---------------------------------------------------------------------Fedora Update Notification
FEDORA-2004-567
2004-12-21
---------------------------------------------------------------------Product     : Fedora Core 2
Name        : php
Version     : 4.3.10
Release     : 2.4
Summary     : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts. The
mod_php module enables the Apache Web server to understand and process
the embedded PHP language in Web pages.

---------------------------------------------------------------------Update Information:

This update includes the latest release of PHP 4.3, including fixes
for security issues in the unserializer (CVE CAN-2004-1019), exif
image parsing (CVE CAN-2004-1065), and form upload parsing (CVE
CAN-2004-0958 and CAN-2004-0959).

---------------------------------------------------------------------* Tue Dec 21 2004 Joe Orton  4.3.10-2.4

- update to 4.3.10 (#134973, #134976, #135631):
 * security fixes for CAN-2004-0958, CAN-2004-0959
 * unserializer integer overflows, CAN-2004-1019
 * exif image parsing overflow, CAN-2004-1065
- revert use of RTLD_GLOBAL in dlopen() calls (#127518)
- add another FD_SETSIZE workaround (#125258)
- revert upstream default php.ini changes since 4.3.8
- add libgd namespace fixes (#124530)

---------------------------------------------------------------------This update can be downloaded from:
  
38edfb5c4e7d80e48cad36edf9e913eb  SRPMS/php-4.3.10-2.4.src.rpm
a22bafc119a7797734e229822b06547e  x86_64/php-4.3.10-2.4.x86_64.rpm
27783eff866e3bfdc21c7fd55f1ee074  x86_64/php-devel-4.3.10-2.4.x86_64.rpm
3a39de1daf5968d95fd448c9a8e828ac  x86_64/php-pear-4.3.10-2.4.x86_64.rpm
57d065191d398e2bf5e7f120edb16b1a  x86_64/php-imap-4.3.10-2.4.x86_64.rpm
455727fdab0cc5e663e17e49798390d7  x86_64/php-ldap-4.3.10-2.4.x86_64.rpm
92058f2eb9e69e7bcea782bd192b62d2  x86_64/php-mysql-4.3.10-2.4.x86_64.rpm
b51a9e94030e181f818a9ffa13f9750e  x86_64/php-pgsql-4.3.10-2.4.x86_64.rpm
fe0955c89ccde1a7ea7262f63b1e19d1  x86_64/php-odbc-4.3.10-2.4.x86_64.rpm
534bee14e259752b34205f69fe1154fe  x86_64/php-snmp-4.3.10-2.4.x86_64.rpm
2c8ce07785064953a6601ab87250db6a  x86_64/php-domxml-4.3.10-2.4.x86_64.rpm
da393f75760e8ffbf6112bfb71927c9f  x86_64/php-xmlrpc-4.3.10-2.4.x86_64.rpm
66a25b26811a0283501bec4dda66025b  x86_64/php-mbstring-4.3.10-2.4.x86_64.rpm
2d5a82279db93b080afef08cce548af8  x86_64/debug/php-debuginfo-4.3.10-2.4.x86_64.rpm
1b3ceb6fb4bb0bbd05c92aec1efad13a  i386/php-4.3.10-2.4.i386.rpm
8f9685a4e87435eae2543ab0e70ae956  i386/php-devel-4.3.10-2.4.i386.rpm
56893f09067be4bab725e8b8de72f6b5  i386/php-pear-4.3.10-2.4.i386.rpm
bed7a3018a037c024c35fc448ff426b9  i386/php-imap-4.3.10-2.4.i386.rpm
8ccab4ad5130bcb5718d8e449e712524  i386/php-ldap-4.3.10-2.4.i386.rpm
9a9b97820a029f693a6a14a83e017116  i386/php-mysql-4.3.10-2.4.i386.rpm
071e96181e24fca3a38b2a680cf1d5c0  i386/php-pgsql-4.3.10-2.4.i386.rpm
47d4beeb30cd032904341bbad9e9158f  i386/php-odbc-4.3.10-2.4.i386.rpm
39cedd45d34ad1b2d85902169bed5b29  i386/php-snmp-4.3.10-2.4.i386.rpm
79f5b45c4176d46004c9118d459c83ae  i386/php-domxml-4.3.10-2.4.i386.rpm
f53752308cc7058ec829a21ebb9ea7d3  i386/php-xmlrpc-4.3.10-2.4.i386.rpm
e151913faeecbeaf4e6549e03151e644  i386/php-mbstring-4.3.10-2.4.i386.rpm
63020b5ede3e55d1aeaf48365e2be374  i386/debug/php-debuginfo-4.3.10-2.4.i386.rpm

This update can also be installed with the Update Agent; you can
launch the Update Agent with the 'up2date' command.
---------------------------------------------------------------------

Fedora: php-4.3.10-2.4 update

December 21, 2004
This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer (CVE CAN-2004-1019), exif image parsing (CVE CAN-2004-1065), and form up...

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated webpages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts. The

mod_php module enables the Apache Web server to understand and process

the embedded PHP language in Web pages.

This update includes the latest release of PHP 4.3, including fixes

for security issues in the unserializer (CVE CAN-2004-1019), exif

image parsing (CVE CAN-2004-1065), and form upload parsing (CVE

CAN-2004-0958 and CAN-2004-0959).

- update to 4.3.10 (#134973, #134976, #135631):

* security fixes for CAN-2004-0958, CAN-2004-0959

* unserializer integer overflows, CAN-2004-1019

* exif image parsing overflow, CAN-2004-1065

- revert use of RTLD_GLOBAL in dlopen() calls (#127518)

- add another FD_SETSIZE workaround (#125258)

- revert upstream default php.ini changes since 4.3.8

- add libgd namespace fixes (#124530)

38edfb5c4e7d80e48cad36edf9e913eb SRPMS/php-4.3.10-2.4.src.rpm

a22bafc119a7797734e229822b06547e x86_64/php-4.3.10-2.4.x86_64.rpm

27783eff866e3bfdc21c7fd55f1ee074 x86_64/php-devel-4.3.10-2.4.x86_64.rpm

3a39de1daf5968d95fd448c9a8e828ac x86_64/php-pear-4.3.10-2.4.x86_64.rpm

57d065191d398e2bf5e7f120edb16b1a x86_64/php-imap-4.3.10-2.4.x86_64.rpm

455727fdab0cc5e663e17e49798390d7 x86_64/php-ldap-4.3.10-2.4.x86_64.rpm

92058f2eb9e69e7bcea782bd192b62d2 x86_64/php-mysql-4.3.10-2.4.x86_64.rpm

b51a9e94030e181f818a9ffa13f9750e x86_64/php-pgsql-4.3.10-2.4.x86_64.rpm

fe0955c89ccde1a7ea7262f63b1e19d1 x86_64/php-odbc-4.3.10-2.4.x86_64.rpm

534bee14e259752b34205f69fe1154fe x86_64/php-snmp-4.3.10-2.4.x86_64.rpm

2c8ce07785064953a6601ab87250db6a x86_64/php-domxml-4.3.10-2.4.x86_64.rpm

da393f75760e8ffbf6112bfb71927c9f x86_64/php-xmlrpc-4.3.10-2.4.x86_64.rpm

66a25b26811a0283501bec4dda66025b x86_64/php-mbstring-4.3.10-2.4.x86_64.rpm

2d5a82279db93b080afef08cce548af8 x86_64/debug/php-debuginfo-4.3.10-2.4.x86_64.rpm

1b3ceb6fb4bb0bbd05c92aec1efad13a i386/php-4.3.10-2.4.i386.rpm

8f9685a4e87435eae2543ab0e70ae956 i386/php-devel-4.3.10-2.4.i386.rpm

56893f09067be4bab725e8b8de72f6b5 i386/php-pear-4.3.10-2.4.i386.rpm

bed7a3018a037c024c35fc448ff426b9 i386/php-imap-4.3.10-2.4.i386.rpm

8ccab4ad5130bcb5718d8e449e712524 i386/php-ldap-4.3.10-2.4.i386.rpm

9a9b97820a029f693a6a14a83e017116 i386/php-mysql-4.3.10-2.4.i386.rpm

071e96181e24fca3a38b2a680cf1d5c0 i386/php-pgsql-4.3.10-2.4.i386.rpm

47d4beeb30cd032904341bbad9e9158f i386/php-odbc-4.3.10-2.4.i386.rpm

39cedd45d34ad1b2d85902169bed5b29 i386/php-snmp-4.3.10-2.4.i386.rpm

79f5b45c4176d46004c9118d459c83ae i386/php-domxml-4.3.10-2.4.i386.rpm

f53752308cc7058ec829a21ebb9ea7d3 i386/php-xmlrpc-4.3.10-2.4.i386.rpm

e151913faeecbeaf4e6549e03151e644 i386/php-mbstring-4.3.10-2.4.i386.rpm

63020b5ede3e55d1aeaf48365e2be374 i386/debug/php-debuginfo-4.3.10-2.4.i386.rpm

This update can also be installed with the Update Agent; you can

launch the Update Agent with the 'up2date' command.

FEDORA-2004-567 2004-12-21 Name : php Version : 4.3.10 Release : 2.4 Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. This update includes the latest release of PHP 4.3, including fixes for security issues in the unserializer (CVE CAN-2004-1019), exif image parsing (CVE CAN-2004-1065), and form upload parsing (CVE CAN-2004-0958 and CAN-2004-0959). - update to 4.3.10 (#134973, #134976, #135631): * security fixes for CAN-2004-0958, CAN-2004-0959 * unserializer integer overflows, CAN-2004-1019 * exif image parsing overflow, CAN-2004-1065 - revert use of RTLD_GLOBAL in dlopen() calls (#127518) - add another FD_SETSIZE workaround (#125258) - revert upstream default php.ini changes since 4.3.8 - add libgd namespace fixes (#124530) 38edfb5c4e7d80e48cad36edf9e913eb SRPMS/php-4.3.10-2.4.src.rpm a22bafc119a7797734e229822b06547e x86_64/php-4.3.10-2.4.x86_64.rpm 27783eff866e3bfdc21c7fd55f1ee074 x86_64/php-devel-4.3.10-2.4.x86_64.rpm 3a39de1daf5968d95fd448c9a8e828ac x86_64/php-pear-4.3.10-2.4.x86_64.rpm 57d065191d398e2bf5e7f120edb16b1a x86_64/php-imap-4.3.10-2.4.x86_64.rpm 455727fdab0cc5e663e17e49798390d7 x86_64/php-ldap-4.3.10-2.4.x86_64.rpm 92058f2eb9e69e7bcea782bd192b62d2 x86_64/php-mysql-4.3.10-2.4.x86_64.rpm b51a9e94030e181f818a9ffa13f9750e x86_64/php-pgsql-4.3.10-2.4.x86_64.rpm fe0955c89ccde1a7ea7262f63b1e19d1 x86_64/php-odbc-4.3.10-2.4.x86_64.rpm 534bee14e259752b34205f69fe1154fe x86_64/php-snmp-4.3.10-2.4.x86_64.rpm 2c8ce07785064953a6601ab87250db6a x86_64/php-domxml-4.3.10-2.4.x86_64.rpm da393f75760e8ffbf6112bfb71927c9f x86_64/php-xmlrpc-4.3.10-2.4.x86_64.rpm 66a25b26811a0283501bec4dda66025b x86_64/php-mbstring-4.3.10-2.4.x86_64.rpm 2d5a82279db93b080afef08cce548af8 x86_64/debug/php-debuginfo-4.3.10-2.4.x86_64.rpm 1b3ceb6fb4bb0bbd05c92aec1efad13a i386/php-4.3.10-2.4.i386.rpm 8f9685a4e87435eae2543ab0e70ae956 i386/php-devel-4.3.10-2.4.i386.rpm 56893f09067be4bab725e8b8de72f6b5 i386/php-pear-4.3.10-2.4.i386.rpm bed7a3018a037c024c35fc448ff426b9 i386/php-imap-4.3.10-2.4.i386.rpm 8ccab4ad5130bcb5718d8e449e712524 i386/php-ldap-4.3.10-2.4.i386.rpm 9a9b97820a029f693a6a14a83e017116 i386/php-mysql-4.3.10-2.4.i386.rpm 071e96181e24fca3a38b2a680cf1d5c0 i386/php-pgsql-4.3.10-2.4.i386.rpm 47d4beeb30cd032904341bbad9e9158f i386/php-odbc-4.3.10-2.4.i386.rpm 39cedd45d34ad1b2d85902169bed5b29 i386/php-snmp-4.3.10-2.4.i386.rpm 79f5b45c4176d46004c9118d459c83ae i386/php-domxml-4.3.10-2.4.i386.rpm f53752308cc7058ec829a21ebb9ea7d3 i386/php-xmlrpc-4.3.10-2.4.i386.rpm e151913faeecbeaf4e6549e03151e644 i386/php-mbstring-4.3.10-2.4.i386.rpm 63020b5ede3e55d1aeaf48365e2be374 i386/debug/php-debuginfo-4.3.10-2.4.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command.

Change Log

References

Update Instructions

Severity
Name : php
Version : 4.3.10
Release : 2.4
Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor)

Related News

23.Tablet Connections Esm H320
2 - 3 min read
The release of Ubuntu 24.04 LTS , also known as Noble Numbat, brings various security enhancements and exciting new features . These improvements
4.Lock AbstractDigital Esm H320
2 - 3 min read
Tails 6.2 is a new Linux distribution release that expands its multilingual support and improves security features. The distribution is a
19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved