LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: September 15th, 2014
Linux Security Week: September 8th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
RedHat: Moderate: php security update Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
RedHat Linux Updated PHP packages that fix several security issues are now available for Red Hat Enterprise Linux 4 and 5. Various integer overflow flaws were found in the PHP gd extension. A script that could be forced to resize images from an untrusted source could possibly allow a remote attacker to execute arbitrary code as the apache user.
- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Moderate: php security update
Advisory ID:       RHSA-2007:0890-02
Advisory URL:      https://rhn.redhat.com/errata/RHSA-2007-0890.html
Issue date:        2007-09-20
Updated on:        2007-09-20
Product:           Red Hat Enterprise Linux
CVE Names:         CVE-2007-2756 CVE-2007-2872 CVE-2007-3799 
                   CVE-2007-3996 CVE-2007-3998 CVE-2007-4658 
                   CVE-2007-4670 
- ---------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix several security issues are now available
for Red Hat Enterprise Linux 4 and 5.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64
RHEL Desktop Workstation (v. 5 client) - i386, x86_64
Red Hat Enterprise Linux (v. 5 server) - i386, ia64, ppc, s390x, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

Various integer overflow flaws were found in the PHP gd extension. A script
that could be forced to resize images from an untrusted source could
possibly allow a remote attacker to execute arbitrary code as the apache
user. (CVE-2007-3996)

An integer overflow flaw was found in the PHP chunk_split function. If a
remote attacker was able to pass arbitrary data to the third argument of
chunk_split they could possibly execute arbitrary code as the apache user.
Note that it is unusual for a PHP script to use the chunk_script function
with a user-supplied third argument. (CVE-2007-2872)

A previous security update introduced a bug into PHP session cookie
handling. This could allow an attacker to stop a victim from viewing a
vulnerable web site if the victim has first visited a malicious web page
under the control of the attacker, and that page can set a cookie for the
vulnerable web site. (CVE-2007-4670)

A flaw was found in the PHP money_format function. If a remote attacker
was able to pass arbitrary data to the money_format function this could
possibly result in an information leak or denial of service. Note that is
is unusual for a PHP script to pass user-supplied data to the money_format
function. (CVE-2007-4658)

A flaw was found in the PHP wordwrap function. If a remote attacker was
able to pass arbitrary data to the wordwrap function this could possibly
result in a denial of service. (CVE-2007-3998)

A bug was found in PHP session cookie handling. This could allow an
attacker to create a cross-site cookie insertion attack if a victim follows
an untrusted carefully-crafted URL. (CVE-2007-3799)

An infinite-loop flaw was discovered in the PHP gd extension. A script
that could be forced to process PNG images from an untrusted source could
allow a remote attacker to cause a denial of service. (CVE-2007-2756)

Users of PHP should upgrade to these updated packages, which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  

This update is available via Red Hat Network.  Details on how to use 
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

242032 - CVE-2007-2872 php chunk_split integer overflow
242033 - CVE-2007-2756 php imagecreatefrompng infinite loop
250726 - CVE-2007-3799 php cross-site cookie insertion
276081 - CVE-2007-3998 php floating point exception inside wordwrap
278011 - CVE-2007-4658 php money_format format string issue
278031 - CVE-2007-3996 php multiple integer overflows in gd
278041 - CVE-2007-4670 php malformed cookie handling

6. RPMs required:

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.22.9.src.rpm
e8faf5e66a4d04303153bbd3e6a1773f  php-4.3.9-3.22.9.src.rpm

i386:
f5cb79eb51c09c5e60309ece67895d64  php-4.3.9-3.22.9.i386.rpm
206f66395b4230cff158a08f9f998e86  php-debuginfo-4.3.9-3.22.9.i386.rpm
0c04f959984ef47b0bcc307b73a8f5eb  php-devel-4.3.9-3.22.9.i386.rpm
db918b65280c80a53f5a4a74bdb19a52  php-domxml-4.3.9-3.22.9.i386.rpm
d7431a4a781fff266232df0ad57e2709  php-gd-4.3.9-3.22.9.i386.rpm
e3ce635c4be3a8e0e7eb9cd8f2068379  php-imap-4.3.9-3.22.9.i386.rpm
fc09c0c3adab947b299c6d2cbcb48729  php-ldap-4.3.9-3.22.9.i386.rpm
7887404560bb2b92e524124a075d1363  php-mbstring-4.3.9-3.22.9.i386.rpm
c70c9d4979af2a809df19bc41f8b650d  php-mysql-4.3.9-3.22.9.i386.rpm
c1a87bb151525977df856e9e858a67ed  php-ncurses-4.3.9-3.22.9.i386.rpm
62843188fd5f12af880f324a77494cb0  php-odbc-4.3.9-3.22.9.i386.rpm
5ee22eac2c6be35932b82308a5b28870  php-pear-4.3.9-3.22.9.i386.rpm
1d294819a2c537748fe09ad72f0a6937  php-pgsql-4.3.9-3.22.9.i386.rpm
50bac687d584a5bcc75214d13b29c071  php-snmp-4.3.9-3.22.9.i386.rpm
ae1ca38652d31234e50d99e9ac5056e9  php-xmlrpc-4.3.9-3.22.9.i386.rpm

ia64:
f01bb7d5b1a489342b5f3ef7322d1cc2  php-4.3.9-3.22.9.ia64.rpm
9109d5cfe343e8912f1f80f477bd8485  php-debuginfo-4.3.9-3.22.9.ia64.rpm
675ecf89dde72e3096a7efa9ff90d06a  php-devel-4.3.9-3.22.9.ia64.rpm
7d8a64b6b071debd56ad0863a2175ee0  php-domxml-4.3.9-3.22.9.ia64.rpm
bab5aeb8b6fc0d19870ce445ae34d39e  php-gd-4.3.9-3.22.9.ia64.rpm
d35eb7fb24a240976a09197f631aebbc  php-imap-4.3.9-3.22.9.ia64.rpm
e8441d1dca97f68a154e105759a2423e  php-ldap-4.3.9-3.22.9.ia64.rpm
faaca0de23911004b2dbf8a1bad94859  php-mbstring-4.3.9-3.22.9.ia64.rpm
dd715845962a8bbf06b21ea77ca29a42  php-mysql-4.3.9-3.22.9.ia64.rpm
17daef5653617f17e9affcd2248ae2bf  php-ncurses-4.3.9-3.22.9.ia64.rpm
37a146a6f04376b5b147f16f39344445  php-odbc-4.3.9-3.22.9.ia64.rpm
006fd4dc0f4b2591d49c8c65321956a6  php-pear-4.3.9-3.22.9.ia64.rpm
38b0b0a7ca997ed8088865604639434c  php-pgsql-4.3.9-3.22.9.ia64.rpm
dcae1981ff4bfe381fad8a32d2e071a5  php-snmp-4.3.9-3.22.9.ia64.rpm
8934f07315d5fd021c475b4bf821671a  php-xmlrpc-4.3.9-3.22.9.ia64.rpm

ppc:
732a95f82c367ec47b006c7585095733  php-4.3.9-3.22.9.ppc.rpm
6bebf5b3c821fb2e8bb243e630a56dd1  php-debuginfo-4.3.9-3.22.9.ppc.rpm
53ecedce407bf8c427cde2b8e44fc05f  php-devel-4.3.9-3.22.9.ppc.rpm
3f8a0bb779b648933277fe6d509e0917  php-domxml-4.3.9-3.22.9.ppc.rpm
54b82217fe337e747f0674d512b8fe68  php-gd-4.3.9-3.22.9.ppc.rpm
a3560c434d4806d96ad157bb984b1d43  php-imap-4.3.9-3.22.9.ppc.rpm
d3d02be1ca0ae87807e8ec6f22d8630f  php-ldap-4.3.9-3.22.9.ppc.rpm
84230e82aa52694112e2832fe3831bf8  php-mbstring-4.3.9-3.22.9.ppc.rpm
41f2eb554021b6b5c9324c6a04f7da7a  php-mysql-4.3.9-3.22.9.ppc.rpm
e9ff8ab49132263b0d2240eeba38dc75  php-ncurses-4.3.9-3.22.9.ppc.rpm
1bacbe894a59b5cf0cd7fd729e9f46be  php-odbc-4.3.9-3.22.9.ppc.rpm
bd8cf25c07721ae75956f1dba313dddf  php-pear-4.3.9-3.22.9.ppc.rpm
fb04294bf4b307764b1763ef7861ca74  php-pgsql-4.3.9-3.22.9.ppc.rpm
04522d687d3f41bac3b156f2c1e225c3  php-snmp-4.3.9-3.22.9.ppc.rpm
cb5a32b754a03414007d590bd556d3b8  php-xmlrpc-4.3.9-3.22.9.ppc.rpm

s390:
966a3d0fd1bb6be07eaf60807238ba75  php-4.3.9-3.22.9.s390.rpm
887b3a93d4a5d7690940b45f97dc4d2c  php-debuginfo-4.3.9-3.22.9.s390.rpm
5aef3e9ad39b1141b5b8e414db3e0f97  php-devel-4.3.9-3.22.9.s390.rpm
055f761da58dd3e1765bcddb85165369  php-domxml-4.3.9-3.22.9.s390.rpm
00cc7dad9fab2011b0f2007ee4815d8d  php-gd-4.3.9-3.22.9.s390.rpm
ba0999c3e5483570f199b6ec4d86a978  php-imap-4.3.9-3.22.9.s390.rpm
8f62b6a87fb6026f16a331f46eb165ad  php-ldap-4.3.9-3.22.9.s390.rpm
94d58ddbe91d7a4b95473eb16bf743a4  php-mbstring-4.3.9-3.22.9.s390.rpm
f7df921de7891b1ecefcfc98eca37834  php-mysql-4.3.9-3.22.9.s390.rpm
c82eea12c7bcaa89c8053719cd206f58  php-ncurses-4.3.9-3.22.9.s390.rpm
50a663f52500ad9d663f46aa7fd4ffa2  php-odbc-4.3.9-3.22.9.s390.rpm
36f75110ba41866c21959e7dade96a67  php-pear-4.3.9-3.22.9.s390.rpm
b8189f044fb3ee875fe72966ce4b1161  php-pgsql-4.3.9-3.22.9.s390.rpm
3686493ad75f8fca1769e06ec83b34da  php-snmp-4.3.9-3.22.9.s390.rpm
56dc4b878f38476e975b9bd729a14d7b  php-xmlrpc-4.3.9-3.22.9.s390.rpm

s390x:
a02beec04350a707a43d21be520943b6  php-4.3.9-3.22.9.s390x.rpm
7483dc9a21e6132f2d551e92f7f913c5  php-debuginfo-4.3.9-3.22.9.s390x.rpm
fcb3725d7eb892164ce07703c3470d98  php-devel-4.3.9-3.22.9.s390x.rpm
de8e463abb27ee7bdaccea98f8894d37  php-domxml-4.3.9-3.22.9.s390x.rpm
68a8234046c23de52fbc99a7f314c055  php-gd-4.3.9-3.22.9.s390x.rpm
50dd76290dcc36b6a6cd03bc449489fd  php-imap-4.3.9-3.22.9.s390x.rpm
1ca8a0225afaad9d4f22f72968897e99  php-ldap-4.3.9-3.22.9.s390x.rpm
44dc741a1fee812673b10f2c33c114b7  php-mbstring-4.3.9-3.22.9.s390x.rpm
207dcd1dbe39b8ccfb1ce69a1b60501a  php-mysql-4.3.9-3.22.9.s390x.rpm
eb0ce95bbb416dbc6cb11f160157f8c3  php-ncurses-4.3.9-3.22.9.s390x.rpm
6582f964f856944737960186578380a4  php-odbc-4.3.9-3.22.9.s390x.rpm
76c383335c4cb672ac5dc4b1a1472471  php-pear-4.3.9-3.22.9.s390x.rpm
0e0fdbec3297b0c94f21dfdd2ba728a2  php-pgsql-4.3.9-3.22.9.s390x.rpm
79cf46ab55e44b8bbde862cf3f5e2455  php-snmp-4.3.9-3.22.9.s390x.rpm
5e676266ae73dccf7e41aa40dea8db28  php-xmlrpc-4.3.9-3.22.9.s390x.rpm

x86_64:
e83c81e2e342457071be42183343eb44  php-4.3.9-3.22.9.x86_64.rpm
128c67b303e40ee73fe0628e5eb50beb  php-debuginfo-4.3.9-3.22.9.x86_64.rpm
014722aae703df5efc97699f5d79403c  php-devel-4.3.9-3.22.9.x86_64.rpm
cf9d3fdc706e4ecb0d9ecc2516c683a6  php-domxml-4.3.9-3.22.9.x86_64.rpm
013c2e1546325b7e35bd8dfde99b06d0  php-gd-4.3.9-3.22.9.x86_64.rpm
a177149e4314b28d16459f712fd98bf9  php-imap-4.3.9-3.22.9.x86_64.rpm
fdfc175140990346e0dbe642ad2d42ab  php-ldap-4.3.9-3.22.9.x86_64.rpm
91ac7907e9fc58f88092fbf0da7fa935  php-mbstring-4.3.9-3.22.9.x86_64.rpm
e30571f87480f7924a1560b728ea9152  php-mysql-4.3.9-3.22.9.x86_64.rpm
72ca3252ee573fce4d1df9fd834a9e4b  php-ncurses-4.3.9-3.22.9.x86_64.rpm
7e346253b45403ecafd625d3fb47e1e9  php-odbc-4.3.9-3.22.9.x86_64.rpm
a2634d277ed4d2b9fda943d387c4f6b5  php-pear-4.3.9-3.22.9.x86_64.rpm
e0f4b32081eaaf91dd056a7b73b56d51  php-pgsql-4.3.9-3.22.9.x86_64.rpm
09c125d212803f67c46540ff8b14c4cf  php-snmp-4.3.9-3.22.9.x86_64.rpm
374bac1646ae54bc69414096f1d1e7f9  php-xmlrpc-4.3.9-3.22.9.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.22.9.src.rpm
e8faf5e66a4d04303153bbd3e6a1773f  php-4.3.9-3.22.9.src.rpm

i386:
f5cb79eb51c09c5e60309ece67895d64  php-4.3.9-3.22.9.i386.rpm
206f66395b4230cff158a08f9f998e86  php-debuginfo-4.3.9-3.22.9.i386.rpm
0c04f959984ef47b0bcc307b73a8f5eb  php-devel-4.3.9-3.22.9.i386.rpm
db918b65280c80a53f5a4a74bdb19a52  php-domxml-4.3.9-3.22.9.i386.rpm
d7431a4a781fff266232df0ad57e2709  php-gd-4.3.9-3.22.9.i386.rpm
e3ce635c4be3a8e0e7eb9cd8f2068379  php-imap-4.3.9-3.22.9.i386.rpm
fc09c0c3adab947b299c6d2cbcb48729  php-ldap-4.3.9-3.22.9.i386.rpm
7887404560bb2b92e524124a075d1363  php-mbstring-4.3.9-3.22.9.i386.rpm
c70c9d4979af2a809df19bc41f8b650d  php-mysql-4.3.9-3.22.9.i386.rpm
c1a87bb151525977df856e9e858a67ed  php-ncurses-4.3.9-3.22.9.i386.rpm
62843188fd5f12af880f324a77494cb0  php-odbc-4.3.9-3.22.9.i386.rpm
5ee22eac2c6be35932b82308a5b28870  php-pear-4.3.9-3.22.9.i386.rpm
1d294819a2c537748fe09ad72f0a6937  php-pgsql-4.3.9-3.22.9.i386.rpm
50bac687d584a5bcc75214d13b29c071  php-snmp-4.3.9-3.22.9.i386.rpm
ae1ca38652d31234e50d99e9ac5056e9  php-xmlrpc-4.3.9-3.22.9.i386.rpm

x86_64:
e83c81e2e342457071be42183343eb44  php-4.3.9-3.22.9.x86_64.rpm
128c67b303e40ee73fe0628e5eb50beb  php-debuginfo-4.3.9-3.22.9.x86_64.rpm
014722aae703df5efc97699f5d79403c  php-devel-4.3.9-3.22.9.x86_64.rpm
cf9d3fdc706e4ecb0d9ecc2516c683a6  php-domxml-4.3.9-3.22.9.x86_64.rpm
013c2e1546325b7e35bd8dfde99b06d0  php-gd-4.3.9-3.22.9.x86_64.rpm
a177149e4314b28d16459f712fd98bf9  php-imap-4.3.9-3.22.9.x86_64.rpm
fdfc175140990346e0dbe642ad2d42ab  php-ldap-4.3.9-3.22.9.x86_64.rpm
91ac7907e9fc58f88092fbf0da7fa935  php-mbstring-4.3.9-3.22.9.x86_64.rpm
e30571f87480f7924a1560b728ea9152  php-mysql-4.3.9-3.22.9.x86_64.rpm
72ca3252ee573fce4d1df9fd834a9e4b  php-ncurses-4.3.9-3.22.9.x86_64.rpm
7e346253b45403ecafd625d3fb47e1e9  php-odbc-4.3.9-3.22.9.x86_64.rpm
a2634d277ed4d2b9fda943d387c4f6b5  php-pear-4.3.9-3.22.9.x86_64.rpm
e0f4b32081eaaf91dd056a7b73b56d51  php-pgsql-4.3.9-3.22.9.x86_64.rpm
09c125d212803f67c46540ff8b14c4cf  php-snmp-4.3.9-3.22.9.x86_64.rpm
374bac1646ae54bc69414096f1d1e7f9  php-xmlrpc-4.3.9-3.22.9.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.22.9.src.rpm
e8faf5e66a4d04303153bbd3e6a1773f  php-4.3.9-3.22.9.src.rpm

i386:
f5cb79eb51c09c5e60309ece67895d64  php-4.3.9-3.22.9.i386.rpm
206f66395b4230cff158a08f9f998e86  php-debuginfo-4.3.9-3.22.9.i386.rpm
0c04f959984ef47b0bcc307b73a8f5eb  php-devel-4.3.9-3.22.9.i386.rpm
db918b65280c80a53f5a4a74bdb19a52  php-domxml-4.3.9-3.22.9.i386.rpm
d7431a4a781fff266232df0ad57e2709  php-gd-4.3.9-3.22.9.i386.rpm
e3ce635c4be3a8e0e7eb9cd8f2068379  php-imap-4.3.9-3.22.9.i386.rpm
fc09c0c3adab947b299c6d2cbcb48729  php-ldap-4.3.9-3.22.9.i386.rpm
7887404560bb2b92e524124a075d1363  php-mbstring-4.3.9-3.22.9.i386.rpm
c70c9d4979af2a809df19bc41f8b650d  php-mysql-4.3.9-3.22.9.i386.rpm
c1a87bb151525977df856e9e858a67ed  php-ncurses-4.3.9-3.22.9.i386.rpm
62843188fd5f12af880f324a77494cb0  php-odbc-4.3.9-3.22.9.i386.rpm
5ee22eac2c6be35932b82308a5b28870  php-pear-4.3.9-3.22.9.i386.rpm
1d294819a2c537748fe09ad72f0a6937  php-pgsql-4.3.9-3.22.9.i386.rpm
50bac687d584a5bcc75214d13b29c071  php-snmp-4.3.9-3.22.9.i386.rpm
ae1ca38652d31234e50d99e9ac5056e9  php-xmlrpc-4.3.9-3.22.9.i386.rpm

ia64:
f01bb7d5b1a489342b5f3ef7322d1cc2  php-4.3.9-3.22.9.ia64.rpm
9109d5cfe343e8912f1f80f477bd8485  php-debuginfo-4.3.9-3.22.9.ia64.rpm
675ecf89dde72e3096a7efa9ff90d06a  php-devel-4.3.9-3.22.9.ia64.rpm
7d8a64b6b071debd56ad0863a2175ee0  php-domxml-4.3.9-3.22.9.ia64.rpm
bab5aeb8b6fc0d19870ce445ae34d39e  php-gd-4.3.9-3.22.9.ia64.rpm
d35eb7fb24a240976a09197f631aebbc  php-imap-4.3.9-3.22.9.ia64.rpm
e8441d1dca97f68a154e105759a2423e  php-ldap-4.3.9-3.22.9.ia64.rpm
faaca0de23911004b2dbf8a1bad94859  php-mbstring-4.3.9-3.22.9.ia64.rpm
dd715845962a8bbf06b21ea77ca29a42  php-mysql-4.3.9-3.22.9.ia64.rpm
17daef5653617f17e9affcd2248ae2bf  php-ncurses-4.3.9-3.22.9.ia64.rpm
37a146a6f04376b5b147f16f39344445  php-odbc-4.3.9-3.22.9.ia64.rpm
006fd4dc0f4b2591d49c8c65321956a6  php-pear-4.3.9-3.22.9.ia64.rpm
38b0b0a7ca997ed8088865604639434c  php-pgsql-4.3.9-3.22.9.ia64.rpm
dcae1981ff4bfe381fad8a32d2e071a5  php-snmp-4.3.9-3.22.9.ia64.rpm
8934f07315d5fd021c475b4bf821671a  php-xmlrpc-4.3.9-3.22.9.ia64.rpm

x86_64:
e83c81e2e342457071be42183343eb44  php-4.3.9-3.22.9.x86_64.rpm
128c67b303e40ee73fe0628e5eb50beb  php-debuginfo-4.3.9-3.22.9.x86_64.rpm
014722aae703df5efc97699f5d79403c  php-devel-4.3.9-3.22.9.x86_64.rpm
cf9d3fdc706e4ecb0d9ecc2516c683a6  php-domxml-4.3.9-3.22.9.x86_64.rpm
013c2e1546325b7e35bd8dfde99b06d0  php-gd-4.3.9-3.22.9.x86_64.rpm
a177149e4314b28d16459f712fd98bf9  php-imap-4.3.9-3.22.9.x86_64.rpm
fdfc175140990346e0dbe642ad2d42ab  php-ldap-4.3.9-3.22.9.x86_64.rpm
91ac7907e9fc58f88092fbf0da7fa935  php-mbstring-4.3.9-3.22.9.x86_64.rpm
e30571f87480f7924a1560b728ea9152  php-mysql-4.3.9-3.22.9.x86_64.rpm
72ca3252ee573fce4d1df9fd834a9e4b  php-ncurses-4.3.9-3.22.9.x86_64.rpm
7e346253b45403ecafd625d3fb47e1e9  php-odbc-4.3.9-3.22.9.x86_64.rpm
a2634d277ed4d2b9fda943d387c4f6b5  php-pear-4.3.9-3.22.9.x86_64.rpm
e0f4b32081eaaf91dd056a7b73b56d51  php-pgsql-4.3.9-3.22.9.x86_64.rpm
09c125d212803f67c46540ff8b14c4cf  php-snmp-4.3.9-3.22.9.x86_64.rpm
374bac1646ae54bc69414096f1d1e7f9  php-xmlrpc-4.3.9-3.22.9.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.22.9.src.rpm
e8faf5e66a4d04303153bbd3e6a1773f  php-4.3.9-3.22.9.src.rpm

i386:
f5cb79eb51c09c5e60309ece67895d64  php-4.3.9-3.22.9.i386.rpm
206f66395b4230cff158a08f9f998e86  php-debuginfo-4.3.9-3.22.9.i386.rpm
0c04f959984ef47b0bcc307b73a8f5eb  php-devel-4.3.9-3.22.9.i386.rpm
db918b65280c80a53f5a4a74bdb19a52  php-domxml-4.3.9-3.22.9.i386.rpm
d7431a4a781fff266232df0ad57e2709  php-gd-4.3.9-3.22.9.i386.rpm
e3ce635c4be3a8e0e7eb9cd8f2068379  php-imap-4.3.9-3.22.9.i386.rpm
fc09c0c3adab947b299c6d2cbcb48729  php-ldap-4.3.9-3.22.9.i386.rpm
7887404560bb2b92e524124a075d1363  php-mbstring-4.3.9-3.22.9.i386.rpm
c70c9d4979af2a809df19bc41f8b650d  php-mysql-4.3.9-3.22.9.i386.rpm
c1a87bb151525977df856e9e858a67ed  php-ncurses-4.3.9-3.22.9.i386.rpm
62843188fd5f12af880f324a77494cb0  php-odbc-4.3.9-3.22.9.i386.rpm
5ee22eac2c6be35932b82308a5b28870  php-pear-4.3.9-3.22.9.i386.rpm
1d294819a2c537748fe09ad72f0a6937  php-pgsql-4.3.9-3.22.9.i386.rpm
50bac687d584a5bcc75214d13b29c071  php-snmp-4.3.9-3.22.9.i386.rpm
ae1ca38652d31234e50d99e9ac5056e9  php-xmlrpc-4.3.9-3.22.9.i386.rpm

ia64:
f01bb7d5b1a489342b5f3ef7322d1cc2  php-4.3.9-3.22.9.ia64.rpm
9109d5cfe343e8912f1f80f477bd8485  php-debuginfo-4.3.9-3.22.9.ia64.rpm
675ecf89dde72e3096a7efa9ff90d06a  php-devel-4.3.9-3.22.9.ia64.rpm
7d8a64b6b071debd56ad0863a2175ee0  php-domxml-4.3.9-3.22.9.ia64.rpm
bab5aeb8b6fc0d19870ce445ae34d39e  php-gd-4.3.9-3.22.9.ia64.rpm
d35eb7fb24a240976a09197f631aebbc  php-imap-4.3.9-3.22.9.ia64.rpm
e8441d1dca97f68a154e105759a2423e  php-ldap-4.3.9-3.22.9.ia64.rpm
faaca0de23911004b2dbf8a1bad94859  php-mbstring-4.3.9-3.22.9.ia64.rpm
dd715845962a8bbf06b21ea77ca29a42  php-mysql-4.3.9-3.22.9.ia64.rpm
17daef5653617f17e9affcd2248ae2bf  php-ncurses-4.3.9-3.22.9.ia64.rpm
37a146a6f04376b5b147f16f39344445  php-odbc-4.3.9-3.22.9.ia64.rpm
006fd4dc0f4b2591d49c8c65321956a6  php-pear-4.3.9-3.22.9.ia64.rpm
38b0b0a7ca997ed8088865604639434c  php-pgsql-4.3.9-3.22.9.ia64.rpm
dcae1981ff4bfe381fad8a32d2e071a5  php-snmp-4.3.9-3.22.9.ia64.rpm
8934f07315d5fd021c475b4bf821671a  php-xmlrpc-4.3.9-3.22.9.ia64.rpm

x86_64:
e83c81e2e342457071be42183343eb44  php-4.3.9-3.22.9.x86_64.rpm
128c67b303e40ee73fe0628e5eb50beb  php-debuginfo-4.3.9-3.22.9.x86_64.rpm
014722aae703df5efc97699f5d79403c  php-devel-4.3.9-3.22.9.x86_64.rpm
cf9d3fdc706e4ecb0d9ecc2516c683a6  php-domxml-4.3.9-3.22.9.x86_64.rpm
013c2e1546325b7e35bd8dfde99b06d0  php-gd-4.3.9-3.22.9.x86_64.rpm
a177149e4314b28d16459f712fd98bf9  php-imap-4.3.9-3.22.9.x86_64.rpm
fdfc175140990346e0dbe642ad2d42ab  php-ldap-4.3.9-3.22.9.x86_64.rpm
91ac7907e9fc58f88092fbf0da7fa935  php-mbstring-4.3.9-3.22.9.x86_64.rpm
e30571f87480f7924a1560b728ea9152  php-mysql-4.3.9-3.22.9.x86_64.rpm
72ca3252ee573fce4d1df9fd834a9e4b  php-ncurses-4.3.9-3.22.9.x86_64.rpm
7e346253b45403ecafd625d3fb47e1e9  php-odbc-4.3.9-3.22.9.x86_64.rpm
a2634d277ed4d2b9fda943d387c4f6b5  php-pear-4.3.9-3.22.9.x86_64.rpm
e0f4b32081eaaf91dd056a7b73b56d51  php-pgsql-4.3.9-3.22.9.x86_64.rpm
09c125d212803f67c46540ff8b14c4cf  php-snmp-4.3.9-3.22.9.x86_64.rpm
374bac1646ae54bc69414096f1d1e7f9  php-xmlrpc-4.3.9-3.22.9.x86_64.rpm

RHEL Desktop Workstation (v. 5 client):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Client/en/os/SRPMS/php-5.1.6-15.el5.src.rpm
426c81738757b1b6d1be1fce7f0ca5fa  php-5.1.6-15.el5.src.rpm

i386:
5f7b1348a16bd5785c1309bcd80198c0  php-5.1.6-15.el5.i386.rpm
e0d6afba70023fb20ea9dcb5df1d6a85  php-bcmath-5.1.6-15.el5.i386.rpm
60432befe14f515cf73595e03c366258  php-cli-5.1.6-15.el5.i386.rpm
3159ab6aad6adf2528ddac20c22308af  php-common-5.1.6-15.el5.i386.rpm
c8a713c4b137d19a1bf67a8516014ca3  php-dba-5.1.6-15.el5.i386.rpm
10d32fc82c5ad2c6f3677a8c0d803eab  php-debuginfo-5.1.6-15.el5.i386.rpm
8352e2b24959a7da3ac20f01807d5238  php-devel-5.1.6-15.el5.i386.rpm
49c601b5bf4ab268a186c5cfe0e6b19e  php-gd-5.1.6-15.el5.i386.rpm
2652138c42f5e524bab01fca91a9455a  php-imap-5.1.6-15.el5.i386.rpm
5da5d67061bd765d4867498644c45465  php-ldap-5.1.6-15.el5.i386.rpm
1ba4c4767de40e98fe6c8abd6ca0c1d0  php-mbstring-5.1.6-15.el5.i386.rpm
5edc21abb8f4bacb8f61014e6f75d538  php-mysql-5.1.6-15.el5.i386.rpm
2a585131f1436ef0b5df6a5c4fc276cc  php-ncurses-5.1.6-15.el5.i386.rpm
cf8f388369116831e845ab0e515ac5fb  php-odbc-5.1.6-15.el5.i386.rpm
58ea6a0807dca2f42582273c5c52b812  php-pdo-5.1.6-15.el5.i386.rpm
2f4f878a51bad35f7fd6f830c90ebf24  php-pgsql-5.1.6-15.el5.i386.rpm
c0afa5819aee6ceb0928b507aef4f1ad  php-snmp-5.1.6-15.el5.i386.rpm
479e67dbb824b8aa9e6be6f7b5dbad5a  php-soap-5.1.6-15.el5.i386.rpm
f53c5cb211bacd3cf4365a654736206d  php-xml-5.1.6-15.el5.i386.rpm
46116911341e7b6a31c6078d5c404075  php-xmlrpc-5.1.6-15.el5.i386.rpm

x86_64:
d74450e5fd3f219625f54508856dfcef  php-5.1.6-15.el5.x86_64.rpm
1d341fac9963b5553f4a2a90fcf7981e  php-bcmath-5.1.6-15.el5.x86_64.rpm
e02945fa66df78cb0757d3ffdedc1c7f  php-cli-5.1.6-15.el5.x86_64.rpm
7442e9c08a23fe5379214592d8e232f0  php-common-5.1.6-15.el5.x86_64.rpm
7aeaaf755ed6334e34fe5cbd5c622cdf  php-dba-5.1.6-15.el5.x86_64.rpm
4a2ad5cffaca28dd20f25d3ce5e2e38e  php-debuginfo-5.1.6-15.el5.x86_64.rpm
27d8a48e853d7746bb012bbe917a3351  php-devel-5.1.6-15.el5.x86_64.rpm
eb3e30df7caf68344d2120b671dcaaf7  php-gd-5.1.6-15.el5.x86_64.rpm
4a74682deebc72ccca4cc56b661457f8  php-imap-5.1.6-15.el5.x86_64.rpm
053973b88bc8c2f717f41c76d839b2cc  php-ldap-5.1.6-15.el5.x86_64.rpm
88a45145247bfdaaa3f46e9921e49ecd  php-mbstring-5.1.6-15.el5.x86_64.rpm
dbfb808ba9f1ae4ba63659710edbdee7  php-mysql-5.1.6-15.el5.x86_64.rpm
eafdf750a1f786aa726bb3e4d9be5a59  php-ncurses-5.1.6-15.el5.x86_64.rpm
f9a62467a56ca738ec99ac64113a3c0d  php-odbc-5.1.6-15.el5.x86_64.rpm
e8c18113c88abb78cca377c53a7b688c  php-pdo-5.1.6-15.el5.x86_64.rpm
191593b2205e449fa6f3d1affd159ca6  php-pgsql-5.1.6-15.el5.x86_64.rpm
b4bcc7b3e88fb4bdce4da32023208d71  php-snmp-5.1.6-15.el5.x86_64.rpm
26c96b9f75b5a47241c717224e85fe0f  php-soap-5.1.6-15.el5.x86_64.rpm
e3a37a527a3aca4575515e3f9fed0bfb  php-xml-5.1.6-15.el5.x86_64.rpm
2fc5731073fb53cd7d44f7ee1b21f473  php-xmlrpc-5.1.6-15.el5.x86_64.rpm

Red Hat Enterprise Linux (v. 5 server):

SRPMS:
ftp://ftp.redhat.com/pub/redhat/linux/enterprise/5Server/en/os/SRPMS/php-5.1.6-15.el5.src.rpm
426c81738757b1b6d1be1fce7f0ca5fa  php-5.1.6-15.el5.src.rpm

i386:
5f7b1348a16bd5785c1309bcd80198c0  php-5.1.6-15.el5.i386.rpm
e0d6afba70023fb20ea9dcb5df1d6a85  php-bcmath-5.1.6-15.el5.i386.rpm
60432befe14f515cf73595e03c366258  php-cli-5.1.6-15.el5.i386.rpm
3159ab6aad6adf2528ddac20c22308af  php-common-5.1.6-15.el5.i386.rpm
c8a713c4b137d19a1bf67a8516014ca3  php-dba-5.1.6-15.el5.i386.rpm
10d32fc82c5ad2c6f3677a8c0d803eab  php-debuginfo-5.1.6-15.el5.i386.rpm
8352e2b24959a7da3ac20f01807d5238  php-devel-5.1.6-15.el5.i386.rpm
49c601b5bf4ab268a186c5cfe0e6b19e  php-gd-5.1.6-15.el5.i386.rpm
2652138c42f5e524bab01fca91a9455a  php-imap-5.1.6-15.el5.i386.rpm
5da5d67061bd765d4867498644c45465  php-ldap-5.1.6-15.el5.i386.rpm
1ba4c4767de40e98fe6c8abd6ca0c1d0  php-mbstring-5.1.6-15.el5.i386.rpm
5edc21abb8f4bacb8f61014e6f75d538  php-mysql-5.1.6-15.el5.i386.rpm
2a585131f1436ef0b5df6a5c4fc276cc  php-ncurses-5.1.6-15.el5.i386.rpm
cf8f388369116831e845ab0e515ac5fb  php-odbc-5.1.6-15.el5.i386.rpm
58ea6a0807dca2f42582273c5c52b812  php-pdo-5.1.6-15.el5.i386.rpm
2f4f878a51bad35f7fd6f830c90ebf24  php-pgsql-5.1.6-15.el5.i386.rpm
c0afa5819aee6ceb0928b507aef4f1ad  php-snmp-5.1.6-15.el5.i386.rpm
479e67dbb824b8aa9e6be6f7b5dbad5a  php-soap-5.1.6-15.el5.i386.rpm
f53c5cb211bacd3cf4365a654736206d  php-xml-5.1.6-15.el5.i386.rpm
46116911341e7b6a31c6078d5c404075  php-xmlrpc-5.1.6-15.el5.i386.rpm

ia64:
4388a47f365986ecf16edff8fd345d4d  php-5.1.6-15.el5.ia64.rpm
3913365148eb1a43fab1c5501161e2e8  php-bcmath-5.1.6-15.el5.ia64.rpm
6e6cfd728a69f9fd763890957d4f8c4a  php-cli-5.1.6-15.el5.ia64.rpm
b769fe28a182bad6da27a9ae1f012b23  php-common-5.1.6-15.el5.ia64.rpm
e73374af1eeae4a81a21940746137645  php-dba-5.1.6-15.el5.ia64.rpm
5a9176f040f6a0b92ec36223684af165  php-debuginfo-5.1.6-15.el5.ia64.rpm
39cf488743fca5aa38f385bd73513ded  php-devel-5.1.6-15.el5.ia64.rpm
95a991ad2811a8a8e674c62ecf72133e  php-gd-5.1.6-15.el5.ia64.rpm
c57df47fb790bd9b54879ec05f7d1b8a  php-imap-5.1.6-15.el5.ia64.rpm
bb16a4d336f9294ca17263c19d0c0c6f  php-ldap-5.1.6-15.el5.ia64.rpm
8ad35237e62dcc6e689a2c2729d739b8  php-mbstring-5.1.6-15.el5.ia64.rpm
f403c1b9fe7e92691eee7b4abf04b4e7  php-mysql-5.1.6-15.el5.ia64.rpm
6246205d370e2d2f29fc2fadd296ea2d  php-ncurses-5.1.6-15.el5.ia64.rpm
67ecbc44f21f84e7880cc76a5b7dc08e  php-odbc-5.1.6-15.el5.ia64.rpm
85bba602d1f95a52cecd84e2cb173309  php-pdo-5.1.6-15.el5.ia64.rpm
015590977d71243414d31db9294ac24d  php-pgsql-5.1.6-15.el5.ia64.rpm
fcba9a47cf50e73f66170ac2bd3806fc  php-snmp-5.1.6-15.el5.ia64.rpm
3d95f1d0f44fc08122c18e4bb1dcf4ba  php-soap-5.1.6-15.el5.ia64.rpm
fe262f8d1006e8cbf482c175c752fa0e  php-xml-5.1.6-15.el5.ia64.rpm
d390b4335ee1a59e7f1d45f578a8a269  php-xmlrpc-5.1.6-15.el5.ia64.rpm

ppc:
31e5be1fea2c1e4641b98dedc07d9cf7  php-5.1.6-15.el5.ppc.rpm
93bcaa81514076414a226c8dd44346d5  php-bcmath-5.1.6-15.el5.ppc.rpm
2acb99897d84fa95e428d37f1c140393  php-cli-5.1.6-15.el5.ppc.rpm
98ad5abac6ed5605564aed6886c4afd3  php-common-5.1.6-15.el5.ppc.rpm
09b2c4698249d73d3323b71cea31c916  php-dba-5.1.6-15.el5.ppc.rpm
70b636f110c1a794fbfe861de2c330ae  php-debuginfo-5.1.6-15.el5.ppc.rpm
6f4ea7ef6e0ce15ddc493d4cdcb7c343  php-devel-5.1.6-15.el5.ppc.rpm
d2732c759367edfd24df3173e475c96f  php-gd-5.1.6-15.el5.ppc.rpm
4f4e583023a60d985cb2206566bc2595  php-imap-5.1.6-15.el5.ppc.rpm
180a9cd498db13bc27942fbd8a6d3f74  php-ldap-5.1.6-15.el5.ppc.rpm
31fc948c9d9bca0356129ed985111395  php-mbstring-5.1.6-15.el5.ppc.rpm
acad9d1a48c872138819921b805d6889  php-mysql-5.1.6-15.el5.ppc.rpm
1eb0205087e9a33ac97b83e97221d811  php-ncurses-5.1.6-15.el5.ppc.rpm
e94bf38832dcb41bb931e89ac12fbce7  php-odbc-5.1.6-15.el5.ppc.rpm
533faa8cf91e4335c349739275cde758  php-pdo-5.1.6-15.el5.ppc.rpm
62bb0eee57dd03f8e85cf2cce94308d6  php-pgsql-5.1.6-15.el5.ppc.rpm
40d5ff90fd8f87db85aee80e33987df0  php-snmp-5.1.6-15.el5.ppc.rpm
0f2038c669e3ca17886bf90ed2d7ba4c  php-soap-5.1.6-15.el5.ppc.rpm
46c4fbe9c938ce2f777df4152e4f8a0d  php-xml-5.1.6-15.el5.ppc.rpm
2ff8a345b56c53993c9d5c35208df2ee  php-xmlrpc-5.1.6-15.el5.ppc.rpm

s390x:
d40b11cae166a0efefa7826ea630a9b1  php-5.1.6-15.el5.s390x.rpm
0ba0475174cb87bad5111c74b3e686fd  php-bcmath-5.1.6-15.el5.s390x.rpm
354f81c0c4488b8a2f7b731e3548865b  php-cli-5.1.6-15.el5.s390x.rpm
6888db53d212dc239a8a24e9c5eefb24  php-common-5.1.6-15.el5.s390x.rpm
03808b3f7e89db2aae16400868c71363  php-dba-5.1.6-15.el5.s390x.rpm
bf4aebbc9ac96c0212c2e63805f0056f  php-debuginfo-5.1.6-15.el5.s390x.rpm
e2f353093a5d83cffa66852f3dacddf4  php-devel-5.1.6-15.el5.s390x.rpm
3b0e95e19afbac009fdfb47ed39945e8  php-gd-5.1.6-15.el5.s390x.rpm
8567a1281c77a33c6ac98cab13f01802  php-imap-5.1.6-15.el5.s390x.rpm
b9ed713df137817cc631fc75d544fc31  php-ldap-5.1.6-15.el5.s390x.rpm
e13db14a5cd355f291f8d66b7367055c  php-mbstring-5.1.6-15.el5.s390x.rpm
b9aae6ffa7a117d07f4f4a5d8508d6d5  php-mysql-5.1.6-15.el5.s390x.rpm
5d224c4fb289de13a258e96d4509d21f  php-ncurses-5.1.6-15.el5.s390x.rpm
66401a173943a3d86d63ff19c92166df  php-odbc-5.1.6-15.el5.s390x.rpm
c34f65292dbf37341b833abb19084f3a  php-pdo-5.1.6-15.el5.s390x.rpm
22ea15ae3758812b79a26a7b978f8f84  php-pgsql-5.1.6-15.el5.s390x.rpm
5a96fde5c5595869e73b324e35ce9d84  php-snmp-5.1.6-15.el5.s390x.rpm
f1c4420fb50a3a320724812e8ff07f29  php-soap-5.1.6-15.el5.s390x.rpm
bb64161d8ed550c70d538ba9ce11b422  php-xml-5.1.6-15.el5.s390x.rpm
d025259bcc4261d82189f7a756445ddc  php-xmlrpc-5.1.6-15.el5.s390x.rpm

x86_64:
d74450e5fd3f219625f54508856dfcef  php-5.1.6-15.el5.x86_64.rpm
1d341fac9963b5553f4a2a90fcf7981e  php-bcmath-5.1.6-15.el5.x86_64.rpm
e02945fa66df78cb0757d3ffdedc1c7f  php-cli-5.1.6-15.el5.x86_64.rpm
7442e9c08a23fe5379214592d8e232f0  php-common-5.1.6-15.el5.x86_64.rpm
7aeaaf755ed6334e34fe5cbd5c622cdf  php-dba-5.1.6-15.el5.x86_64.rpm
4a2ad5cffaca28dd20f25d3ce5e2e38e  php-debuginfo-5.1.6-15.el5.x86_64.rpm
27d8a48e853d7746bb012bbe917a3351  php-devel-5.1.6-15.el5.x86_64.rpm
eb3e30df7caf68344d2120b671dcaaf7  php-gd-5.1.6-15.el5.x86_64.rpm
4a74682deebc72ccca4cc56b661457f8  php-imap-5.1.6-15.el5.x86_64.rpm
053973b88bc8c2f717f41c76d839b2cc  php-ldap-5.1.6-15.el5.x86_64.rpm
88a45145247bfdaaa3f46e9921e49ecd  php-mbstring-5.1.6-15.el5.x86_64.rpm
dbfb808ba9f1ae4ba63659710edbdee7  php-mysql-5.1.6-15.el5.x86_64.rpm
eafdf750a1f786aa726bb3e4d9be5a59  php-ncurses-5.1.6-15.el5.x86_64.rpm
f9a62467a56ca738ec99ac64113a3c0d  php-odbc-5.1.6-15.el5.x86_64.rpm
e8c18113c88abb78cca377c53a7b688c  php-pdo-5.1.6-15.el5.x86_64.rpm
191593b2205e449fa6f3d1affd159ca6  php-pgsql-5.1.6-15.el5.x86_64.rpm
b4bcc7b3e88fb4bdce4da32023208d71  php-snmp-5.1.6-15.el5.x86_64.rpm
26c96b9f75b5a47241c717224e85fe0f  php-soap-5.1.6-15.el5.x86_64.rpm
e3a37a527a3aca4575515e3f9fed0bfb  php-xml-5.1.6-15.el5.x86_64.rpm
2fc5731073fb53cd7d44f7ee1b21f473  php-xmlrpc-5.1.6-15.el5.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2756
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4670
http://www.redhat.com/security/updates/classification/#moderate

8. Contact:

The Red Hat security contact is .  More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Middle-School Dropout Codes Clever Chat Program That Foils NSA Spying
FreeBSD Patches DoS Vulnerability
Rogue cell towers discovered in Washington, D.C.
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.