[FLSA-2005:155505] Updated php packages fix security issues

From: Marc Deslauriers (marcdeslauriers_at_videotron.ca)
Date: 07/10/05

Next message: Marc Deslauriers: "[FLSA-2005:154991] Updated sharutils package fixes security issue"

Previous message: Cesar: "Re: Problems with the Oracle Critical Patch Update for April 2005"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Sun, 10 Jul 2005 17:22:10 -0400
To: bugtraq@securityfocus.com, full-disclosure@lists.grok.org.uk

---------------------------------------------------------------------
Fedora Legacy Update Advisory

Synopsis: Updated php packages fix security issues
Advisory ID: FLSA:155505
Issue date: 2005-07-10
Product: Red Hat Linux, Fedora Core
Keywords: Bugfix
CVE Names: CAN-2005-0524 CAN-2005-0525 CAN-2005-1042
CAN-2005-1043
---------------------------------------------------------------------

---------------------------------------------------------------------
1. Topic:

Updated php packages that fix various security issues are now available.

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

2. Relevant releases/architectures:

Red Hat Linux 7.3 - i386
Red Hat Linux 9 - i386
Fedora Core 1 - i386
Fedora Core 2 - i386

3. Problem description:

A bug was found in the way PHP processes IFF and JPEG images. It is
possible to cause PHP to consume CPU resources for a short period of
time by supplying a carefully crafted IFF or JPEG image. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the
names CAN-2005-0524 and CAN-2005-0525 to these issues.

A buffer overflow bug was also found in the way PHP processes EXIF image
headers. It is possible for an attacker to construct an image file in
such a way that it could execute arbitrary instructions when processed
by PHP. The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CAN-2005-1042 to this issue.

A denial of service bug was found in the way PHP processes EXIF image
headers. It is possible for an attacker to cause PHP to enter an
infinite loop for a short period of time by supplying a carefully
crafted image file to PHP for processing. The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2005-1043 to
this issue.

The security fixes to the "unserializer" code in the previous release
introduced some performance issues. A bug fix for that issue is also
included in this update.

Users of PHP should upgrade to these updated packages, which contain
backported fixes for these issues.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which
are not installed but included in the list will not be updated. Note
that you can also use wildcards (*.rpm) if your current directory *only*
contains the desired RPMs.

Please note that this update is also available via yum and apt. Many
people find this an easier way to apply updates. To use yum issue:

yum update

or to use apt:

apt-get update; apt-get upgrade

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system. This assumes that you
have yum or apt-get configured for obtaining Fedora Legacy content.
Please visit http://www.fedoralegacy.org/docs for directions on how to
configure yum and apt-get.

5. Bug IDs fixed:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=155505

6. RPMs required:

Red Hat Linux 7.3:

SRPM:
http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/php-4.1.2-7.3.17.legacy.src.rpm

Red Hat Linux 9:

SRPM:
http://download.fedoralegacy.org/redhat/9/updates/SRPMS/php-4.2.2-17.14.legacy.src.rpm

Fedora Core 1:

SRPM:
http://download.fedoralegacy.org/fedora/1/updates/SRPMS/php-4.3.11-1.fc1.1.legacy.src.rpm

Fedora Core 2:

SRPM:
http://download.fedoralegacy.org/fedora/2/updates/SRPMS/php-4.3.11-1.fc1.1.legacy.src.rpm

7. Verification:

SHA1 sum Package Name
---------------------------------------------------------------------

422f8a972c62b1aa1d79e9f96cc39446852eb589
redhat/7.3/updates/i386/php-4.1.2-7.3.17.legacy.i386.rpm
7c6d48ebbfb96004baee8515ae9517dcf500f43c
redhat/7.3/updates/i386/php-devel-4.1.2-7.3.17.legacy.i386.rpm
8f1837ee66212ede899189e09edf25d903a7e133
redhat/7.3/updates/i386/php-imap-4.1.2-7.3.17.legacy.i386.rpm
79d4f45a887ce9df8232911f5aab6bf5bd77369d
redhat/7.3/updates/i386/php-ldap-4.1.2-7.3.17.legacy.i386.rpm
63edb9b27730ad5c782484cf4757905140ece1c2
redhat/7.3/updates/i386/php-manual-4.1.2-7.3.17.legacy.i386.rpm
39b40cb4bae1374335cf7f82fbfa02501a4ed630
redhat/7.3/updates/i386/php-mysql-4.1.2-7.3.17.legacy.i386.rpm
51d4baf10b3bc132ba9205aa6cd35615041c33bd
redhat/7.3/updates/i386/php-odbc-4.1.2-7.3.17.legacy.i386.rpm
42a557e7f68f290a6cf21de4c2ad1f7fe97cf763
redhat/7.3/updates/i386/php-pgsql-4.1.2-7.3.17.legacy.i386.rpm
5753d915ad5d32c14cbbaea33a7f35a3b5b908d3
redhat/7.3/updates/i386/php-snmp-4.1.2-7.3.17.legacy.i386.rpm
576f29104b946e3773d4c7b77de5b80a942a0678
redhat/7.3/updates/SRPMS/php-4.1.2-7.3.17.legacy.src.rpm
bd793f717cca20745ab9c67cb6a7b4bcebe46d93
redhat/9/updates/i386/php-4.2.2-17.14.legacy.i386.rpm
8df50f63c5d3525a4359a72587c6b902d8a3325f
redhat/9/updates/i386/php-devel-4.2.2-17.14.legacy.i386.rpm
665060794635ded7a76eaccb46cd09ffd04900ea
redhat/9/updates/i386/php-imap-4.2.2-17.14.legacy.i386.rpm
8b34f184aba7260a8eac2708e12e906c877c10cd
redhat/9/updates/i386/php-ldap-4.2.2-17.14.legacy.i386.rpm
1450f499aeac4db7d0d8c258b72d2f4c31747012
redhat/9/updates/i386/php-manual-4.2.2-17.14.legacy.i386.rpm
37cb28e9531af331954903f6b8df8509aa962a5c
redhat/9/updates/i386/php-mysql-4.2.2-17.14.legacy.i386.rpm
aa0378307ef06cd7f3464e59f4153d11d1d372f5
redhat/9/updates/i386/php-odbc-4.2.2-17.14.legacy.i386.rpm
00b4e55c27460abaa6d02019d7b40a73d5bdd913
redhat/9/updates/i386/php-pgsql-4.2.2-17.14.legacy.i386.rpm
8b9cf1cdafdf8f1afa9587c1f180d685632c1c65
redhat/9/updates/i386/php-snmp-4.2.2-17.14.legacy.i386.rpm
7bf7cf164de61276adf952694ee7c7d2fb86ea2e
redhat/9/updates/SRPMS/php-4.2.2-17.14.legacy.src.rpm
ca0fa574e713f27e91548a2e3e4dc2e8b087ff47
fedora/1/updates/i386/php-4.3.11-1.fc1.1.legacy.i386.rpm
53c419397f8f3f7625503afd8ab1a8ca0d65a197
fedora/1/updates/i386/php-devel-4.3.11-1.fc1.1.legacy.i386.rpm
72d65111cbaf7fb56ed879ee4278602e84868540
fedora/1/updates/i386/php-domxml-4.3.11-1.fc1.1.legacy.i386.rpm
fe8216746096b3a6070d43659944c158df23d1a9
fedora/1/updates/i386/php-imap-4.3.11-1.fc1.1.legacy.i386.rpm
fb6f8fb5dd77f0dc5f58b85f26e25b5520366ca6
fedora/1/updates/i386/php-ldap-4.3.11-1.fc1.1.legacy.i386.rpm
d36a8ac545d151a20817a95d441d221c36edcb74
fedora/1/updates/i386/php-mbstring-4.3.11-1.fc1.1.legacy.i386.rpm
f4d95a5cdb7fcbcdb1391a089a1ca65edf8e0e03
fedora/1/updates/i386/php-mysql-4.3.11-1.fc1.1.legacy.i386.rpm
a2a0944dfd1362ad186ab8b345d7e7ab32911a7a
fedora/1/updates/i386/php-odbc-4.3.11-1.fc1.1.legacy.i386.rpm
4d4546fecefc879004ebbfc596cd109f4d144ba7
fedora/1/updates/i386/php-pgsql-4.3.11-1.fc1.1.legacy.i386.rpm
5d968e87611c5dce727a492f149b3583e1588e30
fedora/1/updates/i386/php-snmp-4.3.11-1.fc1.1.legacy.i386.rpm
22a069541240a9ab4f9fe62887cd7ea45d961238
fedora/1/updates/i386/php-xmlrpc-4.3.11-1.fc1.1.legacy.i386.rpm
08203f404d05ab58128b8b12c8b5a8e5ac53b34e
fedora/1/updates/SRPMS/php-4.3.11-1.fc1.1.legacy.src.rpm
b9f6accb0cdf84270147e80ec27e262936f5d125
fedora/2/updates/i386/php-4.3.11-1.fc2.2.legacy.i386.rpm
e4cedd230b3727daaa064222e5402a18a89b4aca
fedora/2/updates/i386/php-devel-4.3.11-1.fc2.2.legacy.i386.rpm
fdab268ba8d6eb59309f324a929fae08e1bb12b1
fedora/2/updates/i386/php-domxml-4.3.11-1.fc2.2.legacy.i386.rpm
960e1a97b673978778415aa2f2fcbf9a700b83da
fedora/2/updates/i386/php-imap-4.3.11-1.fc2.2.legacy.i386.rpm
e6a04924bbd016fdb470a8448beda47ee2b75e77
fedora/2/updates/i386/php-ldap-4.3.11-1.fc2.2.legacy.i386.rpm
019161cfaaa180f0fcb98a4d48a296d99ecca5b3
fedora/2/updates/i386/php-mbstring-4.3.11-1.fc2.2.legacy.i386.rpm
9252cfa6c6485a0b803e9483e1f43eb2624b1826
fedora/2/updates/i386/php-mysql-4.3.11-1.fc2.2.legacy.i386.rpm
48c8743b590cc176cc3497f2c9225e402ec03b67
fedora/2/updates/i386/php-odbc-4.3.11-1.fc2.2.legacy.i386.rpm
814fcfe1d33f6eea65b5bcd88ba6e54e2da3062a
fedora/2/updates/i386/php-pear-4.3.11-1.fc2.2.legacy.i386.rpm
d20c34df03bf67028f9ded420310b75a66c1db1d
fedora/2/updates/i386/php-pgsql-4.3.11-1.fc2.2.legacy.i386.rpm
d84ff3766026e802f9a815b8c599c19bfbeaaefa
fedora/2/updates/i386/php-snmp-4.3.11-1.fc2.2.legacy.i386.rpm
7792c85444679beab3a0bdc56e2d4666dcb9c963
fedora/2/updates/i386/php-xmlrpc-4.3.11-1.fc2.2.legacy.i386.rpm
0772ba5bc711edf55fcfe34b368881cc5ec09ed0
fedora/2/updates/SRPMS/php-4.3.11-1.fc2.2.legacy.src.rpm

These packages are GPG signed by Fedora Legacy for security. Our key is
available from http://www.fedoralegacy.org/about/security.php

You can verify each package with the following command:

rpm --checksig -v <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the sha1sum with the following command:

sha1sum <filename>

8. References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043

9. Contact:

The Fedora Legacy security contact is <secnotice@fedoralegacy.org>. More
project details at http://www.fedoralegacy.org

---------------------------------------------------------------------

application/pgp-signature attachment: OpenPGP digital signature

Next message: Marc Deslauriers: "[FLSA-2005:154991] Updated sharutils package fixes security issue"

Previous message: Cesar: "Re: Problems with the Oracle Critical Patch Update for April 2005"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

[Full-disclosure] [FLSA-2005:155505] Updated php packages fix security issues
... Updated php packages that fix various security issues are now available. ... Fedora Core 1 - i386 ... where is a list of the RPMs you wish to upgrade. ...
(Full-Disclosure)
[RHSA-2003:017-06] Updated PHP packages available
... Updated PHP packages are available that fix a vulnerability in the ... PHP is an HTML-embedded scripting language commonly used with the Apache ... Red Hat Linux 8.0 shipped with a version of PHP that was vulnerable to this ... where is a list of the RPMs you wish to upgrade. ...
(Bugtraq)
[Full-Disclosure] [RHSA-2003:017-06] Updated PHP packages available
... Updated PHP packages are available that fix a vulnerability in the ... PHP is an HTML-embedded scripting language commonly used with the Apache ... Red Hat Linux 8.0 shipped with a version of PHP that was vulnerable to this ... where is a list of the RPMs you wish to upgrade. ...
(Full-Disclosure)
[Full-disclosure] [FLSA-2006:175040] Updated php packages fix security issues
... Fedora Legacy Update Advisory ... PHP is an HTML-embedded scripting language commonly used with the Apache ... Users of PHP should upgrade to these updated packages, ... where is a list of the RPMs you wish to upgrade. ...
(Full-Disclosure)
[FLSA-2006:175040] Updated php packages fix security issues
... Fedora Legacy Update Advisory ... PHP is an HTML-embedded scripting language commonly used with the Apache ... Users of PHP should upgrade to these updated packages, ... where is a list of the RPMs you wish to upgrade. ...
(Bugtraq)