Home / mailingsPDF  

[RHSA-2007:0355-01] Important: php security update

Posted on 10 May 2007
RedHat

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: php security update
Advisory ID: RHSA-2007:0355-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0355.html
Issue date: 2007-05-10
Updated on: 2007-05-10
Product: Red Hat Application Stack
CVE Names: CVE-2007-1864 CVE-2007-2509 CVE-2007-2510
- ---------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix several security issues are now available for
Red Hat Application Stack.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4) - i386, x86_64
Red Hat Application Stack v1 for Enterprise Linux ES (v.4) - i386, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

A heap buffer overflow flaw was found in the PHP 'xmlrpc' extension. A
PHP script which implements an XML-RPC server using this extension
could allow a remote attacker to execute arbitrary code as the 'apache'
user. Note that this flaw does not affect PHP applications using the
pure-PHP XML_RPC class provided in /usr/share/pear. (CVE-2007-1864)

A flaw was found in the PHP 'ftp' extension. If a PHP script used this
extension to provide access to a private FTP server, and passed untrusted
script input directly to any function provided by this extension, a remote
attacker would be able to send arbitrary FTP commands to the server.
(CVE-2007-2509)

A buffer overflow flaw was found in the PHP 'soap' extension, regarding the
handling of an HTTP redirect response when using the SOAP client provided
by this extension with an untrusted SOAP server. No mechanism to trigger
this flaw remotely is known. (CVE-2007-2510)

Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

239020 - CVE-2007-1864 various PHP security issues (CVE-2007-2509 CVE-2007-2510)

6. RPMs required:

Red Hat Application Stack v1 for Enterprise Linux AS (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/RHWAS/SRPMS/php-5.1.6-3.el4s1.7.src.rpm
cff9b05cdb9d99d8c3290475931ea9a7 php-5.1.6-3.el4s1.7.src.rpm

i386:
04367a352aa071fbed93cf3788f7fe6f php-5.1.6-3.el4s1.7.i386.rpm
0db0392959cd799affd85dbfceec269e php-bcmath-5.1.6-3.el4s1.7.i386.rpm
a810a48a8a9ad5016f4f50c69a311099 php-cli-5.1.6-3.el4s1.7.i386.rpm
fe8b49b9e79d710c133975e5056d069f php-common-5.1.6-3.el4s1.7.i386.rpm
d71d3d49b1ea3991c3078c7a7799f6ee php-dba-5.1.6-3.el4s1.7.i386.rpm
854d7952e23fae74baa43175b316244e php-debuginfo-5.1.6-3.el4s1.7.i386.rpm
847357a3cdc3b2f71fdd6055dc8596e6 php-devel-5.1.6-3.el4s1.7.i386.rpm
fca2d8725c370539ce45578b4c1b46ec php-gd-5.1.6-3.el4s1.7.i386.rpm
2b372a600032e9e5f15c85404c6f9bee php-imap-5.1.6-3.el4s1.7.i386.rpm
5273a2328242f8bffae5d688e4faa4f4 php-ldap-5.1.6-3.el4s1.7.i386.rpm
4fed146b78166396ba55249659e2e9a2 php-mbstring-5.1.6-3.el4s1.7.i386.rpm
e8bda2b233e83b64ac65dd0ee1fbc38a php-mysql-5.1.6-3.el4s1.7.i386.rpm
da4d850e7d8ab8a483a946fb840e63cd php-ncurses-5.1.6-3.el4s1.7.i386.rpm
d027f436fe6b4a1ea992d740300ef0c1 php-odbc-5.1.6-3.el4s1.7.i386.rpm
966b8b90d0bdf8ea4a62b943255a768e php-pdo-5.1.6-3.el4s1.7.i386.rpm
d05bfc8a816b6360f60b861dd935032c php-pgsql-5.1.6-3.el4s1.7.i386.rpm
a68350514cfd237aec23ae80cc9e16f3 php-snmp-5.1.6-3.el4s1.7.i386.rpm
bd771df1a22fcfacafda52f16f1644d0 php-soap-5.1.6-3.el4s1.7.i386.rpm
5dc95397755aa44c4ef051ec0b8dbc3c php-xml-5.1.6-3.el4s1.7.i386.rpm
ea58cf29c6254f96ce30cfbcd9c549e6 php-xmlrpc-5.1.6-3.el4s1.7.i386.rpm

x86_64:
742ecefe4b335801ccc2042e8856ac85 php-5.1.6-3.el4s1.7.x86_64.rpm
2660a29ec897fd657793ed4e5e8b0273 php-bcmath-5.1.6-3.el4s1.7.x86_64.rpm
f6da9c8cbb02cd031f98047459edcb30 php-cli-5.1.6-3.el4s1.7.x86_64.rpm
3e4add133b2839049c7c614e6d0493ef php-common-5.1.6-3.el4s1.7.x86_64.rpm
3f2de3cb8ee513219729e81e9b48aa63 php-dba-5.1.6-3.el4s1.7.x86_64.rpm
af392615f54bca2b9fc6adb2809fe260 php-debuginfo-5.1.6-3.el4s1.7.x86_64.rpm
f0ed56a0318d9ec1365b788998a233ba php-devel-5.1.6-3.el4s1.7.x86_64.rpm
abc77c1b1784056d72e5ae89eb59fe90 php-gd-5.1.6-3.el4s1.7.x86_64.rpm
06ee2cc7ce2b08416a659eb2a867ce14 php-imap-5.1.6-3.el4s1.7.x86_64.rpm
2c25134eb525881e7a8a39b43a487047 php-ldap-5.1.6-3.el4s1.7.x86_64.rpm
65dd7cbdd1d1b334a68f4cf3d635141d php-mbstring-5.1.6-3.el4s1.7.x86_64.rpm
3fd0d1043e78812b94cac1f58702b962 php-mysql-5.1.6-3.el4s1.7.x86_64.rpm
053aa31c9b08961941d2caabf0ff60ae php-ncurses-5.1.6-3.el4s1.7.x86_64.rpm
375b85042b2230e2f31f0f2a2e7bb876 php-odbc-5.1.6-3.el4s1.7.x86_64.rpm
2742c76965610103dd8cc7e205ca6daf php-pdo-5.1.6-3.el4s1.7.x86_64.rpm
840782025f561ca1f19e52f97d4b0421 php-pgsql-5.1.6-3.el4s1.7.x86_64.rpm
6488e3f6f576291406db6354088b66e7 php-snmp-5.1.6-3.el4s1.7.x86_64.rpm
8b890ca36a773e03a1df121315bd9a82 php-soap-5.1.6-3.el4s1.7.x86_64.rpm
4594ad24bf279518288538dafb76b4c9 php-xml-5.1.6-3.el4s1.7.x86_64.rpm
db7b188cfc13891a2cf58250b4c118a8 php-xmlrpc-5.1.6-3.el4s1.7.x86_64.rpm

Red Hat Application Stack v1 for Enterprise Linux ES (v.4):

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/RHWAS/SRPMS/php-5.1.6-3.el4s1.7.src.rpm
cff9b05cdb9d99d8c3290475931ea9a7 php-5.1.6-3.el4s1.7.src.rpm

i386:
04367a352aa071fbed93cf3788f7fe6f php-5.1.6-3.el4s1.7.i386.rpm
0db0392959cd799affd85dbfceec269e php-bcmath-5.1.6-3.el4s1.7.i386.rpm
a810a48a8a9ad5016f4f50c69a311099 php-cli-5.1.6-3.el4s1.7.i386.rpm
fe8b49b9e79d710c133975e5056d069f php-common-5.1.6-3.el4s1.7.i386.rpm
d71d3d49b1ea3991c3078c7a7799f6ee php-dba-5.1.6-3.el4s1.7.i386.rpm
854d7952e23fae74baa43175b316244e php-debuginfo-5.1.6-3.el4s1.7.i386.rpm
847357a3cdc3b2f71fdd6055dc8596e6 php-devel-5.1.6-3.el4s1.7.i386.rpm
fca2d8725c370539ce45578b4c1b46ec php-gd-5.1.6-3.el4s1.7.i386.rpm
2b372a600032e9e5f15c85404c6f9bee php-imap-5.1.6-3.el4s1.7.i386.rpm
5273a2328242f8bffae5d688e4faa4f4 php-ldap-5.1.6-3.el4s1.7.i386.rpm
4fed146b78166396ba55249659e2e9a2 php-mbstring-5.1.6-3.el4s1.7.i386.rpm
e8bda2b233e83b64ac65dd0ee1fbc38a php-mysql-5.1.6-3.el4s1.7.i386.rpm
da4d850e7d8ab8a483a946fb840e63cd php-ncurses-5.1.6-3.el4s1.7.i386.rpm
d027f436fe6b4a1ea992d740300ef0c1 php-odbc-5.1.6-3.el4s1.7.i386.rpm
966b8b90d0bdf8ea4a62b943255a768e php-pdo-5.1.6-3.el4s1.7.i386.rpm
d05bfc8a816b6360f60b861dd935032c php-pgsql-5.1.6-3.el4s1.7.i386.rpm
a68350514cfd237aec23ae80cc9e16f3 php-snmp-5.1.6-3.el4s1.7.i386.rpm
bd771df1a22fcfacafda52f16f1644d0 php-soap-5.1.6-3.el4s1.7.i386.rpm
5dc95397755aa44c4ef051ec0b8dbc3c php-xml-5.1.6-3.el4s1.7.i386.rpm
ea58cf29c6254f96ce30cfbcd9c549e6 php-xmlrpc-5.1.6-3.el4s1.7.i386.rpm

x86_64:
742ecefe4b335801ccc2042e8856ac85 php-5.1.6-3.el4s1.7.x86_64.rpm
2660a29ec897fd657793ed4e5e8b0273 php-bcmath-5.1.6-3.el4s1.7.x86_64.rpm
f6da9c8cbb02cd031f98047459edcb30 php-cli-5.1.6-3.el4s1.7.x86_64.rpm
3e4add133b2839049c7c614e6d0493ef php-common-5.1.6-3.el4s1.7.x86_64.rpm
3f2de3cb8ee513219729e81e9b48aa63 php-dba-5.1.6-3.el4s1.7.x86_64.rpm
af392615f54bca2b9fc6adb2809fe260 php-debuginfo-5.1.6-3.el4s1.7.x86_64.rpm
f0ed56a0318d9ec1365b788998a233ba php-devel-5.1.6-3.el4s1.7.x86_64.rpm
abc77c1b1784056d72e5ae89eb59fe90 php-gd-5.1.6-3.el4s1.7.x86_64.rpm
06ee2cc7ce2b08416a659eb2a867ce14 php-imap-5.1.6-3.el4s1.7.x86_64.rpm
2c25134eb525881e7a8a39b43a487047 php-ldap-5.1.6-3.el4s1.7.x86_64.rpm
65dd7cbdd1d1b334a68f4cf3d635141d php-mbstring-5.1.6-3.el4s1.7.x86_64.rpm
3fd0d1043e78812b94cac1f58702b962 php-mysql-5.1.6-3.el4s1.7.x86_64.rpm
053aa31c9b08961941d2caabf0ff60ae php-ncurses-5.1.6-3.el4s1.7.x86_64.rpm
375b85042b2230e2f31f0f2a2e7bb876 php-odbc-5.1.6-3.el4s1.7.x86_64.rpm
2742c76965610103dd8cc7e205ca6daf php-pdo-5.1.6-3.el4s1.7.x86_64.rpm
840782025f561ca1f19e52f97d4b0421 php-pgsql-5.1.6-3.el4s1.7.x86_64.rpm
6488e3f6f576291406db6354088b66e7 php-snmp-5.1.6-3.el4s1.7.x86_64.rpm
8b890ca36a773e03a1df121315bd9a82 php-soap-5.1.6-3.el4s1.7.x86_64.rpm
4594ad24bf279518288538dafb76b4c9 php-xml-5.1.6-3.el4s1.7.x86_64.rpm
db7b188cfc13891a2cf58250b4c118a8 php-xmlrpc-5.1.6-3.el4s1.7.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2509
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2510
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.

 

TOP