Pardus: 2010-104: Php: Multiple Vulnerabilities

Posted by Benjamin D. Thomas
Multiple vulnerabilities have been fixed in PHP
------------------------------------------------------------------------
Pardus Linux Security Advisory 2010-104           security@pardus.org.tr
------------------------------------------------------------------------
      Date: 2010-08-09
  Severity: 4
      Type: Remote
------------------------------------------------------------------------

Summary
======
Multiple vulnerabilities have been fixed in PHP


Description
==========
The new PHP package fixes the vulnerabilities below.



Rewrote var_export() to use smart_str  rather  than  output  buffering,
prevents data disclosure if a fatal error occurs.

Fixed a possible interruption array leak in strrchr().(CVE-2010-2484)

Fixed  a possible  interruption  array  leak  in  strchr(),  strstr(),
substr(), chunk_split(), strtok(), addcslashes(), str_repeat(), trim().

Fixed a possible memory corruption in substr_replace().

Fixed SplObjectStorage unserialization problems (CVE-2010-2225).

Fixed a possible stack exaustion inside fnmatch().

Fixed  a NULL  pointer  dereference  when  processing  invalid  XML-RPC
requests (Fixes CVE-2010-0397, bug #51288).

Fixed handling of session  variable  serialization  on  certain  prefix
characters.

Fixed a possible  arbitrary  memory  access  inside  sqlite  extension.
Reported by Mateusz Kocielski.


Affected packages:

  Pardus 2009:
    mod_php, all before 5.2.14-79-14
    php-cli, all before 5.2.14-79-14



Resolution
=========
There are update(s) for mod_php,  php-cli.  You  can  update  them  via
Package Manager or with a single command from console:

    pisi up mod_php php-cli

References
=========
  * http://bugs.pardus.org.tr/show_bug.cgi?id890
  * http://www.php.net/ChangeLog-5.php#5.2.14

------------------------------------------------------------------------