__________________________________________________________ The U.S. Department of Energy Computer Incident Advisory Capability ___ __ __ _ ___ / | /_\ / \___ __|__ / \ \___ __________________________________________________________ INFORMATION BULLETIN PHP Security Update [Red Hat RHSA-2007:0155-2] April 18, 2007 16:00 GMT Number R-214 [REVISED 20 Apr 2007] [REVISED 1 May 2007] [REVISED 29 May 2007] [REVISED 29 June 2007] [REVISED 31 Jul 2007] ______________________________________________________________________________ PROBLEM: Multiple vulnerabilities exists in PHP that could allow a remote user to run arbitrary code as the Apache user. PLATFORM: Red Hat Desktop (v. 3, v. 4) Red Hat Enterprise Linux AS, ES, WS (v. 3, v. 4) RHEL Desktop Workstation (v. 5 client) Red Hat Enterprise Linux (v. 5 server) Debian GNU/Linux 4.0 (etch) Debian GNU/Linux 3.1 (sarge) HP System Management Homepage (SMH) versions prior to 2.1.8 running on Linux and Windows Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP SGI Advanced Linux Environment 3 Security Update #74 ProPack 3 Service Pack 6 DAMAGE: A remote intruder could run arbitrary code as the Apache user. SOLUTION: Upgrade to the appropriate version. ______________________________________________________________________________ VULNERABILITY The risk is MEDIUM. A remote intruder could run arbitrary code ASSESSMENT: as the Apache user. The remote user would have to be able to pass malicious strings to the PHP interpreter. ______________________________________________________________________________ LINKS: CIAC BULLETIN: http://www.ciac.org/ciac/bulletins/r-214.shtml ORIGINAL BULLETIN: https://rhn.redhat.com/errata/RHSA-2007-0155.html ADDITIONAL LINKS: https://rhn.redhat.com/errata/RHSA-2007-0153.html http://www.debian.org/security/2007/dsa-1283 http://www.debian.org/security/2007/dsa-1282 Visit Hewlett-Packard Subscription Service for: HPSBMA02215 SSRT071423 rev. 1 HPSBTU02232 SSRT071429 rev. 1 SGI Advanced Linux Environment 3 Security Update #74 SGI 20070501-01-P http://www.sgi.com/support/security/advisories.html CVE: http://www.cve.mitre.org/cgi-bin/cvename.cgi?name= CVE-2007-0455 CVE-2007-1001 CVE-2007-1285 CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718 ______________________________________________________________________________ REVISION HISTORY: 04/20/2007 - revised R-214 to add a link to Red Hat RHSA-2007:0153-3 for RHEL Desktop Workstation (v. 5 client) and Red Hat Enterprise Linux (v. 5 server). 05/01/2007 - revised R-214 to add links to Debian Security Advisories DSA-1283-1 for Debian GNU/Linux 4.0 (etch) and DSA1282-1 for Debian GNU/Linux 3.1 (sarge) and 4.0 (etch). 05/29/2007 - revised R-214 to add a link to Hewlett-Packard's HPSBMA02215 SSRT071423 rev. 1 for HP System Management Homepage (SMH) versions prior to 2.1.8 running on Linux and Windows. 06/29/2007 - revised R-150 to add a link to Hewlett-Packard HPSBTU02232 SSRT071429 rev. 1 for Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP. 07/31/2007 - revised R-214 to add a link to SGI Security Advisory for 20070501-01-P for SGI Advanced Linux Environment 3 Security Update #74 for ProPack 3 Service Pack 6. [***** Start Red Hat RHSA-2007:0155-2 *****] Important: php security update Advisory: RHSA-2007:0155-2 Type: Security Advisory Severity: Important Issued on: 2007-04-16 Last updated on: 2007-04-16 Affected Products: Red Hat Desktop (v. 3) Red Hat Desktop (v. 4) Red Hat Enterprise Linux AS (v. 3) Red Hat Enterprise Linux AS (v. 4) Red Hat Enterprise Linux ES (v. 3) Red Hat Enterprise Linux ES (v. 4) Red Hat Enterprise Linux WS (v. 3) Red Hat Enterprise Linux WS (v. 4) OVAL: com.redhat.rhsa-20070155.xml CVEs (cve.mitre.org): CVE-2007-0455 CVE-2007-1001 CVE-2007-1285 CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718 Details Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A denial of service flaw was found in the way PHP processed a deeply nested array. A remote attacker could cause the PHP interpreter to crash by submitting an input variable with a deeply nested array. (CVE-2007-1285) A flaw was found in the way PHP's unserialize() function processed data. If a remote attacker was able to pass arbitrary data to PHP's unserialize() function, they could possibly execute arbitrary code as the apache user. (CVE-2007-1286) A flaw was found in the way the mbstring extension set global variables. A script which used the mb_parse_str() function to set global variables could be forced to enable the register_globals configuration option, possibly resulting in global variable injection. (CVE-2007-1583) A double free flaw was found in PHP's session_decode() function. If a remote attacker was able to pass arbitrary data to PHP's session_decode() function, they could possibly execute arbitrary code as the apache user. (CVE-2007-1711) A flaw was discovered in the way PHP's mail() function processed header data. If a script sent mail using a Subject header containing a string from an untrusted source, a remote attacker could send bulk e-mail to unintended recipients. (CVE-2007-1718) A heap based buffer overflow flaw was discovered in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution. (CVE-2007-1001) A buffer over-read flaw was discovered in PHP's gd extension. A script that could be forced to write arbitrary string using a JIS font from an untrusted source could cause the PHP interpreter to crash. (CVE-2007-0455) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues. Solution Before applying this update, make sure that all previously-released errata relevant to your system have been applied. This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at http://kbase.redhat.com/faq/FAQ_58_10188 Updated packages Red Hat Desktop (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-40.ent.src.rpm 7e86609bb9e811532c0c85f5c29aadf6 IA-32: php-4.3.2-40.ent.i386.rpm 5855234b933b66fd1b38d93b95418e36 php-devel-4.3.2-40.ent.i386.rpm 726a6a36fc362508b93f23e784c76bba php-imap-4.3.2-40.ent.i386.rpm b012de2b5ec4e0479662403585efffd6 php-ldap-4.3.2-40.ent.i386.rpm 5e8c4165ebd99f0c066f0cd0d386d88f php-mysql-4.3.2-40.ent.i386.rpm 96fa828e93e5959287ce42aebd5abcd8 php-odbc-4.3.2-40.ent.i386.rpm 46078615f2a34ad087daa0853f8d034e php-pgsql-4.3.2-40.ent.i386.rpm 3cead419f1826fb8a87ec873be4ac3c6 x86_64: php-4.3.2-40.ent.x86_64.rpm 8b6bf435c86d7b65640ed8ce38f0ea45 php-devel-4.3.2-40.ent.x86_64.rpm e4ea9b7a4dfa2c24b75dbd643b1667d5 php-imap-4.3.2-40.ent.x86_64.rpm c852bd2f4ee5cbe115054d453226f7ad php-ldap-4.3.2-40.ent.x86_64.rpm a9f31f47e63a7d4805208b616acfeea4 php-mysql-4.3.2-40.ent.x86_64.rpm 8333dc142c53aa163626df94dca7171a php-odbc-4.3.2-40.ent.x86_64.rpm 64dd8ab0c2649a66c4d664a35607b0f1 php-pgsql-4.3.2-40.ent.x86_64.rpm 93ba10a377133db7023559ba04cd19d0 Red Hat Desktop (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.4.src.rpm 7330219fc5d750d1aec2d355841e417d IA-32: php-4.3.9-3.22.4.i386.rpm d80d07c71b74894fc8bd5358ecc97ff2 php-devel-4.3.9-3.22.4.i386.rpm 3d8e4694679eaf8873e1ec406eb997b5 php-domxml-4.3.9-3.22.4.i386.rpm fe67e313ea5de21fc8248f36b20b12bd php-gd-4.3.9-3.22.4.i386.rpm daf7563b49ea749530c84e0843f0c0e3 php-imap-4.3.9-3.22.4.i386.rpm dd2dd40935805d96afeb0e009275b752 php-ldap-4.3.9-3.22.4.i386.rpm 7b84f5f9775c6608656bc36469ae35e7 php-mbstring-4.3.9-3.22.4.i386.rpm d171c6b6cfcf482cc53b795376301b68 php-mysql-4.3.9-3.22.4.i386.rpm 11cd6fffc797629f33eb5acc7804d9b3 php-ncurses-4.3.9-3.22.4.i386.rpm 1b5170379bd7cce735ef7d12ff0ef0a2 php-odbc-4.3.9-3.22.4.i386.rpm aeeeea0fa3d2435367558ed30fe8a564 php-pear-4.3.9-3.22.4.i386.rpm c30e561191dd5a75efa2ee62c8c1c92b php-pgsql-4.3.9-3.22.4.i386.rpm 38bf004f549fceb5c67e63e90b14c38b php-snmp-4.3.9-3.22.4.i386.rpm 00ef3f0015e7bad3a96368a53211fd2d php-xmlrpc-4.3.9-3.22.4.i386.rpm a507c9759c585eb98b38257524a34630 x86_64: php-4.3.9-3.22.4.x86_64.rpm 6ddc3f5dbfed8b09eb34f03c8fd584a8 php-devel-4.3.9-3.22.4.x86_64.rpm 17337c831a0e67a71c34fffeda909b5d php-domxml-4.3.9-3.22.4.x86_64.rpm a7277789d5cdbfa67c2a279c990a40fd php-gd-4.3.9-3.22.4.x86_64.rpm 1575f28a5751a971c1061cc886d2530c php-imap-4.3.9-3.22.4.x86_64.rpm 66e018d19a5ea7c5c88919f1c2a6f9b5 php-ldap-4.3.9-3.22.4.x86_64.rpm e7b8f8ada270244056dda1894db8c14f php-mbstring-4.3.9-3.22.4.x86_64.rpm 724f1fc8186ac166328f0647be3544e4 php-mysql-4.3.9-3.22.4.x86_64.rpm 61a40a74a6fd87337ef6fafd327f1620 php-ncurses-4.3.9-3.22.4.x86_64.rpm 9554de6a9fa1d8480186e9f908c7b6f4 php-odbc-4.3.9-3.22.4.x86_64.rpm 8f1235e1638b6394601a16895e41037d php-pear-4.3.9-3.22.4.x86_64.rpm a911be4741f84167ff4da53f0c553991 php-pgsql-4.3.9-3.22.4.x86_64.rpm 96f69680aa0d3d69a67334367d0f81ea php-snmp-4.3.9-3.22.4.x86_64.rpm b6e4e81d7cf6391eb6844b2625616310 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm 4e96d2993c1c0502fff02fc5f2971a50 Red Hat Enterprise Linux AS (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-40.ent.src.rpm 7e86609bb9e811532c0c85f5c29aadf6 IA-32: php-4.3.2-40.ent.i386.rpm 5855234b933b66fd1b38d93b95418e36 php-devel-4.3.2-40.ent.i386.rpm 726a6a36fc362508b93f23e784c76bba php-imap-4.3.2-40.ent.i386.rpm b012de2b5ec4e0479662403585efffd6 php-ldap-4.3.2-40.ent.i386.rpm 5e8c4165ebd99f0c066f0cd0d386d88f php-mysql-4.3.2-40.ent.i386.rpm 96fa828e93e5959287ce42aebd5abcd8 php-odbc-4.3.2-40.ent.i386.rpm 46078615f2a34ad087daa0853f8d034e php-pgsql-4.3.2-40.ent.i386.rpm 3cead419f1826fb8a87ec873be4ac3c6 IA-64: php-4.3.2-40.ent.ia64.rpm f94a6c8b571d82ee18a8644d87c590ae php-devel-4.3.2-40.ent.ia64.rpm 675f141a212250fe1b261977cb06d663 php-imap-4.3.2-40.ent.ia64.rpm a94c845cb1a0f6efb1b93a9ce861deae php-ldap-4.3.2-40.ent.ia64.rpm 10a8b591e979cf4de740b8201713f9c6 php-mysql-4.3.2-40.ent.ia64.rpm 6e84db87339583f63a328e2f2874fcbc php-odbc-4.3.2-40.ent.ia64.rpm c3b8d618680e1729929672a4fea44a8f php-pgsql-4.3.2-40.ent.ia64.rpm 1e7e8bf549ac53207e500d7f2f6d3c20 PPC: php-4.3.2-40.ent.ppc.rpm 3e189182e17922c9daee13ff52f669ed php-devel-4.3.2-40.ent.ppc.rpm c40c8bd36612d53eda6f5de9f1a9c4b4 php-imap-4.3.2-40.ent.ppc.rpm 04cf5dccd60a060528f09146fdf6fa60 php-ldap-4.3.2-40.ent.ppc.rpm e06a27348e9b05710785dcc4b6e7bc4f php-mysql-4.3.2-40.ent.ppc.rpm a628721aa86e2c320ebf1a6321616bf1 php-odbc-4.3.2-40.ent.ppc.rpm 12f1179b6bff0aa9054011f33c14acd5 php-pgsql-4.3.2-40.ent.ppc.rpm ede204fd5316d57e7e13dc89a3667656 s390: php-4.3.2-40.ent.s390.rpm 1090cad41dd8ca0b90f9edaedb394016 php-devel-4.3.2-40.ent.s390.rpm f32c4b53db882dcd82807437b98d8dd5 php-imap-4.3.2-40.ent.s390.rpm 9c0690db93d5de48d1ce41572812024d php-ldap-4.3.2-40.ent.s390.rpm d26feeb70c11b92ac9ed1d198f380551 php-mysql-4.3.2-40.ent.s390.rpm 8f8013e5d0661a4c465cc37baab64927 php-odbc-4.3.2-40.ent.s390.rpm fc19db463a2ad003efe029a1d654a81a php-pgsql-4.3.2-40.ent.s390.rpm f57cabeb2190115011c5158e9b4b44bd s390x: php-4.3.2-40.ent.s390x.rpm e442c097fc70c2515d8953d45fe4ce73 php-devel-4.3.2-40.ent.s390x.rpm f32d9233c7c497b628e3a806247b0011 php-imap-4.3.2-40.ent.s390x.rpm 31163176e3c2a956c90444fea1cf0834 php-ldap-4.3.2-40.ent.s390x.rpm 226d22dcd70a2640ce4faaf458be9351 php-mysql-4.3.2-40.ent.s390x.rpm 936033fbba4be66fbbf8e0d4f88c74f9 php-odbc-4.3.2-40.ent.s390x.rpm d1c553c7eac38f093b08ed80c67c026b php-pgsql-4.3.2-40.ent.s390x.rpm de691c97c6a136525510a1c65b01d7c1 x86_64: php-4.3.2-40.ent.x86_64.rpm 8b6bf435c86d7b65640ed8ce38f0ea45 php-devel-4.3.2-40.ent.x86_64.rpm e4ea9b7a4dfa2c24b75dbd643b1667d5 php-imap-4.3.2-40.ent.x86_64.rpm c852bd2f4ee5cbe115054d453226f7ad php-ldap-4.3.2-40.ent.x86_64.rpm a9f31f47e63a7d4805208b616acfeea4 php-mysql-4.3.2-40.ent.x86_64.rpm 8333dc142c53aa163626df94dca7171a php-odbc-4.3.2-40.ent.x86_64.rpm 64dd8ab0c2649a66c4d664a35607b0f1 php-pgsql-4.3.2-40.ent.x86_64.rpm 93ba10a377133db7023559ba04cd19d0 Red Hat Enterprise Linux AS (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.4.src.rpm 7330219fc5d750d1aec2d355841e417d IA-32: php-4.3.9-3.22.4.i386.rpm d80d07c71b74894fc8bd5358ecc97ff2 php-devel-4.3.9-3.22.4.i386.rpm 3d8e4694679eaf8873e1ec406eb997b5 php-domxml-4.3.9-3.22.4.i386.rpm fe67e313ea5de21fc8248f36b20b12bd php-gd-4.3.9-3.22.4.i386.rpm daf7563b49ea749530c84e0843f0c0e3 php-imap-4.3.9-3.22.4.i386.rpm dd2dd40935805d96afeb0e009275b752 php-ldap-4.3.9-3.22.4.i386.rpm 7b84f5f9775c6608656bc36469ae35e7 php-mbstring-4.3.9-3.22.4.i386.rpm d171c6b6cfcf482cc53b795376301b68 php-mysql-4.3.9-3.22.4.i386.rpm 11cd6fffc797629f33eb5acc7804d9b3 php-ncurses-4.3.9-3.22.4.i386.rpm 1b5170379bd7cce735ef7d12ff0ef0a2 php-odbc-4.3.9-3.22.4.i386.rpm aeeeea0fa3d2435367558ed30fe8a564 php-pear-4.3.9-3.22.4.i386.rpm c30e561191dd5a75efa2ee62c8c1c92b php-pgsql-4.3.9-3.22.4.i386.rpm 38bf004f549fceb5c67e63e90b14c38b php-snmp-4.3.9-3.22.4.i386.rpm 00ef3f0015e7bad3a96368a53211fd2d php-xmlrpc-4.3.9-3.22.4.i386.rpm a507c9759c585eb98b38257524a34630 IA-64: php-4.3.9-3.22.4.ia64.rpm 1a342c764b41425436d60c0e742b1158 php-devel-4.3.9-3.22.4.ia64.rpm 18fc4a94c9930906a61830b405746cbb php-domxml-4.3.9-3.22.4.ia64.rpm f6d5489af882e087ca5b33e3c46b7b5a php-gd-4.3.9-3.22.4.ia64.rpm 1129ac5ac05d179a7aa6fafc61575699 php-imap-4.3.9-3.22.4.ia64.rpm 8423e399a99914b1fde2198e76c42607 php-ldap-4.3.9-3.22.4.ia64.rpm b1dc268a9a3e374dd2636f96eade5b71 php-mbstring-4.3.9-3.22.4.ia64.rpm 9fe9c062a2a1e8aa6b53510c8111baf7 php-mysql-4.3.9-3.22.4.ia64.rpm da9d4d4b5b37a6b991001dd2d1a57833 php-ncurses-4.3.9-3.22.4.ia64.rpm 8927b1f414b9df7c3285724f0e1a3ff0 php-odbc-4.3.9-3.22.4.ia64.rpm a8ae9a8a0668fb30e5d0daea11c671f4 php-pear-4.3.9-3.22.4.ia64.rpm 120fcaf6f9dc847c7c83cd546d0472de php-pgsql-4.3.9-3.22.4.ia64.rpm 21d4ca5bf779bf3ff832e4f428ad61d7 php-snmp-4.3.9-3.22.4.ia64.rpm 3df235bffeaed837cc410a7fcf3af963 php-xmlrpc-4.3.9-3.22.4.ia64.rpm 14d89ef4e5fff6a46a207b9853d7988c PPC: php-4.3.9-3.22.4.ppc.rpm c4e83a7dcf3cc379cf35c6ef5f22a114 php-devel-4.3.9-3.22.4.ppc.rpm 486731bee27a528d5eddc49aa840777c php-domxml-4.3.9-3.22.4.ppc.rpm d64f5b08e93ff3c6a066d7b9babd5929 php-gd-4.3.9-3.22.4.ppc.rpm b9cf5f3ec300ea06a0991cc0e31596c9 php-imap-4.3.9-3.22.4.ppc.rpm e333e79151a8e3c8915f642b62e4552c php-ldap-4.3.9-3.22.4.ppc.rpm 599311ca5a32c044f4ca5b5dc31938ff php-mbstring-4.3.9-3.22.4.ppc.rpm 673f150ab1e064fb338ff76c91469b17 php-mysql-4.3.9-3.22.4.ppc.rpm 79a11655dbf6507d671ba5b79d18e9a7 php-ncurses-4.3.9-3.22.4.ppc.rpm 6ebe5e5eeb3643f5e2ca465e1588bf5d php-odbc-4.3.9-3.22.4.ppc.rpm 36b7af9c7b3e35635df3fd915db91c4c php-pear-4.3.9-3.22.4.ppc.rpm 549ca3cff08ec3f189ac4a401a50aeb7 php-pgsql-4.3.9-3.22.4.ppc.rpm d7e75f1f9ed7a18e8428a27ef1a876f9 php-snmp-4.3.9-3.22.4.ppc.rpm aaf083facc7c5e92df3440a3b51269d7 php-xmlrpc-4.3.9-3.22.4.ppc.rpm beb798a1a5306a6b654a5a27805b65b3 s390: php-4.3.9-3.22.4.s390.rpm 0e42e5f89bbfd1bab591cd75f6175b17 php-devel-4.3.9-3.22.4.s390.rpm bb896db1aa137ccc312daea96f47d829 php-domxml-4.3.9-3.22.4.s390.rpm 0a93f6543f57047455ad44a37718bd4c php-gd-4.3.9-3.22.4.s390.rpm 60a50d204e94557dd21327b1d1d97626 php-imap-4.3.9-3.22.4.s390.rpm b0ea6138bd8cc9c960e1e419693c3f47 php-ldap-4.3.9-3.22.4.s390.rpm 928d77e4b2805019d55d816d138ca279 php-mbstring-4.3.9-3.22.4.s390.rpm ac9c7dcd16b89844d3b6015da47bbf29 php-mysql-4.3.9-3.22.4.s390.rpm ff0d1435d14cbee5152e5a5d77806418 php-ncurses-4.3.9-3.22.4.s390.rpm 57b745fb59f567c9cf0e5783508ecc80 php-odbc-4.3.9-3.22.4.s390.rpm 4050e30e871a5c809d2e5ec62bb8c6c8 php-pear-4.3.9-3.22.4.s390.rpm c9d4e0d6645da86590bd1ef69278301f php-pgsql-4.3.9-3.22.4.s390.rpm dc5afc96ca889d8b594262ae38623526 php-snmp-4.3.9-3.22.4.s390.rpm 45047a67bf062503d206b08cc38b692c php-xmlrpc-4.3.9-3.22.4.s390.rpm 2b05f446eb53f28995e38a739cb0c65b s390x: php-4.3.9-3.22.4.s390x.rpm 4a33d21727e8e617be56366c6d492618 php-devel-4.3.9-3.22.4.s390x.rpm 78b03350ee0bca56d8225352378ceca0 php-domxml-4.3.9-3.22.4.s390x.rpm 51658ad34da8a3cf0c7e762b28563bb2 php-gd-4.3.9-3.22.4.s390x.rpm b265ce79ffc2359b0ad8dc1173496975 php-imap-4.3.9-3.22.4.s390x.rpm d6defd52d9a2f9917729c329bae5ab49 php-ldap-4.3.9-3.22.4.s390x.rpm 363ea6951d71728402c89a33ba9d859d php-mbstring-4.3.9-3.22.4.s390x.rpm e49224a6d62b8c6ee8ceb4e71cb8d567 php-mysql-4.3.9-3.22.4.s390x.rpm a41764ca4bf31cc334a2d02e65943c66 php-ncurses-4.3.9-3.22.4.s390x.rpm 5808a3300e0e5014b29698978e378fef php-odbc-4.3.9-3.22.4.s390x.rpm 046524343a95dd66c25ac3d6c804beab php-pear-4.3.9-3.22.4.s390x.rpm 1bdba041c96a00fb9c5fe5b01c62e519 php-pgsql-4.3.9-3.22.4.s390x.rpm 35302f2c701f3cb5a01ba67195247fad php-snmp-4.3.9-3.22.4.s390x.rpm 56b3c7012faf8de40ff48776df889ea8 php-xmlrpc-4.3.9-3.22.4.s390x.rpm ce3db221e250d9cf3aeae3ba93f8011a x86_64: php-4.3.9-3.22.4.x86_64.rpm 6ddc3f5dbfed8b09eb34f03c8fd584a8 php-devel-4.3.9-3.22.4.x86_64.rpm 17337c831a0e67a71c34fffeda909b5d php-domxml-4.3.9-3.22.4.x86_64.rpm a7277789d5cdbfa67c2a279c990a40fd php-gd-4.3.9-3.22.4.x86_64.rpm 1575f28a5751a971c1061cc886d2530c php-imap-4.3.9-3.22.4.x86_64.rpm 66e018d19a5ea7c5c88919f1c2a6f9b5 php-ldap-4.3.9-3.22.4.x86_64.rpm e7b8f8ada270244056dda1894db8c14f php-mbstring-4.3.9-3.22.4.x86_64.rpm 724f1fc8186ac166328f0647be3544e4 php-mysql-4.3.9-3.22.4.x86_64.rpm 61a40a74a6fd87337ef6fafd327f1620 php-ncurses-4.3.9-3.22.4.x86_64.rpm 9554de6a9fa1d8480186e9f908c7b6f4 php-odbc-4.3.9-3.22.4.x86_64.rpm 8f1235e1638b6394601a16895e41037d php-pear-4.3.9-3.22.4.x86_64.rpm a911be4741f84167ff4da53f0c553991 php-pgsql-4.3.9-3.22.4.x86_64.rpm 96f69680aa0d3d69a67334367d0f81ea php-snmp-4.3.9-3.22.4.x86_64.rpm b6e4e81d7cf6391eb6844b2625616310 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm 4e96d2993c1c0502fff02fc5f2971a50 Red Hat Enterprise Linux ES (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-40.ent.src.rpm 7e86609bb9e811532c0c85f5c29aadf6 IA-32: php-4.3.2-40.ent.i386.rpm 5855234b933b66fd1b38d93b95418e36 php-devel-4.3.2-40.ent.i386.rpm 726a6a36fc362508b93f23e784c76bba php-imap-4.3.2-40.ent.i386.rpm b012de2b5ec4e0479662403585efffd6 php-ldap-4.3.2-40.ent.i386.rpm 5e8c4165ebd99f0c066f0cd0d386d88f php-mysql-4.3.2-40.ent.i386.rpm 96fa828e93e5959287ce42aebd5abcd8 php-odbc-4.3.2-40.ent.i386.rpm 46078615f2a34ad087daa0853f8d034e php-pgsql-4.3.2-40.ent.i386.rpm 3cead419f1826fb8a87ec873be4ac3c6 IA-64: php-4.3.2-40.ent.ia64.rpm f94a6c8b571d82ee18a8644d87c590ae php-devel-4.3.2-40.ent.ia64.rpm 675f141a212250fe1b261977cb06d663 php-imap-4.3.2-40.ent.ia64.rpm a94c845cb1a0f6efb1b93a9ce861deae php-ldap-4.3.2-40.ent.ia64.rpm 10a8b591e979cf4de740b8201713f9c6 php-mysql-4.3.2-40.ent.ia64.rpm 6e84db87339583f63a328e2f2874fcbc php-odbc-4.3.2-40.ent.ia64.rpm c3b8d618680e1729929672a4fea44a8f php-pgsql-4.3.2-40.ent.ia64.rpm 1e7e8bf549ac53207e500d7f2f6d3c20 x86_64: php-4.3.2-40.ent.x86_64.rpm 8b6bf435c86d7b65640ed8ce38f0ea45 php-devel-4.3.2-40.ent.x86_64.rpm e4ea9b7a4dfa2c24b75dbd643b1667d5 php-imap-4.3.2-40.ent.x86_64.rpm c852bd2f4ee5cbe115054d453226f7ad php-ldap-4.3.2-40.ent.x86_64.rpm a9f31f47e63a7d4805208b616acfeea4 php-mysql-4.3.2-40.ent.x86_64.rpm 8333dc142c53aa163626df94dca7171a php-odbc-4.3.2-40.ent.x86_64.rpm 64dd8ab0c2649a66c4d664a35607b0f1 php-pgsql-4.3.2-40.ent.x86_64.rpm 93ba10a377133db7023559ba04cd19d0 Red Hat Enterprise Linux ES (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.4.src.rpm 7330219fc5d750d1aec2d355841e417d IA-32: php-4.3.9-3.22.4.i386.rpm d80d07c71b74894fc8bd5358ecc97ff2 php-devel-4.3.9-3.22.4.i386.rpm 3d8e4694679eaf8873e1ec406eb997b5 php-domxml-4.3.9-3.22.4.i386.rpm fe67e313ea5de21fc8248f36b20b12bd php-gd-4.3.9-3.22.4.i386.rpm daf7563b49ea749530c84e0843f0c0e3 php-imap-4.3.9-3.22.4.i386.rpm dd2dd40935805d96afeb0e009275b752 php-ldap-4.3.9-3.22.4.i386.rpm 7b84f5f9775c6608656bc36469ae35e7 php-mbstring-4.3.9-3.22.4.i386.rpm d171c6b6cfcf482cc53b795376301b68 php-mysql-4.3.9-3.22.4.i386.rpm 11cd6fffc797629f33eb5acc7804d9b3 php-ncurses-4.3.9-3.22.4.i386.rpm 1b5170379bd7cce735ef7d12ff0ef0a2 php-odbc-4.3.9-3.22.4.i386.rpm aeeeea0fa3d2435367558ed30fe8a564 php-pear-4.3.9-3.22.4.i386.rpm c30e561191dd5a75efa2ee62c8c1c92b php-pgsql-4.3.9-3.22.4.i386.rpm 38bf004f549fceb5c67e63e90b14c38b php-snmp-4.3.9-3.22.4.i386.rpm 00ef3f0015e7bad3a96368a53211fd2d php-xmlrpc-4.3.9-3.22.4.i386.rpm a507c9759c585eb98b38257524a34630 IA-64: php-4.3.9-3.22.4.ia64.rpm 1a342c764b41425436d60c0e742b1158 php-devel-4.3.9-3.22.4.ia64.rpm 18fc4a94c9930906a61830b405746cbb php-domxml-4.3.9-3.22.4.ia64.rpm f6d5489af882e087ca5b33e3c46b7b5a php-gd-4.3.9-3.22.4.ia64.rpm 1129ac5ac05d179a7aa6fafc61575699 php-imap-4.3.9-3.22.4.ia64.rpm 8423e399a99914b1fde2198e76c42607 php-ldap-4.3.9-3.22.4.ia64.rpm b1dc268a9a3e374dd2636f96eade5b71 php-mbstring-4.3.9-3.22.4.ia64.rpm 9fe9c062a2a1e8aa6b53510c8111baf7 php-mysql-4.3.9-3.22.4.ia64.rpm da9d4d4b5b37a6b991001dd2d1a57833 php-ncurses-4.3.9-3.22.4.ia64.rpm 8927b1f414b9df7c3285724f0e1a3ff0 php-odbc-4.3.9-3.22.4.ia64.rpm a8ae9a8a0668fb30e5d0daea11c671f4 php-pear-4.3.9-3.22.4.ia64.rpm 120fcaf6f9dc847c7c83cd546d0472de php-pgsql-4.3.9-3.22.4.ia64.rpm 21d4ca5bf779bf3ff832e4f428ad61d7 php-snmp-4.3.9-3.22.4.ia64.rpm 3df235bffeaed837cc410a7fcf3af963 php-xmlrpc-4.3.9-3.22.4.ia64.rpm 14d89ef4e5fff6a46a207b9853d7988c x86_64: php-4.3.9-3.22.4.x86_64.rpm 6ddc3f5dbfed8b09eb34f03c8fd584a8 php-devel-4.3.9-3.22.4.x86_64.rpm 17337c831a0e67a71c34fffeda909b5d php-domxml-4.3.9-3.22.4.x86_64.rpm a7277789d5cdbfa67c2a279c990a40fd php-gd-4.3.9-3.22.4.x86_64.rpm 1575f28a5751a971c1061cc886d2530c php-imap-4.3.9-3.22.4.x86_64.rpm 66e018d19a5ea7c5c88919f1c2a6f9b5 php-ldap-4.3.9-3.22.4.x86_64.rpm e7b8f8ada270244056dda1894db8c14f php-mbstring-4.3.9-3.22.4.x86_64.rpm 724f1fc8186ac166328f0647be3544e4 php-mysql-4.3.9-3.22.4.x86_64.rpm 61a40a74a6fd87337ef6fafd327f1620 php-ncurses-4.3.9-3.22.4.x86_64.rpm 9554de6a9fa1d8480186e9f908c7b6f4 php-odbc-4.3.9-3.22.4.x86_64.rpm 8f1235e1638b6394601a16895e41037d php-pear-4.3.9-3.22.4.x86_64.rpm a911be4741f84167ff4da53f0c553991 php-pgsql-4.3.9-3.22.4.x86_64.rpm 96f69680aa0d3d69a67334367d0f81ea php-snmp-4.3.9-3.22.4.x86_64.rpm b6e4e81d7cf6391eb6844b2625616310 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm 4e96d2993c1c0502fff02fc5f2971a50 Red Hat Enterprise Linux WS (v. 3) -------------------------------------------------------------------------------- SRPMS: php-4.3.2-40.ent.src.rpm 7e86609bb9e811532c0c85f5c29aadf6 IA-32: php-4.3.2-40.ent.i386.rpm 5855234b933b66fd1b38d93b95418e36 php-devel-4.3.2-40.ent.i386.rpm 726a6a36fc362508b93f23e784c76bba php-imap-4.3.2-40.ent.i386.rpm b012de2b5ec4e0479662403585efffd6 php-ldap-4.3.2-40.ent.i386.rpm 5e8c4165ebd99f0c066f0cd0d386d88f php-mysql-4.3.2-40.ent.i386.rpm 96fa828e93e5959287ce42aebd5abcd8 php-odbc-4.3.2-40.ent.i386.rpm 46078615f2a34ad087daa0853f8d034e php-pgsql-4.3.2-40.ent.i386.rpm 3cead419f1826fb8a87ec873be4ac3c6 IA-64: php-4.3.2-40.ent.ia64.rpm f94a6c8b571d82ee18a8644d87c590ae php-devel-4.3.2-40.ent.ia64.rpm 675f141a212250fe1b261977cb06d663 php-imap-4.3.2-40.ent.ia64.rpm a94c845cb1a0f6efb1b93a9ce861deae php-ldap-4.3.2-40.ent.ia64.rpm 10a8b591e979cf4de740b8201713f9c6 php-mysql-4.3.2-40.ent.ia64.rpm 6e84db87339583f63a328e2f2874fcbc php-odbc-4.3.2-40.ent.ia64.rpm c3b8d618680e1729929672a4fea44a8f php-pgsql-4.3.2-40.ent.ia64.rpm 1e7e8bf549ac53207e500d7f2f6d3c20 x86_64: php-4.3.2-40.ent.x86_64.rpm 8b6bf435c86d7b65640ed8ce38f0ea45 php-devel-4.3.2-40.ent.x86_64.rpm e4ea9b7a4dfa2c24b75dbd643b1667d5 php-imap-4.3.2-40.ent.x86_64.rpm c852bd2f4ee5cbe115054d453226f7ad php-ldap-4.3.2-40.ent.x86_64.rpm a9f31f47e63a7d4805208b616acfeea4 php-mysql-4.3.2-40.ent.x86_64.rpm 8333dc142c53aa163626df94dca7171a php-odbc-4.3.2-40.ent.x86_64.rpm 64dd8ab0c2649a66c4d664a35607b0f1 php-pgsql-4.3.2-40.ent.x86_64.rpm 93ba10a377133db7023559ba04cd19d0 Red Hat Enterprise Linux WS (v. 4) -------------------------------------------------------------------------------- SRPMS: php-4.3.9-3.22.4.src.rpm 7330219fc5d750d1aec2d355841e417d IA-32: php-4.3.9-3.22.4.i386.rpm d80d07c71b74894fc8bd5358ecc97ff2 php-devel-4.3.9-3.22.4.i386.rpm 3d8e4694679eaf8873e1ec406eb997b5 php-domxml-4.3.9-3.22.4.i386.rpm fe67e313ea5de21fc8248f36b20b12bd php-gd-4.3.9-3.22.4.i386.rpm daf7563b49ea749530c84e0843f0c0e3 php-imap-4.3.9-3.22.4.i386.rpm dd2dd40935805d96afeb0e009275b752 php-ldap-4.3.9-3.22.4.i386.rpm 7b84f5f9775c6608656bc36469ae35e7 php-mbstring-4.3.9-3.22.4.i386.rpm d171c6b6cfcf482cc53b795376301b68 php-mysql-4.3.9-3.22.4.i386.rpm 11cd6fffc797629f33eb5acc7804d9b3 php-ncurses-4.3.9-3.22.4.i386.rpm 1b5170379bd7cce735ef7d12ff0ef0a2 php-odbc-4.3.9-3.22.4.i386.rpm aeeeea0fa3d2435367558ed30fe8a564 php-pear-4.3.9-3.22.4.i386.rpm c30e561191dd5a75efa2ee62c8c1c92b php-pgsql-4.3.9-3.22.4.i386.rpm 38bf004f549fceb5c67e63e90b14c38b php-snmp-4.3.9-3.22.4.i386.rpm 00ef3f0015e7bad3a96368a53211fd2d php-xmlrpc-4.3.9-3.22.4.i386.rpm a507c9759c585eb98b38257524a34630 IA-64: php-4.3.9-3.22.4.ia64.rpm 1a342c764b41425436d60c0e742b1158 php-devel-4.3.9-3.22.4.ia64.rpm 18fc4a94c9930906a61830b405746cbb php-domxml-4.3.9-3.22.4.ia64.rpm f6d5489af882e087ca5b33e3c46b7b5a php-gd-4.3.9-3.22.4.ia64.rpm 1129ac5ac05d179a7aa6fafc61575699 php-imap-4.3.9-3.22.4.ia64.rpm 8423e399a99914b1fde2198e76c42607 php-ldap-4.3.9-3.22.4.ia64.rpm b1dc268a9a3e374dd2636f96eade5b71 php-mbstring-4.3.9-3.22.4.ia64.rpm 9fe9c062a2a1e8aa6b53510c8111baf7 php-mysql-4.3.9-3.22.4.ia64.rpm da9d4d4b5b37a6b991001dd2d1a57833 php-ncurses-4.3.9-3.22.4.ia64.rpm 8927b1f414b9df7c3285724f0e1a3ff0 php-odbc-4.3.9-3.22.4.ia64.rpm a8ae9a8a0668fb30e5d0daea11c671f4 php-pear-4.3.9-3.22.4.ia64.rpm 120fcaf6f9dc847c7c83cd546d0472de php-pgsql-4.3.9-3.22.4.ia64.rpm 21d4ca5bf779bf3ff832e4f428ad61d7 php-snmp-4.3.9-3.22.4.ia64.rpm 3df235bffeaed837cc410a7fcf3af963 php-xmlrpc-4.3.9-3.22.4.ia64.rpm 14d89ef4e5fff6a46a207b9853d7988c x86_64: php-4.3.9-3.22.4.x86_64.rpm 6ddc3f5dbfed8b09eb34f03c8fd584a8 php-devel-4.3.9-3.22.4.x86_64.rpm 17337c831a0e67a71c34fffeda909b5d php-domxml-4.3.9-3.22.4.x86_64.rpm a7277789d5cdbfa67c2a279c990a40fd php-gd-4.3.9-3.22.4.x86_64.rpm 1575f28a5751a971c1061cc886d2530c php-imap-4.3.9-3.22.4.x86_64.rpm 66e018d19a5ea7c5c88919f1c2a6f9b5 php-ldap-4.3.9-3.22.4.x86_64.rpm e7b8f8ada270244056dda1894db8c14f php-mbstring-4.3.9-3.22.4.x86_64.rpm 724f1fc8186ac166328f0647be3544e4 php-mysql-4.3.9-3.22.4.x86_64.rpm 61a40a74a6fd87337ef6fafd327f1620 php-ncurses-4.3.9-3.22.4.x86_64.rpm 9554de6a9fa1d8480186e9f908c7b6f4 php-odbc-4.3.9-3.22.4.x86_64.rpm 8f1235e1638b6394601a16895e41037d php-pear-4.3.9-3.22.4.x86_64.rpm a911be4741f84167ff4da53f0c553991 php-pgsql-4.3.9-3.22.4.x86_64.rpm 96f69680aa0d3d69a67334367d0f81ea php-snmp-4.3.9-3.22.4.x86_64.rpm b6e4e81d7cf6391eb6844b2625616310 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm 4e96d2993c1c0502fff02fc5f2971a50 (The unlinked packages above are only available from the Red Hat Network) Bugs fixed (see bugzilla for more information) 230556 - CVE-2007-1285 "Month of PHP Bugs" security issues (CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718) 235028 - CVE-2007-1001 gd php flaws (CVE-2007-0455) References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1711 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718 http://www.redhat.com/security/updates/classification/#important -------------------------------------------------------------------------------- These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from: https://www.redhat.com/security/team/key/#package The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/ [***** End Red Hat RHSA-2007:0155-2 *****] _______________________________________________________________________________ CIAC wishes to acknowledge the contributions of Red Hat for the information contained in this bulletin. _______________________________________________________________________________ CIAC, the Computer Incident Advisory Capability, is the computer security incident response team for the U.S. Department of Energy (DOE) and the emergency backup response team for the National Institutes of Health (NIH). CIAC is located at the Lawrence Livermore National Laboratory in Livermore, California. CIAC is also a founding member of FIRST, the Forum of Incident Response and Security Teams, a global organization established to foster cooperation and coordination among computer security teams worldwide. CIAC services are available to DOE, DOE contractors, and the NIH. CIAC can be contacted at: Voice: +1 925-422-8193 (7x24) FAX: +1 925-423-8002 STU-III: +1 925-423-2604 E-mail: ciac@ciac.org Previous CIAC notices, anti-virus software, and other information are available from the CIAC Computer Security Archive. World Wide Web: http://www.ciac.org/ Anonymous FTP: ftp.ciac.org PLEASE NOTE: Many users outside of the DOE, ESnet, and NIH computing communities receive CIAC bulletins. If you are not part of these communities, please contact your agency's response team to report incidents. Your agency's team will coordinate with CIAC. The Forum of Incident Response and Security Teams (FIRST) is a world-wide organization. A list of FIRST member organizations and their constituencies can be obtained via WWW at http://www.first.org/. This document was prepared as an account of work sponsored by an agency of the United States Government. Neither the United States Government nor the University of California nor any of their employees, makes any warranty, express or implied, or assumes any legal liability or responsibility for the accuracy, completeness, or usefulness of any information, apparatus, product, or process disclosed, or represents that its use would not infringe privately owned rights. Reference herein to any specific commercial products, process, or service by trade name, trademark, manufacturer, or otherwise, does not necessarily constitute or imply its endorsement, recommendation or favoring by the United States Government or the University of California. The views and opinions of authors expressed herein do not necessarily state or reflect those of the United States Government or the University of California, and shall not be used for advertising or product endorsement purposes. LAST 10 CIAC BULLETINS ISSUED (Previous bulletins available from CIAC) R-204: Yahoo! ActiveX Audio Conferencing Update R-205: Mercury Quality Center ActiveX R-206: Multiple Vulnerabilities in the Cisco Wireless LAN Controller and Cisco Lightweight Access Points R-207: Multiple Vulnerabilities in the Cisco Wireless Control System R-208: Internet Pictures Corporation iPIX Image Well ActiveX R-209: HP-UX ICMP Vulnerable to DoS via ICMP Path R-210: mandb R-211: XMMS R-212: Vulnerability in RPC on Windows DNS Server R-213: Oracle Critical Patch Update - April 2007