__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN PHP Security Update [Red Hat RHSA-2007:0076-3] February 21, 2007 16:00 GMT Number R-150 [REVISED 14 Mar 2007] [REVISED 15 Mar 2007] [REVISED 29 May 2007] [REVISED 29 June 2007] ______________________________________________________________________________ PROBLEM: There are a number of vulnerabilities in PHP. PLATFORM: Red Hat Desktop (v. 3, v. 4) Red Hat Enterprise Linux AS, ES, WS (v. 3, v.4) Red Hat Enterprise Linux Desktop Workstation (v. 5 client) Red Hat Enterprise Linux (v. 5 server) Debian GNU/Linux 3.1 sarge HP System Management homepage (SMH) versions prior to 2.1.8 running on Linux and Windows Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP DAMAGE: An attacker who is able to access a PHP application affected by any these issues could trigger these flaws and possibly execute arbitrary code as the 'apache' user. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is MEDIUM. An attacker who is able to access a PHP ASSESSMENT: application affected by any these issues could trigger these flaws and possibly execute arbitrary code as the 'apache' user. ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-150.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2007-0076.html ADDITIONAL LINKS: Debian Security Advisory DSA-1264-1 http://www.debian.org/security/2007/dsa-1264 Red Hat RHSA-2007:0082-5 https://rhn.redhat.com/errate/RHSA-2007-0082.html Visit Hewlett-Packard's Subscription Service for: HPSBMA02215 SSRT071423 rev. 1 HPSBTU02232 SSRT071429 rev. 1 CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 ______________________________________________________________________________ REVISION HISTORY: 03/14/2007 - revised R-150 to add a link to Debian Security Advisory DSA-1264-1 for Debian GNU/Linux 3.1 sarge. 03/15/2007 - revised R-150 to add a link to Red Hat RHSA-2007:0082-5 for Red Hat Enterprise Linux Desktop Workstation (v. 5 client) and Red Hat Enterprise Linux (v. 5 server). 05/29/2007 - revised R-150 to add a link to Hewlett-Packard HPSBMA02215 SSRT071423 rev. 1 for HP System Management homepage (SMH) versions prior to 2.1.8 running on Linux and Windows. 06/29/2007 - revised R-150 to add a link to Hewlett-Packard HPSBTU02232 SSRT071429 rev. 1 for Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP. [***** Start Red Hat RHSA-2007:0076-3 *****] Important: php security update Advisory: RHSA-2007:0076-3 Type: Security Advisory Severity: Important Issued on: 2007-02-19 Last updated on: 2007-02-19 Affected Products: Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) OVAL: com.redhat.rhsa-20070076.xml CVEs (cve.mitre.org): CVE-2007-0906 CVE-2007-0907 CVE-2007-0908 CVE-2007-0909 CVE-2007-0910 CVE-2007-0988 Details Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A number of buffer overflow flaws were found in the PHP session extension, the str_replace() function, and the imap_mail_compose() function. If very long strings under the control of an attacker are passed to the str_replace() function then an integer overflow could occur in memory allocation. If a script uses the imap_mail_compose() function to create a new MIME message based on an input body from an untrusted source, it could result in a heap overflow. An attacker who is able to access a PHP application affected by any these issues could trigger these flaws and possibly execute arbitrary code as the 'apache' user. (CVE-2007-0906) If unserializing untrusted data on 64-bit platforms, the zend_hash_init() function can be forced to enter an infinite loop, consuming CPU resources for a limited length of time, until the script timeout alarm aborts execution of the script. (CVE-2007-0988) If the wddx extension is used to import WDDX data from an untrusted source, certain WDDX input packets may allow a random portion of heap memory to be exposed. (CVE-2007-0908) If the odbc_result_all() function is used to display data from a database, and the contents of the database table are under the control of an attacker, a format string vulnerability is possible which could lead to the execution of arbitrary code. (CVE-2007-0909) A one byte memory read will always occur before the beginning of a buffer, which could be triggered for example by any use of the header() function in a script. However it is unlikely that this would have any effect. (CVE-2007-0907) Several flaws in PHP could allows attackers to "clobber" certain super-global variables via unspecified vectors. (CVE-2007-0910) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. Red Hat would like to thank Stefan Esser for his help diagnosing these issues. Solution Before applying this update, make sure all previously released errata relevant to your system have been applied. This update is available via Red Hat Network. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. Updated packages Red Hat Desktop (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e IA-32: php-4.3.2-39.ent.i386.rpm 4da9c3e985be256827b4fc3efb999381 php-devel-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-imap-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-ldap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-mysql-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-odbc-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-pgsql-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c x86_64: php-4.3.2-39.ent.x86_64.rpm d1002b5ad6955cc920f9d0519d6e4c29 php-devel-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-imap-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-ldap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-mysql-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-odbc-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-pgsql-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e Red Hat Desktop (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 IA-32: php-4.3.9-3.22.3.i386.rpm 144c9a64ae174706ae864d5bf94a8cb2 php-devel-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-domxml-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-gd-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-imap-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-ldap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-mbstring-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mysql-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-ncurses-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-odbc-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-pear-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pgsql-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-snmp-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-xmlrpc-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 x86_64: php-4.3.9-3.22.3.x86_64.rpm 1a8f622a55edc590bc836dc577c67313 php-devel-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-domxml-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-gd-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-imap-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-ldap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-mbstring-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mysql-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-ncurses-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-odbc-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-pear-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pgsql-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-snmp-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-xmlrpc-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e Red Hat Enterprise Linux AS (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e IA-32: php-4.3.2-39.ent.i386.rpm 4da9c3e985be256827b4fc3efb999381 php-devel-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-imap-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-ldap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-mysql-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-odbc-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-pgsql-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c IA-64: php-4.3.2-39.ent.ia64.rpm 04df8afa411b481774159a6476ae3214 php-devel-4.3.2-39.ent.ia64.rpm 2565b31e867991e88121b078a244cc79 php-imap-4.3.2-39.ent.ia64.rpm 3b1f70a9b262d767c34a75d8d6fe7fe6 php-ldap-4.3.2-39.ent.ia64.rpm 4cfacf6c0a7ea7aa03d5586f713b3fb1 php-mysql-4.3.2-39.ent.ia64.rpm 5c4157bcd2ee71c720b2ffc53126a4a7 php-odbc-4.3.2-39.ent.ia64.rpm 144cbe6b4a99f94d2d1fc3e49b8253a7 php-pgsql-4.3.2-39.ent.ia64.rpm fdfe65bb679218761fafa7432a4e001f PPC: php-4.3.2-39.ent.ppc.rpm 7465741a07e8d5e5702f85c704ccc2bc php-devel-4.3.2-39.ent.ppc.rpm 571565d467036b47579c1508a3703015 php-imap-4.3.2-39.ent.ppc.rpm c475fb7a8f81bb316593281efc5dda9f php-ldap-4.3.2-39.ent.ppc.rpm 2412e790daa5951f66634ff70b61080d php-mysql-4.3.2-39.ent.ppc.rpm 82493eaf9f32662ed2742c8bf87f5067 php-odbc-4.3.2-39.ent.ppc.rpm ff57932d8c7d20649ec6c8e8f47933b6 php-pgsql-4.3.2-39.ent.ppc.rpm f1c911a7f10b0fc5b52aba5515b44880 s390: php-4.3.2-39.ent.s390.rpm a2e29ef870928aa6b2feec96f69602bd php-devel-4.3.2-39.ent.s390.rpm c78c492d448b3f654a23a895d4bfcef1 php-imap-4.3.2-39.ent.s390.rpm a0d4c13550b9483d76ab30adb5546a27 php-ldap-4.3.2-39.ent.s390.rpm 2931347356432db8c09726aedf8252ef php-mysql-4.3.2-39.ent.s390.rpm 5f67485c37b9ebf8583c61c8748667b3 php-odbc-4.3.2-39.ent.s390.rpm 864de5e6321e968c427ec10eadf18929 php-pgsql-4.3.2-39.ent.s390.rpm 9c9659dd8ad1efe1f8125b437eb834b9 s390x: php-4.3.2-39.ent.s390x.rpm 84217cb13326032f516c2080f81d07f0 php-devel-4.3.2-39.ent.s390x.rpm 1e6d9d709d3fa232dbeb025837d8de88 php-imap-4.3.2-39.ent.s390x.rpm 58418ba5e99cdda2782bc978ae37c727 php-ldap-4.3.2-39.ent.s390x.rpm 03b1e6d2b6191e50468c203ca7633894 php-mysql-4.3.2-39.ent.s390x.rpm 03048c57fd7d242fde135d1c418c7c5b php-odbc-4.3.2-39.ent.s390x.rpm dde98c2319a57db8f94a90dd674c5837 php-pgsql-4.3.2-39.ent.s390x.rpm cada85f8c79710c38cba22fa1096a04c x86_64: php-4.3.2-39.ent.x86_64.rpm d1002b5ad6955cc920f9d0519d6e4c29 php-devel-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-imap-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-ldap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-mysql-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-odbc-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-pgsql-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e Red Hat Enterprise Linux AS (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 IA-32: php-4.3.9-3.22.3.i386.rpm 144c9a64ae174706ae864d5bf94a8cb2 php-devel-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-domxml-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-gd-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-imap-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-ldap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-mbstring-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mysql-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-ncurses-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-odbc-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-pear-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pgsql-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-snmp-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-xmlrpc-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 IA-64: php-4.3.9-3.22.3.ia64.rpm 199ca047b66ee4a6557d7d3f3c38f873 php-devel-4.3.9-3.22.3.ia64.rpm ff3ec026286d1a34114cb72672ecd3f4 php-domxml-4.3.9-3.22.3.ia64.rpm e8493183ededf4a0e3a0e83c0b592f2a php-gd-4.3.9-3.22.3.ia64.rpm f4c0d643c08b85787f57107ff51041b0 php-imap-4.3.9-3.22.3.ia64.rpm 44842ad7449d6bff948a085865e0af54 php-ldap-4.3.9-3.22.3.ia64.rpm cb11e0b06cdd4fbe89ba7f4ed092d923 php-mbstring-4.3.9-3.22.3.ia64.rpm 568a7912d2ed6423bfda734c08f6d437 php-mysql-4.3.9-3.22.3.ia64.rpm d1574241f8b4c86b026edca3724e7488 php-ncurses-4.3.9-3.22.3.ia64.rpm 6152d7b768392cb4c7f4420f87498e76 php-odbc-4.3.9-3.22.3.ia64.rpm 4f43bb7a7147b3956104033bd19c08e1 php-pear-4.3.9-3.22.3.ia64.rpm 2960bbeba55607269bfde8513249b23d php-pgsql-4.3.9-3.22.3.ia64.rpm 331830c2e27c787f89f6c550fce68223 php-snmp-4.3.9-3.22.3.ia64.rpm d168c65023f344b7664774a5fcd7ed79 php-xmlrpc-4.3.9-3.22.3.ia64.rpm 301669eaa23485727c8f07a2fe960c9f PPC: php-4.3.9-3.22.3.ppc.rpm 4c6db07fe089fef7f36b7bc077b716d3 php-devel-4.3.9-3.22.3.ppc.rpm 62097749817eee902a9b80384cc8d59c php-domxml-4.3.9-3.22.3.ppc.rpm 9d00fabdbc9fd0915f9b85beb9efd2eb php-gd-4.3.9-3.22.3.ppc.rpm ac71759c8b4ef95b06fefe86b6e4341d php-imap-4.3.9-3.22.3.ppc.rpm df5b079c0688d34d124970817b4ba0fe php-ldap-4.3.9-3.22.3.ppc.rpm 9047a48cd3991369483acc2e7f72c48a php-mbstring-4.3.9-3.22.3.ppc.rpm cc0468ff78fb1405314128adba5b4347 php-mysql-4.3.9-3.22.3.ppc.rpm 1f6079f3a80e697196747ed401e77a06 php-ncurses-4.3.9-3.22.3.ppc.rpm bfa51d88bf8c52bc51edf9a9e06cea60 php-odbc-4.3.9-3.22.3.ppc.rpm 0ebdfcc733aa21f10d1bf8639054cf7a php-pear-4.3.9-3.22.3.ppc.rpm df4889b7caf343e6c9d3f9971c5882df php-pgsql-4.3.9-3.22.3.ppc.rpm 2e6c51f81322fec95fdf3af8a835df46 php-snmp-4.3.9-3.22.3.ppc.rpm 1ad1067065a1e6b55954f102cefacecc php-xmlrpc-4.3.9-3.22.3.ppc.rpm 2edb715c10def75b6c92b8c5253e5b37 s390: php-4.3.9-3.22.3.s390.rpm 0c140ffb303370bfce0af6ac947b3bd6 php-devel-4.3.9-3.22.3.s390.rpm 66824af01d592309f5673d74ba13797a php-domxml-4.3.9-3.22.3.s390.rpm 98099e79816000aa22340f30a550d7ac php-gd-4.3.9-3.22.3.s390.rpm f3c3eb16034b039e8d1a3e77f2d4e383 php-imap-4.3.9-3.22.3.s390.rpm 7d1ecf3f77ff01249c447fb6e78757ab php-ldap-4.3.9-3.22.3.s390.rpm 2f1c85fd9c6947b518d8cf275e968735 php-mbstring-4.3.9-3.22.3.s390.rpm b1b767c04c83c7c70d37226de7dba8c5 php-mysql-4.3.9-3.22.3.s390.rpm 89c43d1afe38989d87fa6a57116c9d7a php-ncurses-4.3.9-3.22.3.s390.rpm c4a2ea5228fd6c22e498612fc7d2e17e php-odbc-4.3.9-3.22.3.s390.rpm 847a8e841356375aebd4282da79955a4 php-pear-4.3.9-3.22.3.s390.rpm 209f109e589459e4e2e19545dd4bc512 php-pgsql-4.3.9-3.22.3.s390.rpm c2b09474ea5073b8424680067b1ad6c4 php-snmp-4.3.9-3.22.3.s390.rpm f96afc95bfda9c253379bbca1be10900 php-xmlrpc-4.3.9-3.22.3.s390.rpm 5b56f025bee8ec4eb4eeb169b63d3c60 s390x: php-4.3.9-3.22.3.s390x.rpm 3535b24a963d2fff0d700c9713678e5e php-devel-4.3.9-3.22.3.s390x.rpm 7949f28643e128b73bd73db619bff818 php-domxml-4.3.9-3.22.3.s390x.rpm 987cbab849a42b5523d8b77d78aa9bea php-gd-4.3.9-3.22.3.s390x.rpm 821c61382dbefca04424c88befb5681c php-imap-4.3.9-3.22.3.s390x.rpm f47ace8f09516615d873df2485bd43bd php-ldap-4.3.9-3.22.3.s390x.rpm 24f06687af8986e93f25ffaf246ec493 php-mbstring-4.3.9-3.22.3.s390x.rpm 7ed585f4536cc8348cec85a56ffa3b18 php-mysql-4.3.9-3.22.3.s390x.rpm 0c6b315195f6a047e574e0e0d539fdd7 php-ncurses-4.3.9-3.22.3.s390x.rpm 190521a81ca21b264c6741904fe4b53b php-odbc-4.3.9-3.22.3.s390x.rpm bf0deae5bc75cb7fb2d2463201c5e7dd php-pear-4.3.9-3.22.3.s390x.rpm b3711111e4b4777ef66cdaaceb6e5b89 php-pgsql-4.3.9-3.22.3.s390x.rpm b2272a3b079671f2c7744f2589baf475 php-snmp-4.3.9-3.22.3.s390x.rpm 34bb6ec8d7950f30b02a1da5f9693333 php-xmlrpc-4.3.9-3.22.3.s390x.rpm f88518164a17902d0c3f45d5e6291113 x86_64: php-4.3.9-3.22.3.x86_64.rpm 1a8f622a55edc590bc836dc577c67313 php-devel-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-domxml-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-gd-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-imap-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-ldap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-mbstring-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mysql-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-ncurses-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-odbc-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-pear-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pgsql-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-snmp-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-xmlrpc-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e Red Hat Enterprise Linux ES (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e IA-32: php-4.3.2-39.ent.i386.rpm 4da9c3e985be256827b4fc3efb999381 php-devel-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-imap-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-ldap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-mysql-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-odbc-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-pgsql-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c IA-64: php-4.3.2-39.ent.ia64.rpm 04df8afa411b481774159a6476ae3214 php-devel-4.3.2-39.ent.ia64.rpm 2565b31e867991e88121b078a244cc79 php-imap-4.3.2-39.ent.ia64.rpm 3b1f70a9b262d767c34a75d8d6fe7fe6 php-ldap-4.3.2-39.ent.ia64.rpm 4cfacf6c0a7ea7aa03d5586f713b3fb1 php-mysql-4.3.2-39.ent.ia64.rpm 5c4157bcd2ee71c720b2ffc53126a4a7 php-odbc-4.3.2-39.ent.ia64.rpm 144cbe6b4a99f94d2d1fc3e49b8253a7 php-pgsql-4.3.2-39.ent.ia64.rpm fdfe65bb679218761fafa7432a4e001f x86_64: php-4.3.2-39.ent.x86_64.rpm d1002b5ad6955cc920f9d0519d6e4c29 php-devel-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-imap-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-ldap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-mysql-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-odbc-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-pgsql-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e Red Hat Enterprise Linux ES (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 IA-32: php-4.3.9-3.22.3.i386.rpm 144c9a64ae174706ae864d5bf94a8cb2 php-devel-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-domxml-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-gd-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-imap-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-ldap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-mbstring-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mysql-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-ncurses-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-odbc-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-pear-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pgsql-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-snmp-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-xmlrpc-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 IA-64: php-4.3.9-3.22.3.ia64.rpm 199ca047b66ee4a6557d7d3f3c38f873 php-devel-4.3.9-3.22.3.ia64.rpm ff3ec026286d1a34114cb72672ecd3f4 php-domxml-4.3.9-3.22.3.ia64.rpm e8493183ededf4a0e3a0e83c0b592f2a php-gd-4.3.9-3.22.3.ia64.rpm f4c0d643c08b85787f57107ff51041b0 php-imap-4.3.9-3.22.3.ia64.rpm 44842ad7449d6bff948a085865e0af54 php-ldap-4.3.9-3.22.3.ia64.rpm cb11e0b06cdd4fbe89ba7f4ed092d923 php-mbstring-4.3.9-3.22.3.ia64.rpm 568a7912d2ed6423bfda734c08f6d437 php-mysql-4.3.9-3.22.3.ia64.rpm d1574241f8b4c86b026edca3724e7488 php-ncurses-4.3.9-3.22.3.ia64.rpm 6152d7b768392cb4c7f4420f87498e76 php-odbc-4.3.9-3.22.3.ia64.rpm 4f43bb7a7147b3956104033bd19c08e1 php-pear-4.3.9-3.22.3.ia64.rpm 2960bbeba55607269bfde8513249b23d php-pgsql-4.3.9-3.22.3.ia64.rpm 331830c2e27c787f89f6c550fce68223 php-snmp-4.3.9-3.22.3.ia64.rpm d168c65023f344b7664774a5fcd7ed79 php-xmlrpc-4.3.9-3.22.3.ia64.rpm 301669eaa23485727c8f07a2fe960c9f x86_64: php-4.3.9-3.22.3.x86_64.rpm 1a8f622a55edc590bc836dc577c67313 php-devel-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-domxml-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-gd-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-imap-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-ldap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-mbstring-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mysql-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-ncurses-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-odbc-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-pear-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pgsql-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-snmp-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-xmlrpc-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e Red Hat Enterprise Linux WS (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-39.ent.src.rpm 334e0e7ff2f38110fb88e1083ba06e2e IA-32: php-4.3.2-39.ent.i386.rpm 4da9c3e985be256827b4fc3efb999381 php-devel-4.3.2-39.ent.i386.rpm ed89834a88454fccbcd45d6003a4c769 php-imap-4.3.2-39.ent.i386.rpm 475ea2ea5ea293380d90cb6f1abef9f9 php-ldap-4.3.2-39.ent.i386.rpm de62a7d6c1904aa928fe98e0f9272439 php-mysql-4.3.2-39.ent.i386.rpm f4b5bf5a21a529db128fec9123725c7b php-odbc-4.3.2-39.ent.i386.rpm 366dd5a2fa353a6f8a67477a00a21849 php-pgsql-4.3.2-39.ent.i386.rpm 5f5fe2a3a77dd74582c1d8658320ba4c IA-64: php-4.3.2-39.ent.ia64.rpm 04df8afa411b481774159a6476ae3214 php-devel-4.3.2-39.ent.ia64.rpm 2565b31e867991e88121b078a244cc79 php-imap-4.3.2-39.ent.ia64.rpm 3b1f70a9b262d767c34a75d8d6fe7fe6 php-ldap-4.3.2-39.ent.ia64.rpm 4cfacf6c0a7ea7aa03d5586f713b3fb1 php-mysql-4.3.2-39.ent.ia64.rpm 5c4157bcd2ee71c720b2ffc53126a4a7 php-odbc-4.3.2-39.ent.ia64.rpm 144cbe6b4a99f94d2d1fc3e49b8253a7 php-pgsql-4.3.2-39.ent.ia64.rpm fdfe65bb679218761fafa7432a4e001f x86_64: php-4.3.2-39.ent.x86_64.rpm d1002b5ad6955cc920f9d0519d6e4c29 php-devel-4.3.2-39.ent.x86_64.rpm 27f692d05bb39aa498c765a31846e330 php-imap-4.3.2-39.ent.x86_64.rpm d1d70ae13f11ef4f29636c5158b7fa46 php-ldap-4.3.2-39.ent.x86_64.rpm 132041f96278993aa8d5cf66118972ef php-mysql-4.3.2-39.ent.x86_64.rpm d6341e87d708600fc38bbe4c63ea98ab php-odbc-4.3.2-39.ent.x86_64.rpm baffdb94002ae386b97d6c56805cacd3 php-pgsql-4.3.2-39.ent.x86_64.rpm ae97cf37342f6352e7ee3904a35d747e Red Hat Enterprise Linux WS (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.3.src.rpm a954d249ca8cd0e03864c3cbac5f26b8 IA-32: php-4.3.9-3.22.3.i386.rpm 144c9a64ae174706ae864d5bf94a8cb2 php-devel-4.3.9-3.22.3.i386.rpm 9aff6b4cfe675f62b986cbdfd401ef48 php-domxml-4.3.9-3.22.3.i386.rpm fc7d8f3ff093d36417259cb45d53b597 php-gd-4.3.9-3.22.3.i386.rpm 1c7d95325faf1f7f1c7719190543411e php-imap-4.3.9-3.22.3.i386.rpm b87ac2b80f5498fece096172afedf31d php-ldap-4.3.9-3.22.3.i386.rpm 4681e79b4b0a37b41b3b1c99c68408d0 php-mbstring-4.3.9-3.22.3.i386.rpm 861437499c4426cb220cac6332ea67ff php-mysql-4.3.9-3.22.3.i386.rpm f93b8e4156ac609e56bd29a9987f9b2d php-ncurses-4.3.9-3.22.3.i386.rpm 9ec4c2486345f7ed3192a07ad10ec32e php-odbc-4.3.9-3.22.3.i386.rpm 6cf3e8b518946cfca6fb02601731811a php-pear-4.3.9-3.22.3.i386.rpm 81369039016e43d6f2559ae112b76272 php-pgsql-4.3.9-3.22.3.i386.rpm e0a1147400141dc32ba7a73efd774c5b php-snmp-4.3.9-3.22.3.i386.rpm 1b4822fd2069e98a59ca5a8fbca369e8 php-xmlrpc-4.3.9-3.22.3.i386.rpm c6d716435a59be6d286afef87c580a25 IA-64: php-4.3.9-3.22.3.ia64.rpm 199ca047b66ee4a6557d7d3f3c38f873 php-devel-4.3.9-3.22.3.ia64.rpm ff3ec026286d1a34114cb72672ecd3f4 php-domxml-4.3.9-3.22.3.ia64.rpm e8493183ededf4a0e3a0e83c0b592f2a php-gd-4.3.9-3.22.3.ia64.rpm f4c0d643c08b85787f57107ff51041b0 php-imap-4.3.9-3.22.3.ia64.rpm 44842ad7449d6bff948a085865e0af54 php-ldap-4.3.9-3.22.3.ia64.rpm cb11e0b06cdd4fbe89ba7f4ed092d923 php-mbstring-4.3.9-3.22.3.ia64.rpm 568a7912d2ed6423bfda734c08f6d437 php-mysql-4.3.9-3.22.3.ia64.rpm d1574241f8b4c86b026edca3724e7488 php-ncurses-4.3.9-3.22.3.ia64.rpm 6152d7b768392cb4c7f4420f87498e76 php-odbc-4.3.9-3.22.3.ia64.rpm 4f43bb7a7147b3956104033bd19c08e1 php-pear-4.3.9-3.22.3.ia64.rpm 2960bbeba55607269bfde8513249b23d php-pgsql-4.3.9-3.22.3.ia64.rpm 331830c2e27c787f89f6c550fce68223 php-snmp-4.3.9-3.22.3.ia64.rpm d168c65023f344b7664774a5fcd7ed79 php-xmlrpc-4.3.9-3.22.3.ia64.rpm 301669eaa23485727c8f07a2fe960c9f x86_64: php-4.3.9-3.22.3.x86_64.rpm 1a8f622a55edc590bc836dc577c67313 php-devel-4.3.9-3.22.3.x86_64.rpm 477b586dd9dd24e7208a254894f426aa php-domxml-4.3.9-3.22.3.x86_64.rpm 434e194613624591bc2945d402b335c8 php-gd-4.3.9-3.22.3.x86_64.rpm dde9c8dc92ba9aa7b3b82abe7eca1a46 php-imap-4.3.9-3.22.3.x86_64.rpm ce88add4f6b234c16e27cdc8617ad1ee php-ldap-4.3.9-3.22.3.x86_64.rpm 37a0092e51c14be7b4dab993c85c8f3d php-mbstring-4.3.9-3.22.3.x86_64.rpm c5b16f7a2d4da01a38e18eb0b92e329a php-mysql-4.3.9-3.22.3.x86_64.rpm 9f5b2f72b73928a3eb274edd8a99fed5 php-ncurses-4.3.9-3.22.3.x86_64.rpm 5d60bbf151f212ea1dc61086919315c4 php-odbc-4.3.9-3.22.3.x86_64.rpm f62a0a8783433f67818e3a88597dd754 php-pear-4.3.9-3.22.3.x86_64.rpm 7c16f8eb089b2c044f0c70b33437ceab php-pgsql-4.3.9-3.22.3.x86_64.rpm 24fc5e41ed8e3617e593c20389ef5252 php-snmp-4.3.9-3.22.3.x86_64.rpm b48b22e969361c70682f3d8c1fbdbede php-xmlrpc-4.3.9-3.22.3.x86_64.rpm cd14e8a88891b0a17d5a3ef57b8e015e (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 228858 - CVE-2007-0906 PHP security issues (CVE-2007-0907, CVE-2007-0908, CVE-2007-0909, CVE-2007-0910, CVE-2007-0988) References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0906 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0907 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0909 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0910 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0988 http://www.redhat.com/security/updates/classification/#important -------------------------------------------------------------------------------- These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat RHSA-2007:0076-3 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) R-140: Cisco Multiple IOS IPS Vulnerability R-141: ImageMagick Security Update R-142: HP ServiceGuard for Linux R-143: LizardTech DjVu Browser Plug-in Vulnerability R-144: Multiple Vulnerabilities in Cisco PIX and ASA Appliances R-145: Aruba Mobility Controller Vulnerability R-146: Vulnerability in Snort DCE/RPC Preprocessor R-147: Multiple Vulnerabilities in Firewall Services Module R-148: Apple Security Update 2007-002 R-149: Buffer Overflow in OfficeScan Clients