- ---------------------------------------------------------------------                   Red Hat Security Advisory

Synopsis:          Moderate: php security update
Advisory ID:       RHSA-2007:0162-01
Advisory URL:      https://access.redhat.com/errata/RHSA-2007:0162.html
Issue date:        2007-04-16
Updated on:        2007-04-16
Product:           Red Hat Application Stack
CVE Names:         CVE-2007-0455 CVE-2007-1001 CVE-2007-1285 
                   CVE-2007-1718 CVE-2007-1583 
- ---------------------------------------------------------------------1. Summary:

Updated PHP packages that fix several security issues are now available for
Red Hat Application Stack v1.1.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server. 

A denial of service flaw was found in the way PHP processed a deeply nested
array. A remote attacker could cause the PHP interpreter to crash by
submitting an input variable with a deeply nested array. (CVE-2007-1285)

A flaw was found in the way the mbstring extension set global variables. A
script which used the mb_parse_str() function to set global variables could
be forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-1583)

A flaw was discovered in the way PHP's mail() function processed header
data. If a script sent mail using a Subject header containing a string from
an untrusted source, a remote attacker could send bulk e-mail to unintended
recipients. (CVE-2007-1718)

A heap based buffer overflow flaw was discovered in PHP's gd extension. A
script that could be forced to process WBMP images from an untrusted source
could result in arbitrary code execution. (CVE-2007-1001)

A buffer over-read flaw was discovered in PHP's gd extension. A script that
could be forced to write arbitrary strings using a JIS font from an
untrusted source could cause the PHP interpreter to crash. (CVE-2007-0455)

Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at

5. Bug IDs fixed (http://bugzilla.redhat.com/):

235354 - CVE-2007-1285 Multiple PHP Vulnerabilities (CVE-2007-1583, CVE-2007-1718, CVE-2007-1001, CVE-2007-0455)

6. RPMs required:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4):

SRPMS:
7d2dad5706ad3043f2de3ee54a76337d  php-5.1.6-3.el4s1.6.src.rpm

i386:
3bc1f82011bb83af79baf03c46cd97d3  php-5.1.6-3.el4s1.6.i386.rpm
c92ee91ece1cc2e162c97cc730b6ef2f  php-bcmath-5.1.6-3.el4s1.6.i386.rpm
b8e223b04293bec7b59bef5959ca8d38  php-cli-5.1.6-3.el4s1.6.i386.rpm
7b09d67e7ea01af4adde2fff06c45984  php-common-5.1.6-3.el4s1.6.i386.rpm
a2ee349fe353eab1eebd6311350860ed  php-dba-5.1.6-3.el4s1.6.i386.rpm
d227f876474d6657e3d944d63128d511  php-debuginfo-5.1.6-3.el4s1.6.i386.rpm
4238ee90b272b68be2793e3285086fda  php-devel-5.1.6-3.el4s1.6.i386.rpm
1578b049f3ea33037ae1bb56b3cb6a39  php-gd-5.1.6-3.el4s1.6.i386.rpm
492c0b8f4680ce63b4fdb00006baba53  php-imap-5.1.6-3.el4s1.6.i386.rpm
3208a7dc04b82284ad2151ca37ab72c9  php-ldap-5.1.6-3.el4s1.6.i386.rpm
1c80c4ca194000cf3a0ae52ec65cee55  php-mbstring-5.1.6-3.el4s1.6.i386.rpm
87658b40797d36475f90098519b5fed4  php-mysql-5.1.6-3.el4s1.6.i386.rpm
6c114c68c9adc032cb701cd2e26717f6  php-ncurses-5.1.6-3.el4s1.6.i386.rpm
218d013a54c4204751512625d3253df8  php-odbc-5.1.6-3.el4s1.6.i386.rpm
87c26d339ad08e0549f27f99b79f0dd4  php-pdo-5.1.6-3.el4s1.6.i386.rpm
d660b8e6d5a3cb6b309d39ef39844e88  php-pgsql-5.1.6-3.el4s1.6.i386.rpm
971f652d5e4afbd727b44888982d118e  php-snmp-5.1.6-3.el4s1.6.i386.rpm
9a12c8e6a9fb06c5156f44e46113478c  php-soap-5.1.6-3.el4s1.6.i386.rpm
49452a17684968cbbf5b1a3e83aeafae  php-xml-5.1.6-3.el4s1.6.i386.rpm
1824a05dea1e6d30b94707aac471a1a7  php-xmlrpc-5.1.6-3.el4s1.6.i386.rpm

x86_64:
253066e45756f2c6cdc989c04afc70b1  php-5.1.6-3.el4s1.6.x86_64.rpm
860964f19acc4ce9925a710d7012550f  php-bcmath-5.1.6-3.el4s1.6.x86_64.rpm
7282ce839126ebfe0552c54ff36a59f9  php-cli-5.1.6-3.el4s1.6.x86_64.rpm
6daa6b316c2d56bce470801e5bf7157b  php-common-5.1.6-3.el4s1.6.x86_64.rpm
1a03721047f3b63f708627468eb874e6  php-dba-5.1.6-3.el4s1.6.x86_64.rpm
6bee1b5958ff6d7dd637f18e6a30cad9  php-debuginfo-5.1.6-3.el4s1.6.x86_64.rpm
bd5b063d83a4dbc5157606dae09c2019  php-devel-5.1.6-3.el4s1.6.x86_64.rpm
47063dc55a9d2d65a71062ba2a26a833  php-gd-5.1.6-3.el4s1.6.x86_64.rpm
c36277816e0da97fc8bc858a833f294d  php-imap-5.1.6-3.el4s1.6.x86_64.rpm
095eb622d8f72f70f9048a333b78c793  php-ldap-5.1.6-3.el4s1.6.x86_64.rpm
9d3190e3ed9bbcbb92b67293d4f75ab0  php-mbstring-5.1.6-3.el4s1.6.x86_64.rpm
efd0a92f9828fcf979c8f9442495dd21  php-mysql-5.1.6-3.el4s1.6.x86_64.rpm
0d6b4ad7ef760264478b1b4cb267447e  php-ncurses-5.1.6-3.el4s1.6.x86_64.rpm
6ca36fc332e136f36e4fb7cd03b3a5c7  php-odbc-5.1.6-3.el4s1.6.x86_64.rpm
cf656720e224b3897fa203cb80d91282  php-pdo-5.1.6-3.el4s1.6.x86_64.rpm
72e67935a588ddfed7abfb73f58d337a  php-pgsql-5.1.6-3.el4s1.6.x86_64.rpm
20bea80ab4cd427f6fb44da4b08fb1a3  php-snmp-5.1.6-3.el4s1.6.x86_64.rpm
a1ce135048dc04bc34bf590a96fe1393  php-soap-5.1.6-3.el4s1.6.x86_64.rpm
e22816d5b064cdb97823a44a3c9aadb1  php-xml-5.1.6-3.el4s1.6.x86_64.rpm
59ce32d3f90a43ce6a14fd18316315c5  php-xmlrpc-5.1.6-3.el4s1.6.x86_64.rpm

Red Hat Application Stack v1 for Enterprise Linux ES (v.4):

SRPMS:
7d2dad5706ad3043f2de3ee54a76337d  php-5.1.6-3.el4s1.6.src.rpm

i386:
3bc1f82011bb83af79baf03c46cd97d3  php-5.1.6-3.el4s1.6.i386.rpm
c92ee91ece1cc2e162c97cc730b6ef2f  php-bcmath-5.1.6-3.el4s1.6.i386.rpm
b8e223b04293bec7b59bef5959ca8d38  php-cli-5.1.6-3.el4s1.6.i386.rpm
7b09d67e7ea01af4adde2fff06c45984  php-common-5.1.6-3.el4s1.6.i386.rpm
a2ee349fe353eab1eebd6311350860ed  php-dba-5.1.6-3.el4s1.6.i386.rpm
d227f876474d6657e3d944d63128d511  php-debuginfo-5.1.6-3.el4s1.6.i386.rpm
4238ee90b272b68be2793e3285086fda  php-devel-5.1.6-3.el4s1.6.i386.rpm
1578b049f3ea33037ae1bb56b3cb6a39  php-gd-5.1.6-3.el4s1.6.i386.rpm
492c0b8f4680ce63b4fdb00006baba53  php-imap-5.1.6-3.el4s1.6.i386.rpm
3208a7dc04b82284ad2151ca37ab72c9  php-ldap-5.1.6-3.el4s1.6.i386.rpm
1c80c4ca194000cf3a0ae52ec65cee55  php-mbstring-5.1.6-3.el4s1.6.i386.rpm
87658b40797d36475f90098519b5fed4  php-mysql-5.1.6-3.el4s1.6.i386.rpm
6c114c68c9adc032cb701cd2e26717f6  php-ncurses-5.1.6-3.el4s1.6.i386.rpm
218d013a54c4204751512625d3253df8  php-odbc-5.1.6-3.el4s1.6.i386.rpm
87c26d339ad08e0549f27f99b79f0dd4  php-pdo-5.1.6-3.el4s1.6.i386.rpm
d660b8e6d5a3cb6b309d39ef39844e88  php-pgsql-5.1.6-3.el4s1.6.i386.rpm
971f652d5e4afbd727b44888982d118e  php-snmp-5.1.6-3.el4s1.6.i386.rpm
9a12c8e6a9fb06c5156f44e46113478c  php-soap-5.1.6-3.el4s1.6.i386.rpm
49452a17684968cbbf5b1a3e83aeafae  php-xml-5.1.6-3.el4s1.6.i386.rpm
1824a05dea1e6d30b94707aac471a1a7  php-xmlrpc-5.1.6-3.el4s1.6.i386.rpm

x86_64:
253066e45756f2c6cdc989c04afc70b1  php-5.1.6-3.el4s1.6.x86_64.rpm
860964f19acc4ce9925a710d7012550f  php-bcmath-5.1.6-3.el4s1.6.x86_64.rpm
7282ce839126ebfe0552c54ff36a59f9  php-cli-5.1.6-3.el4s1.6.x86_64.rpm
6daa6b316c2d56bce470801e5bf7157b  php-common-5.1.6-3.el4s1.6.x86_64.rpm
1a03721047f3b63f708627468eb874e6  php-dba-5.1.6-3.el4s1.6.x86_64.rpm
6bee1b5958ff6d7dd637f18e6a30cad9  php-debuginfo-5.1.6-3.el4s1.6.x86_64.rpm
bd5b063d83a4dbc5157606dae09c2019  php-devel-5.1.6-3.el4s1.6.x86_64.rpm
47063dc55a9d2d65a71062ba2a26a833  php-gd-5.1.6-3.el4s1.6.x86_64.rpm
c36277816e0da97fc8bc858a833f294d  php-imap-5.1.6-3.el4s1.6.x86_64.rpm
095eb622d8f72f70f9048a333b78c793  php-ldap-5.1.6-3.el4s1.6.x86_64.rpm
9d3190e3ed9bbcbb92b67293d4f75ab0  php-mbstring-5.1.6-3.el4s1.6.x86_64.rpm
efd0a92f9828fcf979c8f9442495dd21  php-mysql-5.1.6-3.el4s1.6.x86_64.rpm
0d6b4ad7ef760264478b1b4cb267447e  php-ncurses-5.1.6-3.el4s1.6.x86_64.rpm
6ca36fc332e136f36e4fb7cd03b3a5c7  php-odbc-5.1.6-3.el4s1.6.x86_64.rpm
cf656720e224b3897fa203cb80d91282  php-pdo-5.1.6-3.el4s1.6.x86_64.rpm
72e67935a588ddfed7abfb73f58d337a  php-pgsql-5.1.6-3.el4s1.6.x86_64.rpm
20bea80ab4cd427f6fb44da4b08fb1a3  php-snmp-5.1.6-3.el4s1.6.x86_64.rpm
a1ce135048dc04bc34bf590a96fe1393  php-soap-5.1.6-3.el4s1.6.x86_64.rpm
e22816d5b064cdb97823a44a3c9aadb1  php-xml-5.1.6-3.el4s1.6.x86_64.rpm
59ce32d3f90a43ce6a14fd18316315c5  php-xmlrpc-5.1.6-3.el4s1.6.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

RedHat: Moderate: php security update RHSA-2007:0162-01

Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1. This update has been rated as having important security impact by the ...

Summary



Summary

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A denial of service flaw was found in the way PHP processed a deeply nested array. A remote attacker could cause the PHP interpreter to crash by submitting an input variable with a deeply nested array. (CVE-2007-1285) A flaw was found in the way the mbstring extension set global variables. A script which used the mb_parse_str() function to set global variables could be forced to enable the register_globals configuration option, possibly resulting in global variable injection. (CVE-2007-1583) A flaw was discovered in the way PHP's mail() function processed header data. If a script sent mail using a Subject header containing a string from an untrusted source, a remote attacker could send bulk e-mail to unintended recipients. (CVE-2007-1718) A heap based buffer overflow flaw was discovered in PHP's gd extension. A script that could be forced to process WBMP images from an untrusted source could result in arbitrary code execution. (CVE-2007-1001) A buffer over-read flaw was discovered in PHP's gd extension. A script that could be forced to write arbitrary strings using a JIS font from an untrusted source could cause the PHP interpreter to crash. (CVE-2007-0455) Users of PHP should upgrade to these updated packages which contain backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at
5. Bug IDs fixed (http://bugzilla.redhat.com/):
235354 - CVE-2007-1285 Multiple PHP Vulnerabilities (CVE-2007-1583, CVE-2007-1718, CVE-2007-1001, CVE-2007-0455)
6. RPMs required:
Red Hat Application Stack v1 for Enterprise Linux AS (v.4):
SRPMS: 7d2dad5706ad3043f2de3ee54a76337d php-5.1.6-3.el4s1.6.src.rpm
i386: 3bc1f82011bb83af79baf03c46cd97d3 php-5.1.6-3.el4s1.6.i386.rpm c92ee91ece1cc2e162c97cc730b6ef2f php-bcmath-5.1.6-3.el4s1.6.i386.rpm b8e223b04293bec7b59bef5959ca8d38 php-cli-5.1.6-3.el4s1.6.i386.rpm 7b09d67e7ea01af4adde2fff06c45984 php-common-5.1.6-3.el4s1.6.i386.rpm a2ee349fe353eab1eebd6311350860ed php-dba-5.1.6-3.el4s1.6.i386.rpm d227f876474d6657e3d944d63128d511 php-debuginfo-5.1.6-3.el4s1.6.i386.rpm 4238ee90b272b68be2793e3285086fda php-devel-5.1.6-3.el4s1.6.i386.rpm 1578b049f3ea33037ae1bb56b3cb6a39 php-gd-5.1.6-3.el4s1.6.i386.rpm 492c0b8f4680ce63b4fdb00006baba53 php-imap-5.1.6-3.el4s1.6.i386.rpm 3208a7dc04b82284ad2151ca37ab72c9 php-ldap-5.1.6-3.el4s1.6.i386.rpm 1c80c4ca194000cf3a0ae52ec65cee55 php-mbstring-5.1.6-3.el4s1.6.i386.rpm 87658b40797d36475f90098519b5fed4 php-mysql-5.1.6-3.el4s1.6.i386.rpm 6c114c68c9adc032cb701cd2e26717f6 php-ncurses-5.1.6-3.el4s1.6.i386.rpm 218d013a54c4204751512625d3253df8 php-odbc-5.1.6-3.el4s1.6.i386.rpm 87c26d339ad08e0549f27f99b79f0dd4 php-pdo-5.1.6-3.el4s1.6.i386.rpm d660b8e6d5a3cb6b309d39ef39844e88 php-pgsql-5.1.6-3.el4s1.6.i386.rpm 971f652d5e4afbd727b44888982d118e php-snmp-5.1.6-3.el4s1.6.i386.rpm 9a12c8e6a9fb06c5156f44e46113478c php-soap-5.1.6-3.el4s1.6.i386.rpm 49452a17684968cbbf5b1a3e83aeafae php-xml-5.1.6-3.el4s1.6.i386.rpm 1824a05dea1e6d30b94707aac471a1a7 php-xmlrpc-5.1.6-3.el4s1.6.i386.rpm
x86_64: 253066e45756f2c6cdc989c04afc70b1 php-5.1.6-3.el4s1.6.x86_64.rpm 860964f19acc4ce9925a710d7012550f php-bcmath-5.1.6-3.el4s1.6.x86_64.rpm 7282ce839126ebfe0552c54ff36a59f9 php-cli-5.1.6-3.el4s1.6.x86_64.rpm 6daa6b316c2d56bce470801e5bf7157b php-common-5.1.6-3.el4s1.6.x86_64.rpm 1a03721047f3b63f708627468eb874e6 php-dba-5.1.6-3.el4s1.6.x86_64.rpm 6bee1b5958ff6d7dd637f18e6a30cad9 php-debuginfo-5.1.6-3.el4s1.6.x86_64.rpm bd5b063d83a4dbc5157606dae09c2019 php-devel-5.1.6-3.el4s1.6.x86_64.rpm 47063dc55a9d2d65a71062ba2a26a833 php-gd-5.1.6-3.el4s1.6.x86_64.rpm c36277816e0da97fc8bc858a833f294d php-imap-5.1.6-3.el4s1.6.x86_64.rpm 095eb622d8f72f70f9048a333b78c793 php-ldap-5.1.6-3.el4s1.6.x86_64.rpm 9d3190e3ed9bbcbb92b67293d4f75ab0 php-mbstring-5.1.6-3.el4s1.6.x86_64.rpm efd0a92f9828fcf979c8f9442495dd21 php-mysql-5.1.6-3.el4s1.6.x86_64.rpm 0d6b4ad7ef760264478b1b4cb267447e php-ncurses-5.1.6-3.el4s1.6.x86_64.rpm 6ca36fc332e136f36e4fb7cd03b3a5c7 php-odbc-5.1.6-3.el4s1.6.x86_64.rpm cf656720e224b3897fa203cb80d91282 php-pdo-5.1.6-3.el4s1.6.x86_64.rpm 72e67935a588ddfed7abfb73f58d337a php-pgsql-5.1.6-3.el4s1.6.x86_64.rpm 20bea80ab4cd427f6fb44da4b08fb1a3 php-snmp-5.1.6-3.el4s1.6.x86_64.rpm a1ce135048dc04bc34bf590a96fe1393 php-soap-5.1.6-3.el4s1.6.x86_64.rpm e22816d5b064cdb97823a44a3c9aadb1 php-xml-5.1.6-3.el4s1.6.x86_64.rpm 59ce32d3f90a43ce6a14fd18316315c5 php-xmlrpc-5.1.6-3.el4s1.6.x86_64.rpm
Red Hat Application Stack v1 for Enterprise Linux ES (v.4):
SRPMS: 7d2dad5706ad3043f2de3ee54a76337d php-5.1.6-3.el4s1.6.src.rpm
i386: 3bc1f82011bb83af79baf03c46cd97d3 php-5.1.6-3.el4s1.6.i386.rpm c92ee91ece1cc2e162c97cc730b6ef2f php-bcmath-5.1.6-3.el4s1.6.i386.rpm b8e223b04293bec7b59bef5959ca8d38 php-cli-5.1.6-3.el4s1.6.i386.rpm 7b09d67e7ea01af4adde2fff06c45984 php-common-5.1.6-3.el4s1.6.i386.rpm a2ee349fe353eab1eebd6311350860ed php-dba-5.1.6-3.el4s1.6.i386.rpm d227f876474d6657e3d944d63128d511 php-debuginfo-5.1.6-3.el4s1.6.i386.rpm 4238ee90b272b68be2793e3285086fda php-devel-5.1.6-3.el4s1.6.i386.rpm 1578b049f3ea33037ae1bb56b3cb6a39 php-gd-5.1.6-3.el4s1.6.i386.rpm 492c0b8f4680ce63b4fdb00006baba53 php-imap-5.1.6-3.el4s1.6.i386.rpm 3208a7dc04b82284ad2151ca37ab72c9 php-ldap-5.1.6-3.el4s1.6.i386.rpm 1c80c4ca194000cf3a0ae52ec65cee55 php-mbstring-5.1.6-3.el4s1.6.i386.rpm 87658b40797d36475f90098519b5fed4 php-mysql-5.1.6-3.el4s1.6.i386.rpm 6c114c68c9adc032cb701cd2e26717f6 php-ncurses-5.1.6-3.el4s1.6.i386.rpm 218d013a54c4204751512625d3253df8 php-odbc-5.1.6-3.el4s1.6.i386.rpm 87c26d339ad08e0549f27f99b79f0dd4 php-pdo-5.1.6-3.el4s1.6.i386.rpm d660b8e6d5a3cb6b309d39ef39844e88 php-pgsql-5.1.6-3.el4s1.6.i386.rpm 971f652d5e4afbd727b44888982d118e php-snmp-5.1.6-3.el4s1.6.i386.rpm 9a12c8e6a9fb06c5156f44e46113478c php-soap-5.1.6-3.el4s1.6.i386.rpm 49452a17684968cbbf5b1a3e83aeafae php-xml-5.1.6-3.el4s1.6.i386.rpm 1824a05dea1e6d30b94707aac471a1a7 php-xmlrpc-5.1.6-3.el4s1.6.i386.rpm
x86_64: 253066e45756f2c6cdc989c04afc70b1 php-5.1.6-3.el4s1.6.x86_64.rpm 860964f19acc4ce9925a710d7012550f php-bcmath-5.1.6-3.el4s1.6.x86_64.rpm 7282ce839126ebfe0552c54ff36a59f9 php-cli-5.1.6-3.el4s1.6.x86_64.rpm 6daa6b316c2d56bce470801e5bf7157b php-common-5.1.6-3.el4s1.6.x86_64.rpm 1a03721047f3b63f708627468eb874e6 php-dba-5.1.6-3.el4s1.6.x86_64.rpm 6bee1b5958ff6d7dd637f18e6a30cad9 php-debuginfo-5.1.6-3.el4s1.6.x86_64.rpm bd5b063d83a4dbc5157606dae09c2019 php-devel-5.1.6-3.el4s1.6.x86_64.rpm 47063dc55a9d2d65a71062ba2a26a833 php-gd-5.1.6-3.el4s1.6.x86_64.rpm c36277816e0da97fc8bc858a833f294d php-imap-5.1.6-3.el4s1.6.x86_64.rpm 095eb622d8f72f70f9048a333b78c793 php-ldap-5.1.6-3.el4s1.6.x86_64.rpm 9d3190e3ed9bbcbb92b67293d4f75ab0 php-mbstring-5.1.6-3.el4s1.6.x86_64.rpm efd0a92f9828fcf979c8f9442495dd21 php-mysql-5.1.6-3.el4s1.6.x86_64.rpm 0d6b4ad7ef760264478b1b4cb267447e php-ncurses-5.1.6-3.el4s1.6.x86_64.rpm 6ca36fc332e136f36e4fb7cd03b3a5c7 php-odbc-5.1.6-3.el4s1.6.x86_64.rpm cf656720e224b3897fa203cb80d91282 php-pdo-5.1.6-3.el4s1.6.x86_64.rpm 72e67935a588ddfed7abfb73f58d337a php-pgsql-5.1.6-3.el4s1.6.x86_64.rpm 20bea80ab4cd427f6fb44da4b08fb1a3 php-snmp-5.1.6-3.el4s1.6.x86_64.rpm a1ce135048dc04bc34bf590a96fe1393 php-soap-5.1.6-3.el4s1.6.x86_64.rpm e22816d5b064cdb97823a44a3c9aadb1 php-xml-5.1.6-3.el4s1.6.x86_64.rpm 59ce32d3f90a43ce6a14fd18316315c5 php-xmlrpc-5.1.6-3.el4s1.6.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://www.redhat.com/security/team/key/#package

References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1285 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583 http://www.redhat.com/security/updates/classification/#moderate

Package List


Severity
Advisory ID: RHSA-2007:0162-01
Advisory URL: https://access.redhat.com/errata/RHSA-2007:0162.html
Issued Date: : 2007-04-16
Updated on: 2007-04-16
Product: Red Hat Application Stack
CVE Names: CVE-2007-0455 CVE-2007-1001 CVE-2007-1285 CVE-2007-1718 CVE-2007-1583 Updated PHP packages that fix several security issues are now available for Red Hat Application Stack v1.1. This update has been rated as having important security impact by the Red Hat Security Response Team.

Topic


Topic


 

Relevant Releases Architectures

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64

Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64


Bugs Fixed


Related News

6.EmailConnection Touch Esm H320
2 - 3 min read
Recent security updates for Ubuntu and Debian have been released to address vulnerabilities in Thunderbird, the popular open-source mail and
30.Lock Globe Motherboard Esm H320
1 - 2 min read
As cybersecurity practitioners, we are no strangers to the constant threat of malicious actors and the importance of remaining vigilant to protect
22.Lock ScreenEffect Esm H320
1 - 2 min read
EndeavorOS Gemini is a captivating and charming desktop operating system based on Arch Linux. The new release includes a kernel upgrade, 3D graphics
25.@Sign Hook Keyboard Esm H320
1 min read
Cyber risk is increasing for individuals and organizations, making flexible and robust solutions for identifying spam and malware increasingly
19.Laptop Bed Esm H320
2 - 3 min read
The recently released Linux Kernel 6.9 brings forth a blend of crucial upgrades and enhancements, catering to the ever-evolving needs of the Linux
4.Lock AbstractDigital Esm H320
1 - 2 min read
Nmap 7.95 introduces myriad enhancements, primarily focusing on OS and service detection signatures. This reflects the dedication of the Nmap
5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved