LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Moderate: php security update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated PHP packages that fix multiple security issues are now available for Red Hat Enterprise Linux 3 and 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team.
- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: php security update
Advisory ID:       RHSA-2005:831-01
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2005-831.html
Issue date:        2005-11-10
Updated on:        2005-11-10
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2005-3353 CVE-2005-3388 CVE-2005-3389 CVE-2005-3390
- ---------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix multiple security issues are now available
for Red Hat Enterprise Linux 3 and 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

A flaw was found in the way PHP registers global variables during a file
upload request.  A remote attacker could submit a carefully crafted
multipart/form-data POST request that would overwrite the $GLOBALS array,
altering expected script behavior, and possibly leading to the execution of
arbitrary PHP commands.  Please note that this vulnerability only affects
installations which have register_globals enabled in the PHP configuration
file, which is not a default or recommended option.  The Common
Vulnerabilities and Exposures project assigned the name CVE-2005-3390 to
this issue.

A flaw was found in the PHP parse_str() function. If a PHP script passes
only one argument to the parse_str() function, and the script can be forced
to abort execution during operation (for example due to the memory_limit
setting), the register_globals may be enabled even if it is disabled in the
PHP configuration file.  This vulnerability only affects installations that
have PHP scripts using the parse_str function in this way.  (CVE-2005-3389)

A Cross-Site Scripting flaw was found in the phpinfo() function. If a
victim can be tricked into following a malicious URL to a site with a page
displaying the phpinfo() output, it may be possible to inject javascript
or HTML content into the displayed page or steal data such as cookies. 
This vulnerability only affects installations which allow users to view the
output of the phpinfo() function.  As the phpinfo() function outputs a
large amount of information about the current state of PHP, it should only
be used during debugging or if protected by authentication.  (CVE-2005-3388)

A denial of service flaw was found in the way PHP processes EXIF image
data.  It is possible for an attacker to cause PHP to crash by supplying
carefully crafted EXIF image data. (CVE-2005-3353)

Users of PHP should upgrade to these updated packages, which contain
backported patches that resolve these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

5. Bug IDs fixed (http://bugzilla.redhat.com/):

172207 - CVE-2005-3390 PHP register globals arbitrary code execution
172209 - CVE-2005-3389 PHP parse_str can enable register_globals
172212 - CVE-2005-3388 PHP phpinfo() XSS attack
172589 - CVE-2005-3353 PHP exif data DoS


6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-26.ent.src.rpm
d46e8398fdd5b7824c035e1fd1d1da68  php-4.3.2-26.ent.src.rpm

i386:
d93ec4e3c3f203b201943729c0364ffd  php-4.3.2-26.ent.i386.rpm
053003467491195a6e115d51ead1aebd  php-devel-4.3.2-26.ent.i386.rpm
bf1565d0e0c50902a7d6288ce5bcf579  php-imap-4.3.2-26.ent.i386.rpm
853b0a5358e6e5b9bd25cb4bfa8a67a2  php-ldap-4.3.2-26.ent.i386.rpm
451bd6cbf36b999d99a27709065b8022  php-mysql-4.3.2-26.ent.i386.rpm
22322bb52f035398d2ce7c99776427e3  php-odbc-4.3.2-26.ent.i386.rpm
3a0ddf1eee717e81e4536de19a262915  php-pgsql-4.3.2-26.ent.i386.rpm

ia64:
bceaf10fe0ba0c7c95c1f01c3c2c2c26  php-4.3.2-26.ent.ia64.rpm
33347cbad2ebf3f8ec25c4f39488c3aa  php-devel-4.3.2-26.ent.ia64.rpm
0272cc5dc65035ff67d11b191b0eb132  php-imap-4.3.2-26.ent.ia64.rpm
2c8414b3b43f806065de630e4b24850a  php-ldap-4.3.2-26.ent.ia64.rpm
3c82d4485790e149eb89c6692cc11438  php-mysql-4.3.2-26.ent.ia64.rpm
0856e5a1db31cadd22b9afc485fe9f41  php-odbc-4.3.2-26.ent.ia64.rpm
70cf8e4f495021d8bcd178ef050a380f  php-pgsql-4.3.2-26.ent.ia64.rpm

ppc:
c9cacbe8f9af60a7b8d8b694f66bdd97  php-4.3.2-26.ent.ppc.rpm
ab3438a10e9d75c2983716a366b40dad  php-devel-4.3.2-26.ent.ppc.rpm
2760b4df66a293054afc9f7c548a9f39  php-imap-4.3.2-26.ent.ppc.rpm
778f66821c4221ada23408018e851e64  php-ldap-4.3.2-26.ent.ppc.rpm
b6d3f51255a5c19c2c21e5db451108cb  php-mysql-4.3.2-26.ent.ppc.rpm
dd8198ffc35d1c444f2c37cd5b52d7e3  php-odbc-4.3.2-26.ent.ppc.rpm
be3baaa3d577953956ae84e71dbf92fe  php-pgsql-4.3.2-26.ent.ppc.rpm

s390:
0d8655a2d4ada8b43aa069fc7281a4bb  php-4.3.2-26.ent.s390.rpm
1a02dbeb07ed152e80a365d2fea3d543  php-devel-4.3.2-26.ent.s390.rpm
d880db28130375e82bc78abde75bcd7e  php-imap-4.3.2-26.ent.s390.rpm
dd97855b16bb9db0fd6439bcb699c477  php-ldap-4.3.2-26.ent.s390.rpm
e7dbcb83120a51ebba485f4cbbc43f50  php-mysql-4.3.2-26.ent.s390.rpm
a84ba06a5053db4074eadbbc6da72361  php-odbc-4.3.2-26.ent.s390.rpm
42df4a8dfd2ec10ad0081fa541f5ad68  php-pgsql-4.3.2-26.ent.s390.rpm

s390x:
66f783b90235bad52971f7b6b8325cae  php-4.3.2-26.ent.s390x.rpm
f88355fae4b772a00ca7c085a819e9c5  php-devel-4.3.2-26.ent.s390x.rpm
fc70ce66b38d5e6c46867985cb4588d8  php-imap-4.3.2-26.ent.s390x.rpm
a8b561fd412269831bc44f4db64571ae  php-ldap-4.3.2-26.ent.s390x.rpm
db71f01094bd949c14b6e8ae55d15f50  php-mysql-4.3.2-26.ent.s390x.rpm
3ad660c7e71845f10bb81dad49a096d1  php-odbc-4.3.2-26.ent.s390x.rpm
6878954b18c5e8f45e0cded465818a40  php-pgsql-4.3.2-26.ent.s390x.rpm

x86_64:
1f6ad6872aa68c65fe129ffd0ebae3c7  php-4.3.2-26.ent.x86_64.rpm
f767a494e0124ff0b4db922acc00d205  php-devel-4.3.2-26.ent.x86_64.rpm
21ef0dfa84983afb4d97031e84e3d331  php-imap-4.3.2-26.ent.x86_64.rpm
284bcd98fe1b9280c025372f480d0e0c  php-ldap-4.3.2-26.ent.x86_64.rpm
da7cb0a6caafd4c1b5e0a0ab280c7b68  php-mysql-4.3.2-26.ent.x86_64.rpm
a41070197293f10cd69fdc0eca53d8b5  php-odbc-4.3.2-26.ent.x86_64.rpm
733a7d34cf81a8d36c6677f70798c8f2  php-pgsql-4.3.2-26.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-26.ent.src.rpm
d46e8398fdd5b7824c035e1fd1d1da68  php-4.3.2-26.ent.src.rpm

i386:
d93ec4e3c3f203b201943729c0364ffd  php-4.3.2-26.ent.i386.rpm
053003467491195a6e115d51ead1aebd  php-devel-4.3.2-26.ent.i386.rpm
bf1565d0e0c50902a7d6288ce5bcf579  php-imap-4.3.2-26.ent.i386.rpm
853b0a5358e6e5b9bd25cb4bfa8a67a2  php-ldap-4.3.2-26.ent.i386.rpm
451bd6cbf36b999d99a27709065b8022  php-mysql-4.3.2-26.ent.i386.rpm
22322bb52f035398d2ce7c99776427e3  php-odbc-4.3.2-26.ent.i386.rpm
3a0ddf1eee717e81e4536de19a262915  php-pgsql-4.3.2-26.ent.i386.rpm

x86_64:
1f6ad6872aa68c65fe129ffd0ebae3c7  php-4.3.2-26.ent.x86_64.rpm
f767a494e0124ff0b4db922acc00d205  php-devel-4.3.2-26.ent.x86_64.rpm
21ef0dfa84983afb4d97031e84e3d331  php-imap-4.3.2-26.ent.x86_64.rpm
284bcd98fe1b9280c025372f480d0e0c  php-ldap-4.3.2-26.ent.x86_64.rpm
da7cb0a6caafd4c1b5e0a0ab280c7b68  php-mysql-4.3.2-26.ent.x86_64.rpm
a41070197293f10cd69fdc0eca53d8b5  php-odbc-4.3.2-26.ent.x86_64.rpm
733a7d34cf81a8d36c6677f70798c8f2  php-pgsql-4.3.2-26.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-26.ent.src.rpm
d46e8398fdd5b7824c035e1fd1d1da68  php-4.3.2-26.ent.src.rpm

i386:
d93ec4e3c3f203b201943729c0364ffd  php-4.3.2-26.ent.i386.rpm
053003467491195a6e115d51ead1aebd  php-devel-4.3.2-26.ent.i386.rpm
bf1565d0e0c50902a7d6288ce5bcf579  php-imap-4.3.2-26.ent.i386.rpm
853b0a5358e6e5b9bd25cb4bfa8a67a2  php-ldap-4.3.2-26.ent.i386.rpm
451bd6cbf36b999d99a27709065b8022  php-mysql-4.3.2-26.ent.i386.rpm
22322bb52f035398d2ce7c99776427e3  php-odbc-4.3.2-26.ent.i386.rpm
3a0ddf1eee717e81e4536de19a262915  php-pgsql-4.3.2-26.ent.i386.rpm

ia64:
bceaf10fe0ba0c7c95c1f01c3c2c2c26  php-4.3.2-26.ent.ia64.rpm
33347cbad2ebf3f8ec25c4f39488c3aa  php-devel-4.3.2-26.ent.ia64.rpm
0272cc5dc65035ff67d11b191b0eb132  php-imap-4.3.2-26.ent.ia64.rpm
2c8414b3b43f806065de630e4b24850a  php-ldap-4.3.2-26.ent.ia64.rpm
3c82d4485790e149eb89c6692cc11438  php-mysql-4.3.2-26.ent.ia64.rpm
0856e5a1db31cadd22b9afc485fe9f41  php-odbc-4.3.2-26.ent.ia64.rpm
70cf8e4f495021d8bcd178ef050a380f  php-pgsql-4.3.2-26.ent.ia64.rpm

x86_64:
1f6ad6872aa68c65fe129ffd0ebae3c7  php-4.3.2-26.ent.x86_64.rpm
f767a494e0124ff0b4db922acc00d205  php-devel-4.3.2-26.ent.x86_64.rpm
21ef0dfa84983afb4d97031e84e3d331  php-imap-4.3.2-26.ent.x86_64.rpm
284bcd98fe1b9280c025372f480d0e0c  php-ldap-4.3.2-26.ent.x86_64.rpm
da7cb0a6caafd4c1b5e0a0ab280c7b68  php-mysql-4.3.2-26.ent.x86_64.rpm
a41070197293f10cd69fdc0eca53d8b5  php-odbc-4.3.2-26.ent.x86_64.rpm
733a7d34cf81a8d36c6677f70798c8f2  php-pgsql-4.3.2-26.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-26.ent.src.rpm
d46e8398fdd5b7824c035e1fd1d1da68  php-4.3.2-26.ent.src.rpm

i386:
d93ec4e3c3f203b201943729c0364ffd  php-4.3.2-26.ent.i386.rpm
053003467491195a6e115d51ead1aebd  php-devel-4.3.2-26.ent.i386.rpm
bf1565d0e0c50902a7d6288ce5bcf579  php-imap-4.3.2-26.ent.i386.rpm
853b0a5358e6e5b9bd25cb4bfa8a67a2  php-ldap-4.3.2-26.ent.i386.rpm
451bd6cbf36b999d99a27709065b8022  php-mysql-4.3.2-26.ent.i386.rpm
22322bb52f035398d2ce7c99776427e3  php-odbc-4.3.2-26.ent.i386.rpm
3a0ddf1eee717e81e4536de19a262915  php-pgsql-4.3.2-26.ent.i386.rpm

ia64:
bceaf10fe0ba0c7c95c1f01c3c2c2c26  php-4.3.2-26.ent.ia64.rpm
33347cbad2ebf3f8ec25c4f39488c3aa  php-devel-4.3.2-26.ent.ia64.rpm
0272cc5dc65035ff67d11b191b0eb132  php-imap-4.3.2-26.ent.ia64.rpm
2c8414b3b43f806065de630e4b24850a  php-ldap-4.3.2-26.ent.ia64.rpm
3c82d4485790e149eb89c6692cc11438  php-mysql-4.3.2-26.ent.ia64.rpm
0856e5a1db31cadd22b9afc485fe9f41  php-odbc-4.3.2-26.ent.ia64.rpm
70cf8e4f495021d8bcd178ef050a380f  php-pgsql-4.3.2-26.ent.ia64.rpm

x86_64:
1f6ad6872aa68c65fe129ffd0ebae3c7  php-4.3.2-26.ent.x86_64.rpm
f767a494e0124ff0b4db922acc00d205  php-devel-4.3.2-26.ent.x86_64.rpm
21ef0dfa84983afb4d97031e84e3d331  php-imap-4.3.2-26.ent.x86_64.rpm
284bcd98fe1b9280c025372f480d0e0c  php-ldap-4.3.2-26.ent.x86_64.rpm
da7cb0a6caafd4c1b5e0a0ab280c7b68  php-mysql-4.3.2-26.ent.x86_64.rpm
a41070197293f10cd69fdc0eca53d8b5  php-odbc-4.3.2-26.ent.x86_64.rpm
733a7d34cf81a8d36c6677f70798c8f2  php-pgsql-4.3.2-26.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.9.src.rpm
7493ae509d6129a32c5ce3bd998fd68a  php-4.3.9-3.9.src.rpm

i386:
3a0734832da6be3b2f1e910ceee773f4  php-4.3.9-3.9.i386.rpm
a256cc6a4dd5ee99ffd683da89beb1ac  php-devel-4.3.9-3.9.i386.rpm
335d54777f27ef02576cc0a7adf5af56  php-domxml-4.3.9-3.9.i386.rpm
ea53e838519685d493612d0bbf2a67dc  php-gd-4.3.9-3.9.i386.rpm
bb141447a9e98510ffc25abdf4e9006e  php-imap-4.3.9-3.9.i386.rpm
195e680107e9a1d40abf07fbc80ed865  php-ldap-4.3.9-3.9.i386.rpm
a0c41be5a1bda27540f43a8107fb6939  php-mbstring-4.3.9-3.9.i386.rpm
3da385c562d5c3beb8520699d84b198b  php-mysql-4.3.9-3.9.i386.rpm
8ff6dd7a0951d83c43a5fe17e88ec088  php-ncurses-4.3.9-3.9.i386.rpm
1c111fb9b5175448b6952a94197631c6  php-odbc-4.3.9-3.9.i386.rpm
d1c4e5b4030588a941508940d75d41ed  php-pear-4.3.9-3.9.i386.rpm
a5996fcc6334eedb9dc2f77301c7e026  php-pgsql-4.3.9-3.9.i386.rpm
b1e993a096b30326e5ccf76661f29d08  php-snmp-4.3.9-3.9.i386.rpm
c43ee16df0d60804d762a5dbdb5a67eb  php-xmlrpc-4.3.9-3.9.i386.rpm

ia64:
38c446f563ccade410b70440b8b67677  php-4.3.9-3.9.ia64.rpm
6aabf55df846c96c72b236f2632dc966  php-devel-4.3.9-3.9.ia64.rpm
c23e8d86007cad9a7823c1dc0e3d155e  php-domxml-4.3.9-3.9.ia64.rpm
19c46d57b82b105a0c2666508206d375  php-gd-4.3.9-3.9.ia64.rpm
ad908e367fcee4cc061043157df6b126  php-imap-4.3.9-3.9.ia64.rpm
a266652f6bbc80d40d16a1356226e325  php-ldap-4.3.9-3.9.ia64.rpm
195d5c8df90f8f368aa25beb0746f9ee  php-mbstring-4.3.9-3.9.ia64.rpm
05dddd1f73ad1dd682eed2143d9dfb35  php-mysql-4.3.9-3.9.ia64.rpm
e000540478ca795e05ca1cc4e2087194  php-ncurses-4.3.9-3.9.ia64.rpm
8fd55a417536a3068467d6450b02f70e  php-odbc-4.3.9-3.9.ia64.rpm
eb33f45a81e1fbf0470cf52fb11dcd87  php-pear-4.3.9-3.9.ia64.rpm
7b7cd7373a87c1eff02e89b3acbe754c  php-pgsql-4.3.9-3.9.ia64.rpm
da5bea293e9d6254998719f12a6c1e7f  php-snmp-4.3.9-3.9.ia64.rpm
7440c3dbf7b7850e43efb2f094e87970  php-xmlrpc-4.3.9-3.9.ia64.rpm

ppc:
d4dac54549328cf2ff8bc5ae0d824e61  php-4.3.9-3.9.ppc.rpm
9c620f638a126eb2c8af88ce98c57f7d  php-devel-4.3.9-3.9.ppc.rpm
d3225c82fa9620b32f992809d428f914  php-domxml-4.3.9-3.9.ppc.rpm
d6ed5fdda80868cba05deca4a17b5bd1  php-gd-4.3.9-3.9.ppc.rpm
1ead9724f6db9b85b0557f4bbe325c67  php-imap-4.3.9-3.9.ppc.rpm
2e5a8fc1abf984fd633790c9262b18de  php-ldap-4.3.9-3.9.ppc.rpm
48099e091ec856cf07e113a42fa86aa5  php-mbstring-4.3.9-3.9.ppc.rpm
3c5f6267d377927eab8d8f661dd35f31  php-mysql-4.3.9-3.9.ppc.rpm
642f49e77bdde84fa27e38c4c2c8ca3a  php-ncurses-4.3.9-3.9.ppc.rpm
08628cc16fe3d543571e065dfb9ca40a  php-odbc-4.3.9-3.9.ppc.rpm
538447d84fab27658b72aa86a87904b0  php-pear-4.3.9-3.9.ppc.rpm
5ddb04a978ed936b2135445e7c8f29f8  php-pgsql-4.3.9-3.9.ppc.rpm
250c8919ecdebbed3681a406ba774584  php-snmp-4.3.9-3.9.ppc.rpm
0b0c0a49a7563d4ce8e53fecf92f54c1  php-xmlrpc-4.3.9-3.9.ppc.rpm

s390:
6c26a422564613c8594fa0e7411c6805  php-4.3.9-3.9.s390.rpm
7e77ba77044e0e61aa7163086ef7868a  php-devel-4.3.9-3.9.s390.rpm
5facdb7246b38e6d4ff6f98100aeade4  php-domxml-4.3.9-3.9.s390.rpm
a4e5e0a0fa51439242914c23c69e1d21  php-gd-4.3.9-3.9.s390.rpm
271f1b11e28ec5db32107eb507d19114  php-imap-4.3.9-3.9.s390.rpm
7e8cdf3fa15616356e3a42023ed23316  php-ldap-4.3.9-3.9.s390.rpm
03359db5632cef53985230794f086ce1  php-mbstring-4.3.9-3.9.s390.rpm
5f32c8c3ba6f802bd7d28c2ae962d21b  php-mysql-4.3.9-3.9.s390.rpm
2d174148612c679e9fe3e2f98df1ebe7  php-ncurses-4.3.9-3.9.s390.rpm
f5116f15e905f8def2ed9a624d360653  php-odbc-4.3.9-3.9.s390.rpm
daf5cd69c63cc742a208282a28d526e0  php-pear-4.3.9-3.9.s390.rpm
f3ac3d57b259e887ed590a8414052e7a  php-pgsql-4.3.9-3.9.s390.rpm
666903bf6b1beedbd70f883caf143c58  php-snmp-4.3.9-3.9.s390.rpm
e8e180dacc0d658830d49d2da6419064  php-xmlrpc-4.3.9-3.9.s390.rpm

s390x:
8cd00f6b90019e7f29f01d6831485250  php-4.3.9-3.9.s390x.rpm
ab838be9e5b90d5577b65937943e43c7  php-devel-4.3.9-3.9.s390x.rpm
75dde8adeb07fd1567cee1140e45ae15  php-domxml-4.3.9-3.9.s390x.rpm
ce08a6ccecb56572e9d71f2ec0de396e  php-gd-4.3.9-3.9.s390x.rpm
903d2201f39da2474bcba6257552681c  php-imap-4.3.9-3.9.s390x.rpm
fe13abbc3b945a287c17ab65f805765a  php-ldap-4.3.9-3.9.s390x.rpm
8d197539a796d266189f986f343b76e0  php-mbstring-4.3.9-3.9.s390x.rpm
561417a7e995cec1d2a93da8a9d385d2  php-mysql-4.3.9-3.9.s390x.rpm
039ccd184163ac72eef384ee9a097aa0  php-ncurses-4.3.9-3.9.s390x.rpm
07a86f95ee41f31945e3af392cae3af4  php-odbc-4.3.9-3.9.s390x.rpm
968f65375285a0d3673d08a9d4a883d6  php-pear-4.3.9-3.9.s390x.rpm
05c4f42f1b464bfae4e79c9e1c8a6e37  php-pgsql-4.3.9-3.9.s390x.rpm
995be28f2c93c3dbe67119e2791bbfd0  php-snmp-4.3.9-3.9.s390x.rpm
7729607b5682629acf4e8d4d727bcba7  php-xmlrpc-4.3.9-3.9.s390x.rpm

x86_64:
90ee43072ba7a774e58abb90e0a24d30  php-4.3.9-3.9.x86_64.rpm
2b41833c26f7565b5bcda0d103a33ae3  php-devel-4.3.9-3.9.x86_64.rpm
31e98b8c2e7f30ec8de06b7d9306d9b3  php-domxml-4.3.9-3.9.x86_64.rpm
8aab7ae77993e0149530933138814858  php-gd-4.3.9-3.9.x86_64.rpm
fe18be11ce81f6b29f284ec70ab10bef  php-imap-4.3.9-3.9.x86_64.rpm
687498617112998740fad6217c2c380b  php-ldap-4.3.9-3.9.x86_64.rpm
559f653ca43e45b9ffa8f22ea0302b96  php-mbstring-4.3.9-3.9.x86_64.rpm
0db17be2a498a79be41d4ac195b090a4  php-mysql-4.3.9-3.9.x86_64.rpm
928912c4585003aa93b185c84578ab54  php-ncurses-4.3.9-3.9.x86_64.rpm
e38dd82d8ec5457c0273f81eb7744878  php-odbc-4.3.9-3.9.x86_64.rpm
5402c1d977225f0ca154326d08781a3c  php-pear-4.3.9-3.9.x86_64.rpm
b23f844669f5bedfaeca5b36f715bdea  php-pgsql-4.3.9-3.9.x86_64.rpm
3faae8587aa351f95cf814077650d76c  php-snmp-4.3.9-3.9.x86_64.rpm
cb1b67f5ba3412b48f447ed610d2612b  php-xmlrpc-4.3.9-3.9.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.9.src.rpm
7493ae509d6129a32c5ce3bd998fd68a  php-4.3.9-3.9.src.rpm

i386:
3a0734832da6be3b2f1e910ceee773f4  php-4.3.9-3.9.i386.rpm
a256cc6a4dd5ee99ffd683da89beb1ac  php-devel-4.3.9-3.9.i386.rpm
335d54777f27ef02576cc0a7adf5af56  php-domxml-4.3.9-3.9.i386.rpm
ea53e838519685d493612d0bbf2a67dc  php-gd-4.3.9-3.9.i386.rpm
bb141447a9e98510ffc25abdf4e9006e  php-imap-4.3.9-3.9.i386.rpm
195e680107e9a1d40abf07fbc80ed865  php-ldap-4.3.9-3.9.i386.rpm
a0c41be5a1bda27540f43a8107fb6939  php-mbstring-4.3.9-3.9.i386.rpm
3da385c562d5c3beb8520699d84b198b  php-mysql-4.3.9-3.9.i386.rpm
8ff6dd7a0951d83c43a5fe17e88ec088  php-ncurses-4.3.9-3.9.i386.rpm
1c111fb9b5175448b6952a94197631c6  php-odbc-4.3.9-3.9.i386.rpm
d1c4e5b4030588a941508940d75d41ed  php-pear-4.3.9-3.9.i386.rpm
a5996fcc6334eedb9dc2f77301c7e026  php-pgsql-4.3.9-3.9.i386.rpm
b1e993a096b30326e5ccf76661f29d08  php-snmp-4.3.9-3.9.i386.rpm
c43ee16df0d60804d762a5dbdb5a67eb  php-xmlrpc-4.3.9-3.9.i386.rpm

x86_64:
90ee43072ba7a774e58abb90e0a24d30  php-4.3.9-3.9.x86_64.rpm
2b41833c26f7565b5bcda0d103a33ae3  php-devel-4.3.9-3.9.x86_64.rpm
31e98b8c2e7f30ec8de06b7d9306d9b3  php-domxml-4.3.9-3.9.x86_64.rpm
8aab7ae77993e0149530933138814858  php-gd-4.3.9-3.9.x86_64.rpm
fe18be11ce81f6b29f284ec70ab10bef  php-imap-4.3.9-3.9.x86_64.rpm
687498617112998740fad6217c2c380b  php-ldap-4.3.9-3.9.x86_64.rpm
559f653ca43e45b9ffa8f22ea0302b96  php-mbstring-4.3.9-3.9.x86_64.rpm
0db17be2a498a79be41d4ac195b090a4  php-mysql-4.3.9-3.9.x86_64.rpm
928912c4585003aa93b185c84578ab54  php-ncurses-4.3.9-3.9.x86_64.rpm
e38dd82d8ec5457c0273f81eb7744878  php-odbc-4.3.9-3.9.x86_64.rpm
5402c1d977225f0ca154326d08781a3c  php-pear-4.3.9-3.9.x86_64.rpm
b23f844669f5bedfaeca5b36f715bdea  php-pgsql-4.3.9-3.9.x86_64.rpm
3faae8587aa351f95cf814077650d76c  php-snmp-4.3.9-3.9.x86_64.rpm
cb1b67f5ba3412b48f447ed610d2612b  php-xmlrpc-4.3.9-3.9.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.9.src.rpm
7493ae509d6129a32c5ce3bd998fd68a  php-4.3.9-3.9.src.rpm

i386:
3a0734832da6be3b2f1e910ceee773f4  php-4.3.9-3.9.i386.rpm
a256cc6a4dd5ee99ffd683da89beb1ac  php-devel-4.3.9-3.9.i386.rpm
335d54777f27ef02576cc0a7adf5af56  php-domxml-4.3.9-3.9.i386.rpm
ea53e838519685d493612d0bbf2a67dc  php-gd-4.3.9-3.9.i386.rpm
bb141447a9e98510ffc25abdf4e9006e  php-imap-4.3.9-3.9.i386.rpm
195e680107e9a1d40abf07fbc80ed865  php-ldap-4.3.9-3.9.i386.rpm
a0c41be5a1bda27540f43a8107fb6939  php-mbstring-4.3.9-3.9.i386.rpm
3da385c562d5c3beb8520699d84b198b  php-mysql-4.3.9-3.9.i386.rpm
8ff6dd7a0951d83c43a5fe17e88ec088  php-ncurses-4.3.9-3.9.i386.rpm
1c111fb9b5175448b6952a94197631c6  php-odbc-4.3.9-3.9.i386.rpm
d1c4e5b4030588a941508940d75d41ed  php-pear-4.3.9-3.9.i386.rpm
a5996fcc6334eedb9dc2f77301c7e026  php-pgsql-4.3.9-3.9.i386.rpm
b1e993a096b30326e5ccf76661f29d08  php-snmp-4.3.9-3.9.i386.rpm
c43ee16df0d60804d762a5dbdb5a67eb  php-xmlrpc-4.3.9-3.9.i386.rpm

ia64:
38c446f563ccade410b70440b8b67677  php-4.3.9-3.9.ia64.rpm
6aabf55df846c96c72b236f2632dc966  php-devel-4.3.9-3.9.ia64.rpm
c23e8d86007cad9a7823c1dc0e3d155e  php-domxml-4.3.9-3.9.ia64.rpm
19c46d57b82b105a0c2666508206d375  php-gd-4.3.9-3.9.ia64.rpm
ad908e367fcee4cc061043157df6b126  php-imap-4.3.9-3.9.ia64.rpm
a266652f6bbc80d40d16a1356226e325  php-ldap-4.3.9-3.9.ia64.rpm
195d5c8df90f8f368aa25beb0746f9ee  php-mbstring-4.3.9-3.9.ia64.rpm
05dddd1f73ad1dd682eed2143d9dfb35  php-mysql-4.3.9-3.9.ia64.rpm
e000540478ca795e05ca1cc4e2087194  php-ncurses-4.3.9-3.9.ia64.rpm
8fd55a417536a3068467d6450b02f70e  php-odbc-4.3.9-3.9.ia64.rpm
eb33f45a81e1fbf0470cf52fb11dcd87  php-pear-4.3.9-3.9.ia64.rpm
7b7cd7373a87c1eff02e89b3acbe754c  php-pgsql-4.3.9-3.9.ia64.rpm
da5bea293e9d6254998719f12a6c1e7f  php-snmp-4.3.9-3.9.ia64.rpm
7440c3dbf7b7850e43efb2f094e87970  php-xmlrpc-4.3.9-3.9.ia64.rpm

x86_64:
90ee43072ba7a774e58abb90e0a24d30  php-4.3.9-3.9.x86_64.rpm
2b41833c26f7565b5bcda0d103a33ae3  php-devel-4.3.9-3.9.x86_64.rpm
31e98b8c2e7f30ec8de06b7d9306d9b3  php-domxml-4.3.9-3.9.x86_64.rpm
8aab7ae77993e0149530933138814858  php-gd-4.3.9-3.9.x86_64.rpm
fe18be11ce81f6b29f284ec70ab10bef  php-imap-4.3.9-3.9.x86_64.rpm
687498617112998740fad6217c2c380b  php-ldap-4.3.9-3.9.x86_64.rpm
559f653ca43e45b9ffa8f22ea0302b96  php-mbstring-4.3.9-3.9.x86_64.rpm
0db17be2a498a79be41d4ac195b090a4  php-mysql-4.3.9-3.9.x86_64.rpm
928912c4585003aa93b185c84578ab54  php-ncurses-4.3.9-3.9.x86_64.rpm
e38dd82d8ec5457c0273f81eb7744878  php-odbc-4.3.9-3.9.x86_64.rpm
5402c1d977225f0ca154326d08781a3c  php-pear-4.3.9-3.9.x86_64.rpm
b23f844669f5bedfaeca5b36f715bdea  php-pgsql-4.3.9-3.9.x86_64.rpm
3faae8587aa351f95cf814077650d76c  php-snmp-4.3.9-3.9.x86_64.rpm
cb1b67f5ba3412b48f447ed610d2612b  php-xmlrpc-4.3.9-3.9.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.9.src.rpm
7493ae509d6129a32c5ce3bd998fd68a  php-4.3.9-3.9.src.rpm

i386:
3a0734832da6be3b2f1e910ceee773f4  php-4.3.9-3.9.i386.rpm
a256cc6a4dd5ee99ffd683da89beb1ac  php-devel-4.3.9-3.9.i386.rpm
335d54777f27ef02576cc0a7adf5af56  php-domxml-4.3.9-3.9.i386.rpm
ea53e838519685d493612d0bbf2a67dc  php-gd-4.3.9-3.9.i386.rpm
bb141447a9e98510ffc25abdf4e9006e  php-imap-4.3.9-3.9.i386.rpm
195e680107e9a1d40abf07fbc80ed865  php-ldap-4.3.9-3.9.i386.rpm
a0c41be5a1bda27540f43a8107fb6939  php-mbstring-4.3.9-3.9.i386.rpm
3da385c562d5c3beb8520699d84b198b  php-mysql-4.3.9-3.9.i386.rpm
8ff6dd7a0951d83c43a5fe17e88ec088  php-ncurses-4.3.9-3.9.i386.rpm
1c111fb9b5175448b6952a94197631c6  php-odbc-4.3.9-3.9.i386.rpm
d1c4e5b4030588a941508940d75d41ed  php-pear-4.3.9-3.9.i386.rpm
a5996fcc6334eedb9dc2f77301c7e026  php-pgsql-4.3.9-3.9.i386.rpm
b1e993a096b30326e5ccf76661f29d08  php-snmp-4.3.9-3.9.i386.rpm
c43ee16df0d60804d762a5dbdb5a67eb  php-xmlrpc-4.3.9-3.9.i386.rpm

ia64:
38c446f563ccade410b70440b8b67677  php-4.3.9-3.9.ia64.rpm
6aabf55df846c96c72b236f2632dc966  php-devel-4.3.9-3.9.ia64.rpm
c23e8d86007cad9a7823c1dc0e3d155e  php-domxml-4.3.9-3.9.ia64.rpm
19c46d57b82b105a0c2666508206d375  php-gd-4.3.9-3.9.ia64.rpm
ad908e367fcee4cc061043157df6b126  php-imap-4.3.9-3.9.ia64.rpm
a266652f6bbc80d40d16a1356226e325  php-ldap-4.3.9-3.9.ia64.rpm
195d5c8df90f8f368aa25beb0746f9ee  php-mbstring-4.3.9-3.9.ia64.rpm
05dddd1f73ad1dd682eed2143d9dfb35  php-mysql-4.3.9-3.9.ia64.rpm
e000540478ca795e05ca1cc4e2087194  php-ncurses-4.3.9-3.9.ia64.rpm
8fd55a417536a3068467d6450b02f70e  php-odbc-4.3.9-3.9.ia64.rpm
eb33f45a81e1fbf0470cf52fb11dcd87  php-pear-4.3.9-3.9.ia64.rpm
7b7cd7373a87c1eff02e89b3acbe754c  php-pgsql-4.3.9-3.9.ia64.rpm
da5bea293e9d6254998719f12a6c1e7f  php-snmp-4.3.9-3.9.ia64.rpm
7440c3dbf7b7850e43efb2f094e87970  php-xmlrpc-4.3.9-3.9.ia64.rpm

x86_64:
90ee43072ba7a774e58abb90e0a24d30  php-4.3.9-3.9.x86_64.rpm
2b41833c26f7565b5bcda0d103a33ae3  php-devel-4.3.9-3.9.x86_64.rpm
31e98b8c2e7f30ec8de06b7d9306d9b3  php-domxml-4.3.9-3.9.x86_64.rpm
8aab7ae77993e0149530933138814858  php-gd-4.3.9-3.9.x86_64.rpm
fe18be11ce81f6b29f284ec70ab10bef  php-imap-4.3.9-3.9.x86_64.rpm
687498617112998740fad6217c2c380b  php-ldap-4.3.9-3.9.x86_64.rpm
559f653ca43e45b9ffa8f22ea0302b96  php-mbstring-4.3.9-3.9.x86_64.rpm
0db17be2a498a79be41d4ac195b090a4  php-mysql-4.3.9-3.9.x86_64.rpm
928912c4585003aa93b185c84578ab54  php-ncurses-4.3.9-3.9.x86_64.rpm
e38dd82d8ec5457c0273f81eb7744878  php-odbc-4.3.9-3.9.x86_64.rpm
5402c1d977225f0ca154326d08781a3c  php-pear-4.3.9-3.9.x86_64.rpm
b23f844669f5bedfaeca5b36f715bdea  php-pgsql-4.3.9-3.9.x86_64.rpm
3faae8587aa351f95cf814077650d76c  php-snmp-4.3.9-3.9.x86_64.rpm
cb1b67f5ba3412b48f447ed610d2612b  php-xmlrpc-4.3.9-3.9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3388
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3389
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3390

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2005 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying
FreeBSD Patches DoS Vulnerability
Rogue cell towers discovered in Washington, D.C.
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.