LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Advisory Watch: October 24th, 2014
Linux Security Week: October 20th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Fedora: php-4.3.10-2.4 update Print E-mail
User Rating:      How can I rate this item?
Posted by Joe Shakespeare   
Fedora This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer (CVE CAN-2004-1019), exif image parsing (CVE CAN-2004-1065), and form upload parsing (CVE CAN-2004-0958 and CAN-2004-0959).

---------------------------------------------------------------------
Fedora Update Notification
FEDORA-2004-567
2004-12-21
---------------------------------------------------------------------

Product     : Fedora Core 2
Name        : php
Version     : 4.3.10
Release     : 2.4
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------
Update Information:

This update includes the latest release of PHP 4.3, including fixes
for security issues in the unserializer (CVE CAN-2004-1019), exif
image parsing (CVE CAN-2004-1065), and form upload parsing (CVE
CAN-2004-0958 and CAN-2004-0959).

---------------------------------------------------------------------
* Tue Dec 21 2004 Joe Orton  4.3.10-2.4

- update to 4.3.10 (#134973, #134976, #135631):
 * security fixes for CAN-2004-0958, CAN-2004-0959
 * unserializer integer overflows, CAN-2004-1019
 * exif image parsing overflow, CAN-2004-1065
- revert use of RTLD_GLOBAL in dlopen() calls (#127518)
- add another FD_SETSIZE workaround (#125258)
- revert upstream default php.ini changes since 4.3.8
- add libgd namespace fixes (#124530)

---------------------------------------------------------------------
This update can be downloaded from:
  http://download.fedora.redhat.com/pub/fedora/linux/core/updates/2/

38edfb5c4e7d80e48cad36edf9e913eb  SRPMS/php-4.3.10-2.4.src.rpm
a22bafc119a7797734e229822b06547e  x86_64/php-4.3.10-2.4.x86_64.rpm
27783eff866e3bfdc21c7fd55f1ee074  x86_64/php-devel-4.3.10-2.4.x86_64.rpm
3a39de1daf5968d95fd448c9a8e828ac  x86_64/php-pear-4.3.10-2.4.x86_64.rpm
57d065191d398e2bf5e7f120edb16b1a  x86_64/php-imap-4.3.10-2.4.x86_64.rpm
455727fdab0cc5e663e17e49798390d7  x86_64/php-ldap-4.3.10-2.4.x86_64.rpm
92058f2eb9e69e7bcea782bd192b62d2  x86_64/php-mysql-4.3.10-2.4.x86_64.rpm
b51a9e94030e181f818a9ffa13f9750e  x86_64/php-pgsql-4.3.10-2.4.x86_64.rpm
fe0955c89ccde1a7ea7262f63b1e19d1  x86_64/php-odbc-4.3.10-2.4.x86_64.rpm
534bee14e259752b34205f69fe1154fe  x86_64/php-snmp-4.3.10-2.4.x86_64.rpm
2c8ce07785064953a6601ab87250db6a  x86_64/php-domxml-4.3.10-2.4.x86_64.rpm
da393f75760e8ffbf6112bfb71927c9f  x86_64/php-xmlrpc-4.3.10-2.4.x86_64.rpm
66a25b26811a0283501bec4dda66025b  x86_64/php-mbstring-4.3.10-2.4.x86_64.rpm
2d5a82279db93b080afef08cce548af8  x86_64/debug/php-debuginfo-4.3.10-2.4.x86_64.rpm
1b3ceb6fb4bb0bbd05c92aec1efad13a  i386/php-4.3.10-2.4.i386.rpm
8f9685a4e87435eae2543ab0e70ae956  i386/php-devel-4.3.10-2.4.i386.rpm
56893f09067be4bab725e8b8de72f6b5  i386/php-pear-4.3.10-2.4.i386.rpm
bed7a3018a037c024c35fc448ff426b9  i386/php-imap-4.3.10-2.4.i386.rpm
8ccab4ad5130bcb5718d8e449e712524  i386/php-ldap-4.3.10-2.4.i386.rpm
9a9b97820a029f693a6a14a83e017116  i386/php-mysql-4.3.10-2.4.i386.rpm
071e96181e24fca3a38b2a680cf1d5c0  i386/php-pgsql-4.3.10-2.4.i386.rpm
47d4beeb30cd032904341bbad9e9158f  i386/php-odbc-4.3.10-2.4.i386.rpm
39cedd45d34ad1b2d85902169bed5b29  i386/php-snmp-4.3.10-2.4.i386.rpm
79f5b45c4176d46004c9118d459c83ae  i386/php-domxml-4.3.10-2.4.i386.rpm
f53752308cc7058ec829a21ebb9ea7d3  i386/php-xmlrpc-4.3.10-2.4.i386.rpm
e151913faeecbeaf4e6549e03151e644  i386/php-mbstring-4.3.10-2.4.i386.rpm
63020b5ede3e55d1aeaf48365e2be374  i386/debug/php-debuginfo-4.3.10-2.4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Pro-Privacy Senator Wyden on Fighting the NSA From Inside the System
NIST to hypervisor admins: secure your systems
Quick PHP patch beats slow research reveal
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.