#5475) - Fix flickering of header topline in min-mode (#5426) - Fix bug where folders list would scroll to top when clicking on subscription checkbox (#5447) - Fix. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-b4896f20b3 2016-12-13 17:09:03.159312 -------------------------------------------------------------------------------- Name : roundcubemail Product : Fedora 23 Version : 1.2.3 Release : 1.fc23 URL : https://roundcube.net/ Summary : Round Cube Webmail is a browser-based multilingual IMAP client Description : RoundCube Webmail is a browser-based multilingual IMAP client with an application-like user interface. It provides full functionality you expect from an e-mail client, including MIME support, address book, folder manipulation, message searching and spell checking. RoundCube Webmail is written in PHP and requires a database: MySQL, PostgreSQL and SQLite are known to work. The user interface is fully skinnable using XHTML and CSS 2. -------------------------------------------------------------------------------- Update Information: **Version 1.2.3** - Searching in both contacts and groups when LDAP addressbook with group_filters option is used - Fix vulnerability in handling of mail()'s 5th argument - Fix To: header encoding in mail sent with mail() method (#5475) - Fix flickering of header topline in min-mode (#5426) - Fix bug where folderslist would scroll to top when clicking on subscription checkbox (#5447) - Fix decoding of GB2312/GBK text when iconv is not installed (#5448) - Fix regression where creation of default folders wasn't functioning without prefix (#5460) - Enigma: Fix bug where last records on keys list were hidden (#5461) - Enigma: Fix key search withkeyword containing non-ascii characters (#5459) - Fix bug where deleting folders with subfolders could fail in some cases (#5466) - Fix bug where IMAP password could be exposed via error message (#5472) - Fix bug where it wasn't possible to store more that 2MB objects in memcache/apc, Added memcache_max_allowed_packet and apc_max_allowed_packet settings (#5452) - Fix "Illegal string offset" warning in rcube::log_bug() on PHP 7.1 (#5508) - Fix storing "empty" values in rcube_cache/rcube_cache_shared (#5519) - Fix missing content check when image resize fails on attachment thumbnail generation (#5485) - Fix displaying attached images with wrong Content-Type specified (#5527) -------------------------------------------------------------------------------- References: [ 1 ] Bug #1403177 - CVE-2016-9920 roundcubemail: Code execution via mail() https://bugzilla.redhat.com/show_bug.cgi?id=1403177 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade roundcubemail' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list --
Dec 14, 2016
•Critical
Fedora
98
security advisoryunauthorized accessRed HatRed Hat: RHSA-2002:213-06 Critical: PHP Mail Function Access Issue
PHP versions up to and including 4.2.2 contain vulnerabilities in the mail()function allowing local script authors to bypass safe mode restrictionsand possibly allowing remote attackers to insert arbitrary mail headers andcontent into the message.. --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: New PHP packages fix vulnerability in mail function Advisory ID: RHSA-2002:213-06 Issue date: 2002-11-11 Updated on: 2002-11-11 Product: Red Hat Linux Keywords: mail PHP safemode Cross references: Obsoletes: RHSA-2002:102 CVE Names: CAN-2002-0985 CAN-2002-0986 --------------------------------------------------------------------- 1. Topic: PHP versions up to and including 4.2.2 contain vulnerabilities in the mail() function allowing local script authors to bypass safe mode restrictions and possibly allowing remote attackers to insert arbitrary mail headers and content into the message. 2. Relevant releases/architectures: Red Hat Linux 7.0 - alpha, i386 Red Hat Linux 7.1 - alpha, i386, ia64 Red Hat Linux 7.2 - i386, ia64 Red Hat Linux 7.3 - i386 3. Problem description: PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA (such as Sendmail) in the fifth argument to mail(), altering MTA behavior and possibly executing arbitrary local commands. The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy." Script authors should note that all input data should be checked for unsafe data by any PHP scripts which call functions such as mail(). Note that this PHP errata, as did RHSA-2002:102, enforces memory limitson the size of the PHP process to prevent a badly generated script from becoming a possible source for a denial of service attack. The default process size is 8MB, though you can adjust this as you deem necessary through the php.ini directive memory_limit. For example, to change the process memory limit to 4MB, add the following: memory_limit 4194304 Important Note: There are special instructions you should follow regarding your /etc/php.ini configuration file in the "Solution" section below. 4. Solution: Note that the /etc/php.ini configuration file is not replaced or overwritten. You should carefully review your configuration file and adapt it to your server or service functions. Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Linux 7.0: SRPMS: alpha: i386: Red Hat Linux 7.1: SRPMS: alpha: i386: ia64: Red Hat Linux 7.2: SRPMS: i386: ia64: Red Hat Linux 7.3: SRPMS: i386: 6. Verification: MD5 sum PackageName -------------------------------------------------------------------------- 90485525497c469a4ebad9f4cdb12df8 7.0/en/os/SRPMS/php-4.1.2-7.0.6.src.rpm 084a7d46f430c3bbebb166e4e7dafccc 7.0/en/os/alpha/php-4.1.2-7.0.6.alpha.rpm 94633a4880759a222f2bf80e8e819279 7.0/en/os/alpha/php-devel-4.1.2-7.0.6.alpha.rpm 95bb88ac38275e294c1050ac8997ca78 7.0/en/os/alpha/php-imap-4.1.2-7.0.6.alpha.rpm 06478932240a2aae3c248393c206ac18 7.0/en/os/alpha/php-ldap-4.1.2-7.0.6.alpha.rpm 8ffee623bf1079478a2f8e0b3bc51e08 7.0/en/os/alpha/php-manual-4.1.2-7.0.6.alpha.rpm 9794474d1998299e5cbf87f43fad84f4 7.0/en/os/alpha/php-mysql-4.1.2-7.0.6.alpha.rpm 3c9b5bd9d7018979f5e6922ac4c8b281 7.0/en/os/alpha/php-odbc-4.1.2-7.0.6.alpha.rpm dd9307df88f26af9ca98ccd8eb9cb4a1 7.0/en/os/alpha/php-pgsql-4.1.2-7.0.6.alpha.rpm e88fc66b1bc54caa9e11c95b81fac09c 7.0/en/os/alpha/php-snmp-4.1.2-7.0.6.alpha.rpm 2087ee40822db5d1e15ad45d0a6927a0 7.0/en/os/i386/php-4.1.2-7.0.6.i386.rpm 1f890ae3e3811b0937d5d0fd75d80008 7.0/en/os/i386/php-devel-4.1.2-7.0.6.i386.rpm a198cd678bc2769ff4c90c85132a8377 7.0/en/os/i386/php-imap-4.1.2-7.0.6.i386.rpm 19a42e427909ae7e70d48df284916c8a 7.0/en/os/i386/php-ldap-4.1.2-7.0.6.i386.rpm 886ce44baff31734f86fb6edb8b48f84 7.0/en/os/i386/php-manual-4.1.2-7.0.6.i386.rpm dedcbf8e54013deb1acb32fed15d54ee 7.0/en/os/i386/php-mysql-4.1.2-7.0.6.i386.rpm 71dde819dad0e0f64b38eba29da5d886 7.0/en/os/i386/php-odbc-4.1.2-7.0.6.i386.rpm a8c53e2406a1030570f56ea638929c1b 7.0/en/os/i386/php-pgsql-4.1.2-7.0.6.i386.rpm 1beb7c51989d53d7c69f9789cc66f9f4 7.0/en/os/i386/php-snmp-4.1.2-7.0.6.i386.rpm 6aa08613e86ec4b0751ecef7c59dd776 7.1/en/os/SRPMS/php-4.1.2-7.1.6.src.rpm c998281ee18aa0eca71f2016389303df 7.1/en/os/alpha/php-4.1.2-7.1.6.alpha.rpm 9d84c486e9a3ba7cc06ded6266fec4cd 7.1/en/os/alpha/php-devel-4.1.2-7.1.6.alpha.rpm 535159e4058e4071da35b7aca17480d9 7.1/en/os/alpha/php-imap-4.1.2-7.1.6.alpha.rpm 4da8201f746aef01814a65ab91de11cb 7.1/en/os/alpha/php-ldap-4.1.2-7.1.6.alpha.rpm b1ee6cd91a2bc9419360fb8e19db37997.1/en/os/alpha/php-manual-4.1.2-7.1.6.alpha.rpm 6915c0b726d8e940aa9ea1186e7fac01 7.1/en/os/alpha/php-mysql-4.1.2-7.1.6.alpha.rpm 2ad85a017151c67500274b705eb63068 7.1/en/os/alpha/php-odbc-4.1.2-7.1.6.alpha.rpm 55e772bb4fa8a0c4f374fa765bc4dd50 7.1/en/os/alpha/php-pgsql-4.1.2-7.1.6.alpha.rpm 473568869164589f88e3ab6b5ccfd740 7.1/en/os/alpha/php-snmp-4.1.2-7.1.6.alpha.rpm 5dc6df9aea830c63e53de060f09eab35 7.1/en/os/i386/php-4.1.2-7.1.6.i386.rpm 50e5e688c8b96b39aabc60fb21c31117 7.1/en/os/i386/php-devel-4.1.2-7.1.6.i386.rpm 453ae087a6c61ebf2243438721f38f76 7.1/en/os/i386/php-imap-4.1.2-7.1.6.i386.rpm a3e13d3311c0e42f8afdc8bcc5d6febb 7.1/en/os/i386/php-ldap-4.1.2-7.1.6.i386.rpm 439133a1fbc04fbf416c0969192f8863 7.1/en/os/i386/php-manual-4.1.2-7.1.6.i386.rpm 585169e96d346ef0b40f31a3e8a10acf 7.1/en/os/i386/php-mysql-4.1.2-7.1.6.i386.rpm 3a10578944aa7f8b3644161f80cc508b 7.1/en/os/i386/php-odbc-4.1.2-7.1.6.i386.rpm 86289d09f17a996bb2ba10195f19e4db 7.1/en/os/i386/php-pgsql-4.1.2-7.1.6.i386.rpm f1d0a3e7b156cfc1456e530bed0f24d9 7.1/en/os/i386/php-snmp-4.1.2-7.1.6.i386.rpm 756fb7a0f1cf9e553336985b457ca031 7.1/en/os/ia64/php-4.1.2-7.1.6.ia64.rpm adf1441f6531bcbf4c28099ea6b2b043 7.1/en/os/ia64/php-devel-4.1.2-7.1.6.ia64.rpm 1ffbe521674b69e4dd803f83ff93fd11 7.1/en/os/ia64/php-imap-4.1.2-7.1.6.ia64.rpm a73a8d1442eb3ddfe4d04ab1f5fa5537 7.1/en/os/ia64/php-ldap-4.1.2-7.1.6.ia64.rpm e223b0684b29a924517f805d8058c51f 7.1/en/os/ia64/php-manual-4.1.2-7.1.6.ia64.rpm 854ee2456eaa097a5d1a982ab700fb52 7.1/en/os/ia64/php-mysql-4.1.2-7.1.6.ia64.rpm b403ad7a65003754915a2d69d227bfba 7.1/en/os/ia64/php-odbc-4.1.2-7.1.6.ia64.rpm de9880f7bb9be4b2d762d3a1f0a904c5 7.1/en/os/ia64/php-pgsql-4.1.2-7.1.6.ia64.rpm 2daf7b792b1c7e31d9e67738a1f25ddc 7.1/en/os/ia64/php-snmp-4.1.2-7.1.6.ia64.rpm d1200bf5bb11f41a2d7cfccb7e81a546 7.2/en/os/SRPMS/php-4.1.2-7.2.6.src.rpm 6878faca22f015da9f3f68ac568b13d9 7.2/en/os/i386/php-4.1.2-7.2.6.i386.rpm cee00c2d2a4cee6e8b6c3c8f37ea89fe 7.2/en/os/i386/php-devel-4.1.2-7.2.6.i386.rpm 557c9f75d8fbdf6e06154cd4fa97002e7.2/en/os/i386/php-imap-4.1.2-7.2.6.i386.rpm e4814351b9db60cb7d7b8801eb543e1d 7.2/en/os/i386/php-ldap-4.1.2-7.2.6.i386.rpm a74aca25eef4838c4aa56722e7c59213 7.2/en/os/i386/php-manual-4.1.2-7.2.6.i386.rpm f393631c119c73e78ea1a441229f6a34 7.2/en/os/i386/php-mysql-4.1.2-7.2.6.i386.rpm a59dc41370ce0a1867ec603567e75c91 7.2/en/os/i386/php-odbc-4.1.2-7.2.6.i386.rpm 9db516d929d817375e5df1e65cec8874 7.2/en/os/i386/php-pgsql-4.1.2-7.2.6.i386.rpm 57a7738197dec4bdc49ddf164b1f8ee7 7.2/en/os/i386/php-snmp-4.1.2-7.2.6.i386.rpm f57ed9a83fe2205b500c3c604bc4b50e 7.2/en/os/ia64/php-4.1.2-7.2.6.ia64.rpm c21dbae091815b81de1b2cb88e5b2088 7.2/en/os/ia64/php-devel-4.1.2-7.2.6.ia64.rpm 578792bfed2b1cacae39ab44072cac2a 7.2/en/os/ia64/php-imap-4.1.2-7.2.6.ia64.rpm cd49f2ac0192b8da16ee98386641dc99 7.2/en/os/ia64/php-ldap-4.1.2-7.2.6.ia64.rpm 684f534069f2c533e08d83c54c7a7946 7.2/en/os/ia64/php-manual-4.1.2-7.2.6.ia64.rpm 0c270888c9c049335e3e4d907b97841c 7.2/en/os/ia64/php-mysql-4.1.2-7.2.6.ia64.rpm 90a15b51bf3f14bb19a53b7efd90c239 7.2/en/os/ia64/php-odbc-4.1.2-7.2.6.ia64.rpm 95835a51257fb5b337e335f635654bdd 7.2/en/os/ia64/php-pgsql-4.1.2-7.2.6.ia64.rpm 2d7b408823c692d8b347a4a280dc1b9e 7.2/en/os/ia64/php-snmp-4.1.2-7.2.6.ia64.rpm 49856911f9172d859529190d65358953 7.3/en/os/SRPMS/php-4.1.2-7.3.6.src.rpm d541da613f5eae7b3f153b0622099b5f 7.3/en/os/i386/php-4.1.2-7.3.6.i386.rpm 8d08d1daae515fd1516bee5fef782fa9 7.3/en/os/i386/php-devel-4.1.2-7.3.6.i386.rpm d2a49ba3a04906a01a9e3ea01ebe7013 7.3/en/os/i386/php-imap-4.1.2-7.3.6.i386.rpm ec745cc76cd4f01f095d3dd8b1fb8683 7.3/en/os/i386/php-ldap-4.1.2-7.3.6.i386.rpm 2cb508396bd1d00e831f996644166df2 7.3/en/os/i386/php-manual-4.1.2-7.3.6.i386.rpm 8b6d67c4984cd5331e20e40813ecf9dd 7.3/en/os/i386/php-mysql-4.1.2-7.3.6.i386.rpm 3915f34de79134e5c471893516462b75 7.3/en/os/i386/php-odbc-4.1.2-7.3.6.i386.rpm e95d036edde0c536ef70bd9d43d29ef0 7.3/en/os/i386/php-pgsql-4.1.2-7.3.6.i386.rpm ed7d6075641acb74f3c3a59f929bcc63 7.3/en/os/i386/php-snmp-4.1.2-7.3.6.i386.rpm These packages are GPG signed by Red Hat, Inc. forsecurity. Our key is available at About You can verify each package with the following command: rpm --checksig -v If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: md5sum 7. References: http://marc.theaimsgroup.com/?l=bugtraq&m=103011916928204 CVE -CVE-2002-0985 CVE -CVE-2002-0986 8. Contact: The Red Hat security contact is . More contact details at All Red Hat products Copyright(c) 2000, 2001, 2002 Red Hat, Inc. . New Python modules introduced by Canonical address vulnerabilities in file handling that might result in unapproved access.. PHP Mail Security, Red Hat Advisory, PHP Vulnerability, PHP Access Control. . Severity: Critical. LinuxSecurity.com Team
Nov 11, 2002
•Critical
Red Hat
98
security advisoryRed HatcriticalRed Hat 7.x RHSA-2002:102-26 Critical: PHP Mail Command Risk
PHP versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse the 5th parameter to the mail() function. This vulnerability allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.. --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: New PHP packages fix vulnerability in safemode Advisory ID: RHSA-2002:102-26 Issue date: 2002-05-27 Updated on: 2002-08-19 Product: Red Hat Linux Keywords: mail PHP safemode 5th parameter Cross references: Obsoletes: RHSA-2002:035 CVE Names: CAN-2001-1246 --------------------------------------------------------------------- 1. Topic: PHP versions earlier than 4.1.0 contain a vulnerability that could allow arbitrary commands to be executed. 2. Relevant releases/architectures: Red Hat Linux 7.0 - alpha, i386 Red Hat Linux 7.1 - alpha, i386, ia64 Red Hat Linux 7.2 - i386, ia64 Red Hat Linux 7.3 - i386 3. Problem description: PHP is an HTML-embedded scripting language commonly used with Apache. PHP versions 4.0.5 through 4.1.0 in safe mode do not properly cleanse the 5th parameter to the mail() function. This vulnerability allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2001-1246 to this issue. Red Hat Linux version 7.2 shipped with PHP 4.0.6 by default, which is vulnerable to this issue. Versions of Red Hat Linux before 7.2 shipped with an earlier version of PHP not vulnerable to this issue. However, if the the most recent errata (RHSA-2002:035) was applied to these systems, then they *are* vulnerable and should be upgraded. It is highly recommended that all users of PHP upgrade to these errata packages, which are not vulnerable to this issue. Please Note: This PHP errata enforces memory limits on the size of the PHPprocess to prevent a badly generated script from becoming a possible source for a denial of service attack. The default process size is 8Mb though you can adjust this as you deem necessary thought the php.ini directive memory_limit. For example, to change the process memory limit to 4MB, add the following: memory_limit 4194304 Important Note: There are special instructions you should follow regarding your /etc/php.ini configuration file in the Solution section below. 4. Solution: Please note that the /etc/php.ini configuration file is not replaced or overwritten. You should carefully review your configuration file and adapt it to your server or service functions. Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. RPMs required: Red Hat Linux 7.0: SRPMS: alpha: i386: Red Hat Linux 7.1: SRPMS: alpha: i386: ia64: Red Hat Linux 7.2: SRPMS: i386: ia64: Red Hat Linux 7.3: SRPMS: i386: 6. Verification: MD5 sum PackageName -------------------------------------------------------------------------- a2ee962d03d4a66d8b4f064aa7bc4596 7.0/en/os/SRPMS/php-4.1.2-7.0.3.src.rpm 750e7b91eb1b948c1ada6b6e14745019 7.0/en/os/alpha/php-4.1.2-7.0.3.alpha.rpm 7e8630c06b5387206308b2d58d3d2e27 7.0/en/os/alpha/php-devel-4.1.2-7.0.3.alpha.rpm e99a263708ed7344d6b0dca89a7bedd7 7.0/en/os/alpha/php-imap-4.1.2-7.0.3.alpha.rpm f9383dea9e04cb29329d40703e83dc9d 7.0/en/os/alpha/php-ldap-4.1.2-7.0.3.alpha.rpm 37f80225c1bc981140ff08b675333f44 7.0/en/os/alpha/php-manual-4.1.2-7.0.3.alpha.rpm 322b0acb43409534b969741d1059158f 7.0/en/os/alpha/php-mysql-4.1.2-7.0.3.alpha.rpm 244f984a506cb4e4ba8ede42d52890ad 7.0/en/os/alpha/php-odbc-4.1.2-7.0.3.alpha.rpm 5cd223c968ba2dd19e6851ab2b650edd 7.0/en/os/alpha/php-pgsql-4.1.2-7.0.3.alpha.rpm ee25efa287c33c897141564a21ce3f25 7.0/en/os/alpha/php-snmp-4.1.2-7.0.3.alpha.rpm df35c9aeaf9c254b0489d173ecc7d248 7.0/en/os/i386/php-4.1.2-7.0.3.i386.rpm e7a51b96b17f65471d7e900af418405b 7.0/en/os/i386/php-devel-4.1.2-7.0.3.i386.rpm b30b20df764294804528efad22a9a232 7.0/en/os/i386/php-imap-4.1.2-7.0.3.i386.rpm 524665531d576c6e8dbe4ca0588138a0 7.0/en/os/i386/php-ldap-4.1.2-7.0.3.i386.rpm 6e7c5348752eff801507a5474bc523f8 7.0/en/os/i386/php-manual-4.1.2-7.0.3.i386.rpm 9ffd7688ed63a65dc2ba45a39775dfac 7.0/en/os/i386/php-mysql-4.1.2-7.0.3.i386.rpm 97270c6acfb9a7b81b2640fc233d2a80 7.0/en/os/i386/php-odbc-4.1.2-7.0.3.i386.rpm 42760e93ad046f1d355a48b0d65d5506 7.0/en/os/i386/php-pgsql-4.1.2-7.0.3.i386.rpm 8775b297d5b31e0637ba408ffbc35fcf 7.0/en/os/i386/php-snmp-4.1.2-7.0.3.i386.rpm 22eb1586d39c15f391289576cc86df48 7.1/en/os/SRPMS/php-4.1.2-7.1.3.src.rpm a21ba4abbf2316c753f8e52e6e47f002 7.1/en/os/alpha/php-4.1.2-7.1.3.alpha.rpm 059fafb0eced5dfe9cecf9150f8ecdff 7.1/en/os/alpha/php-devel-4.1.2-7.1.3.alpha.rpm e912f96d952301e59ee292e6a09c5d17 7.1/en/os/alpha/php-imap-4.1.2-7.1.3.alpha.rpm 3d01db9cd6c18387fc86bad872f19996 7.1/en/os/alpha/php-ldap-4.1.2-7.1.3.alpha.rpm b02be8a598b1e35847a5717691cfd4eb7.1/en/os/alpha/php-manual-4.1.2-7.1.3.alpha.rpm 509faf7624f199aa0998608a01067d11 7.1/en/os/alpha/php-mysql-4.1.2-7.1.3.alpha.rpm 89bc30f6f02235261235758419615d85 7.1/en/os/alpha/php-odbc-4.1.2-7.1.3.alpha.rpm 7c88ce1fb8060de300ea6575324b9964 7.1/en/os/alpha/php-pgsql-4.1.2-7.1.3.alpha.rpm f1a0ef5807f55c6df45002feff5be0aa 7.1/en/os/alpha/php-snmp-4.1.2-7.1.3.alpha.rpm 0e91ea0f81ad8f2e3c14d9599efc864b 7.1/en/os/i386/php-4.1.2-7.1.3.i386.rpm c8f574834d7acbda486119f52ee0b0d7 7.1/en/os/i386/php-devel-4.1.2-7.1.3.i386.rpm beaa1ce1217afc83cdeebfba9163c7c1 7.1/en/os/i386/php-imap-4.1.2-7.1.3.i386.rpm 41fcabdc59a3f417623dc9c963a6b45d 7.1/en/os/i386/php-ldap-4.1.2-7.1.3.i386.rpm 9dfb36f4ded01b1d94387a1ac9f87a76 7.1/en/os/i386/php-manual-4.1.2-7.1.3.i386.rpm 60e4469799954c8a36632fc2e753de11 7.1/en/os/i386/php-mysql-4.1.2-7.1.3.i386.rpm b74c269986aaa4ba4f3f149efbc611da 7.1/en/os/i386/php-odbc-4.1.2-7.1.3.i386.rpm a043736dd3ae42823bc1e608c50aee97 7.1/en/os/i386/php-pgsql-4.1.2-7.1.3.i386.rpm 6a12c67b6f383d498eef598b193775ad 7.1/en/os/i386/php-snmp-4.1.2-7.1.3.i386.rpm 87ad9a08a1fd3a835581c266639d0d87 7.1/en/os/ia64/php-4.1.2-7.1.3.ia64.rpm e74adc2cfeefeb9522244410bac2db38 7.1/en/os/ia64/php-devel-4.1.2-7.1.3.ia64.rpm ff472ad79eca51960a3b0286e5bdf48d 7.1/en/os/ia64/php-imap-4.1.2-7.1.3.ia64.rpm 009f887ea1e3168e031605055c73e44e 7.1/en/os/ia64/php-ldap-4.1.2-7.1.3.ia64.rpm da6c1c091989de604f316c48a4c4b757 7.1/en/os/ia64/php-manual-4.1.2-7.1.3.ia64.rpm c11d30cd25d2565ba941857e3a60a7a2 7.1/en/os/ia64/php-mysql-4.1.2-7.1.3.ia64.rpm 166f9ac22b4faf7e4aab0495d1a1467c 7.1/en/os/ia64/php-odbc-4.1.2-7.1.3.ia64.rpm ce1c8f7f04c6d150c20210d2071a88b6 7.1/en/os/ia64/php-pgsql-4.1.2-7.1.3.ia64.rpm ff02ebff8b568a476e7d2469a5db901a 7.1/en/os/ia64/php-snmp-4.1.2-7.1.3.ia64.rpm 17767caa1c540ae7467032b507dc537b 7.2/en/os/SRPMS/php-4.1.2-7.2.3.src.rpm 5ee69c9773909727327b52ac257f9c7f 7.2/en/os/i386/php-4.1.2-7.2.3.i386.rpm 7660b8e758d56a6b176ecfc9b511e0f1 7.2/en/os/i386/php-devel-4.1.2-7.2.3.i386.rpm 0fcdfc60bdb7984f676f1f1433307f027.2/en/os/i386/php-imap-4.1.2-7.2.3.i386.rpm 422f4977bf916c14ade9b1f508279f5a 7.2/en/os/i386/php-ldap-4.1.2-7.2.3.i386.rpm 69f78016ffdbde0b250548d04653a78e 7.2/en/os/i386/php-manual-4.1.2-7.2.3.i386.rpm d50c9c8054bb98eb18b2233392c7791f 7.2/en/os/i386/php-mysql-4.1.2-7.2.3.i386.rpm c9a434dec3de1aa47a43f8fe1977eab1 7.2/en/os/i386/php-odbc-4.1.2-7.2.3.i386.rpm 8a9781796430c4c11b490e8bfe9aa1d1 7.2/en/os/i386/php-pgsql-4.1.2-7.2.3.i386.rpm f5feae57a884690a8c20098938371af8 7.2/en/os/i386/php-snmp-4.1.2-7.2.3.i386.rpm 716e0dd9ea1049c4c38957120d41aaf5 7.2/en/os/ia64/php-4.1.2-7.2.3.ia64.rpm 42702bc5eef0a42b2be3b6562ff48a73 7.2/en/os/ia64/php-devel-4.1.2-7.2.3.ia64.rpm a9bf2a4cca701b9fe83c5f6e9e9ae4e2 7.2/en/os/ia64/php-imap-4.1.2-7.2.3.ia64.rpm 18ae95909ca09ec897e313828b9d3eb8 7.2/en/os/ia64/php-ldap-4.1.2-7.2.3.ia64.rpm 6223f95f7279913fde43c992fe17301a 7.2/en/os/ia64/php-manual-4.1.2-7.2.3.ia64.rpm 649c0fa4c72ac1bb9e08c935dba3ce7d 7.2/en/os/ia64/php-mysql-4.1.2-7.2.3.ia64.rpm 0ce6494f01975351bd926beec07c3a7f 7.2/en/os/ia64/php-odbc-4.1.2-7.2.3.ia64.rpm 7fd8108c6fa9f553516dfb4c6d857cf0 7.2/en/os/ia64/php-pgsql-4.1.2-7.2.3.ia64.rpm 53377d928d58310481097ae001689da8 7.2/en/os/ia64/php-snmp-4.1.2-7.2.3.ia64.rpm 91f6379bc8ada6024971b80c6d553cca 7.3/en/os/SRPMS/php-4.1.2-7.3.3.src.rpm 236c34f6696dfce574270e05f53d863b 7.3/en/os/i386/php-4.1.2-7.3.3.i386.rpm b1d20691d59cd9cef8b0e6671099c216 7.3/en/os/i386/php-devel-4.1.2-7.3.3.i386.rpm 34e57c7bc9ea368f9d4e32a1e2d1e908 7.3/en/os/i386/php-imap-4.1.2-7.3.3.i386.rpm 1fdc4d0de35fc93e66ec6601b8b32b03 7.3/en/os/i386/php-ldap-4.1.2-7.3.3.i386.rpm 02d02c10053f3738e13180520af22b1c 7.3/en/os/i386/php-manual-4.1.2-7.3.3.i386.rpm 98e8d5b9458d5dc26d57c5216e7d0877 7.3/en/os/i386/php-mysql-4.1.2-7.3.3.i386.rpm 9fb7dc54903aae71b907b4f86544e80e 7.3/en/os/i386/php-odbc-4.1.2-7.3.3.i386.rpm c664feafa07b2b1f754e0cc37bcc0eeb 7.3/en/os/i386/php-pgsql-4.1.2-7.3.3.i386.rpm c1de92828fedb0e88ed73a6ba4c94303 7.3/en/os/i386/php-snmp-4.1.2-7.3.3.i386.rpm These packages are GPG signed by Red Hat, Inc. forsecurity. Our key is available at: About You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 7. References: CVE -CVE-2001-1246 Copyright(c) 2000, 2001, 2002 Red Hat, Inc. . The latest enhancements to the PHP module in Fedora tackle a serious vulnerability in the mail functionality that permitted unapproved command execution.. PHP Security, Red Hat Advisory, Mail Function Risk, Command Execution. . Severity: Critical. LinuxSecurity.com Team
Aug 20, 2002
•Critical
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!