MDVSA-2009:022

Package name

php

Date

2009-01-21

Advisory ID

MDVSA-2009:022

Affected versions

2008.0 i586 , 2008.0 x86_64

Problem description

A vulnerability in PHP allowed context-dependent attackers to cause
a denial of service (crash) via a certain long string in the glob()
or fnmatch() functions (CVE-2007-4782).

A vulnerability in the cURL library in PHP allowed context-dependent
attackers to bypass safe_mode and open_basedir restrictions and read
arbitrary files using a special URL request (CVE-2007-4850).

An integer overflow in PHP allowed context-dependent attackers to
cause a denial of serivce via a special printf() format parameter
(CVE-2008-1384).

A stack-based buffer overflow in the FastCGI SAPI in PHP has unknown
impact and attack vectors (CVE-2008-2050).

A buffer overflow in the imageloadfont() function in PHP allowed
context-dependent attackers to cause a denial of service (crash)
and potentially execute arbitrary code via a crafted font file
(CVE-2008-3658).

A buffer overflow in the memnstr() function allowed context-dependent
attackers to cause a denial of service (crash) and potentially execute
arbitrary code via the delimiter argument to the explode() function
(CVE-2008-3659).

PHP, when used as a FastCGI module, allowed remote attackers to cause
a denial of service (crash) via a request with multiple dots preceding
the extension (CVE-2008-3660).

An array index error in the imageRotate() function in PHP allowed
context-dependent attackers to read the contents of arbitrary memory
locations via a crafted value of the third argument to the function
for an indexed image (CVE-2008-5498).

The updated packages have been patched to correct these issues.

Updated packages

2008.0 i586

 7a652c5161099a807eb67096c1904738  2008.0/i586/libphp5_common5-5.2.4-3.3mdv2008.0.i586.rpm
 e48275669ba1c1936e6adf0cfdfe9c37  2008.0/i586/php-bcmath-5.2.4-3.3mdv2008.0.i586.rpm
 77bbce6d44ef33977caf61c8bf7acdd3  2008.0/i586/php-bz2-5.2.4-3.3mdv2008.0.i586.rpm
 995177d832c1ebc80fb9272701471c57  2008.0/i586/php-calendar-5.2.4-3.3mdv2008.0.i586.rpm
 7b088350c660056ef612fbd2a54682e8  2008.0/i586/php-cgi-5.2.4-3.3mdv2008.0.i586.rpm
 eb9bbe3de40891cf1f80790d607b2d0b  2008.0/i586/php-cli-5.2.4-3.3mdv2008.0.i586.rpm
 631d10abbce8287e8a5b668b1b29de5f  2008.0/i586/php-ctype-5.2.4-3.3mdv2008.0.i586.rpm
 9af5654306d2cf8c9904d5d796a7e473  2008.0/i586/php-curl-5.2.4-3.3mdv2008.0.i586.rpm
 947b9d9e7096bebeff2cb6ebc73aac43  2008.0/i586/php-dba-5.2.4-3.3mdv2008.0.i586.rpm
 31e7cb59ee851d12e1d5b978aa2091cf  2008.0/i586/php-dbase-5.2.4-3.3mdv2008.0.i586.rpm
 d6d198044d437ad5d30902676f13939e  2008.0/i586/php-devel-5.2.4-3.3mdv2008.0.i586.rpm
 bda8dd71c91f5940e8b22c93959e7720  2008.0/i586/php-dom-5.2.4-3.3mdv2008.0.i586.rpm
 17de69302a54194ee76fa561ca8d0fe7  2008.0/i586/php-exif-5.2.4-3.3mdv2008.0.i586.rpm
 f4735d6bd86b617815e080ad729b7433  2008.0/i586/php-fcgi-5.2.4-3.3mdv2008.0.i586.rpm
 9e2a645b0b121a4a4f9853b8863e10e4  2008.0/i586/php-filter-5.2.4-3.3mdv2008.0.i586.rpm
 53670f7055d3cde333d9742030e3fd5b  2008.0/i586/php-ftp-5.2.4-3.3mdv2008.0.i586.rpm
 46a7eb8f4a4d00c332e96e3bb0d31189  2008.0/i586/php-gd-5.2.4-3.3mdv2008.0.i586.rpm
 7241fdefb6d2a5ea4eec96a18bf31ed2  2008.0/i586/php-gettext-5.2.4-3.3mdv2008.0.i586.rpm
 62c52647488c0a7080001aaf462640f0  2008.0/i586/php-gmp-5.2.4-3.3mdv2008.0.i586.rpm
 5941034e1f012edffbe1e5523adb17c8  2008.0/i586/php-hash-5.2.4-3.3mdv2008.0.i586.rpm
 07372e866901555fab3152b7702afdc2  2008.0/i586/php-iconv-5.2.4-3.3mdv2008.0.i586.rpm
 da94c20e59e785a439ab728c2194f897  2008.0/i586/php-imap-5.2.4-3.3mdv2008.0.i586.rpm
 ad640383a672f2bda97a7c2f6f8d623c  2008.0/i586/php-json-5.2.4-3.3mdv2008.0.i586.rpm
 793b27eaa0d344b83dd5de1628c5d3b0  2008.0/i586/php-ldap-5.2.4-3.3mdv2008.0.i586.rpm
 5a1aeae14535d5493a9cbd1d5db34b50  2008.0/i586/php-mbstring-5.2.4-3.3mdv2008.0.i586.rpm
 461333bd3c9a9107b542da36e88e951e  2008.0/i586/php-mcrypt-5.2.4-3.3mdv2008.0.i586.rpm
 367150bc9718c4b7a022ab5bb076bd35  2008.0/i586/php-mhash-5.2.4-3.3mdv2008.0.i586.rpm
 4c2ca88ed728a7d98e9c09b0fa2efd96  2008.0/i586/php-mime_magic-5.2.4-3.3mdv2008.0.i586.rpm
 aa755604d1444c522713f6d6c366b5bd  2008.0/i586/php-ming-5.2.4-3.3mdv2008.0.i586.rpm
 a676178533ac458dac1410eae8ea67da  2008.0/i586/php-mssql-5.2.4-3.3mdv2008.0.i586.rpm
 593b42628393ee668b75b6f8622fa7b0  2008.0/i586/php-mysql-5.2.4-3.3mdv2008.0.i586.rpm
 aebff890814488282f7ea6a29c01d7a1  2008.0/i586/php-mysqli-5.2.4-3.3mdv2008.0.i586.rpm
 6e315b85744911432ef40e914e2f41f5  2008.0/i586/php-ncurses-5.2.4-3.3mdv2008.0.i586.rpm
 a0cec0628667e13d26e89d6fc6541497  2008.0/i586/php-odbc-5.2.4-3.3mdv2008.0.i586.rpm
 90b55faea598db1f6a5b9709e06fa71b  2008.0/i586/php-openssl-5.2.4-3.3mdv2008.0.i586.rpm
 1ca2e330d6e20381a63c5bba97591ac9  2008.0/i586/php-pcntl-5.2.4-3.3mdv2008.0.i586.rpm
 08f4d6146d3e26ef97a5015f1bf8b132  2008.0/i586/php-pdo-5.2.4-3.3mdv2008.0.i586.rpm
 8e7f471066f4580cb373789ec27906c0  2008.0/i586/php-pdo_dblib-5.2.4-3.3mdv2008.0.i586.rpm
 e6f2baee019de6759ad3913b31439d3c  2008.0/i586/php-pdo_mysql-5.2.4-3.3mdv2008.0.i586.rpm
 97ac80b266b67a4a9578a9dfc921c940  2008.0/i586/php-pdo_odbc-5.2.4-3.3mdv2008.0.i586.rpm
 04cdad00191a250ce4b29a1c01fe3eef  2008.0/i586/php-pdo_pgsql-5.2.4-3.3mdv2008.0.i586.rpm
 8944ef0d51c1db6d781151269cd1a3a4  2008.0/i586/php-pdo_sqlite-5.2.4-3.3mdv2008.0.i586.rpm
 2b4f964b98d82e01ebcd1389b7b5cfd9  2008.0/i586/php-pgsql-5.2.4-3.3mdv2008.0.i586.rpm
 f378eede095e848f47dd2752d6d1d1ee  2008.0/i586/php-posix-5.2.4-3.3mdv2008.0.i586.rpm
 8aa798c5a0b491f659c703f88299c7bb  2008.0/i586/php-pspell-5.2.4-3.3mdv2008.0.i586.rpm
 e651db4d7886759a2274354cb0afe020  2008.0/i586/php-readline-5.2.4-3.3mdv2008.0.i586.rpm
 cfe33d6e4bb79c7d0f8c9006207b894f  2008.0/i586/php-recode-5.2.4-3.3mdv2008.0.i586.rpm
 cffccd3024397701c9c2a449bae1471d  2008.0/i586/php-session-5.2.4-3.3mdv2008.0.i586.rpm
 deefc043ef2733636a537f22a851016e  2008.0/i586/php-shmop-5.2.4-3.3mdv2008.0.i586.rpm
 d2e3fd9852c298b807f4ac2831e7c0eb  2008.0/i586/php-simplexml-5.2.4-3.3mdv2008.0.i586.rpm
 ab317dd79631f92b22c56e89077798a1  2008.0/i586/php-snmp-5.2.4-3.3mdv2008.0.i586.rpm
 7eb6e93e6da916103e72727493204a32  2008.0/i586/php-soap-5.2.4-3.3mdv2008.0.i586.rpm
 a14e42046640f7562eead57135d134c9  2008.0/i586/php-sockets-5.2.4-3.3mdv2008.0.i586.rpm
 507f4f1d51c13ba5e65783d324760bb1  2008.0/i586/php-sqlite-5.2.4-3.3mdv2008.0.i586.rpm
 528d87f5221deb269f2e7eba7c62b561  2008.0/i586/php-sysvmsg-5.2.4-3.3mdv2008.0.i586.rpm
 2ae1cf711351a79e54d075a56baa803f  2008.0/i586/php-sysvsem-5.2.4-3.3mdv2008.0.i586.rpm
 1f43453db03dfaa9a4ad6d75c8032fbf  2008.0/i586/php-sysvshm-5.2.4-3.3mdv2008.0.i586.rpm
 99c765052a26be7b3c68cb3999d03301  2008.0/i586/php-tidy-5.2.4-3.3mdv2008.0.i586.rpm
 568385e201d2e9c494132608374c67cb  2008.0/i586/php-tokenizer-5.2.4-3.3mdv2008.0.i586.rpm
 aa3d73e0f32f510134808c48e5730c28  2008.0/i586/php-wddx-5.2.4-3.3mdv2008.0.i586.rpm
 a8a7238a7bbb2c0458cee41764bf4167  2008.0/i586/php-xml-5.2.4-3.3mdv2008.0.i586.rpm
 89dabad2ce9ff9e1330998e8171a7f76  2008.0/i586/php-xmlreader-5.2.4-3.3mdv2008.0.i586.rpm
 2b973524ec6301282d9a6ebf943898bf  2008.0/i586/php-xmlrpc-5.2.4-3.3mdv2008.0.i586.rpm
 c019b015e1c7738b7c268bed9738a274  2008.0/i586/php-xmlwriter-5.2.4-3.3mdv2008.0.i586.rpm
 444e7b7b981f842b0851159c2b60e3f2  2008.0/i586/php-xsl-5.2.4-3.3mdv2008.0.i586.rpm
 ac9ce0fd528f5b3f4ab671c48a35c588  2008.0/i586/php-zlib-5.2.4-3.3mdv2008.0.i586.rpm 
 ecf0b17dd6998db1a0a7ece0f992db56  2008.0/SRPMS/php-5.2.4-3.3mdv2008.0.src.rpm

2008.0 x86_64

 89ba8b65286114fa3ce605c877f434ff  2008.0/x86_64/lib64php5_common5-5.2.4-3.3mdv2008.0.x86_64.rpm
 0ff29b438923c6cdd74d373e7d2e4850  2008.0/x86_64/php-bcmath-5.2.4-3.3mdv2008.0.x86_64.rpm
 fb4fd6c767ab0efcf8fd8893dc218e00  2008.0/x86_64/php-bz2-5.2.4-3.3mdv2008.0.x86_64.rpm
 8d100cf17c2d2b33c9d985294c2522a9  2008.0/x86_64/php-calendar-5.2.4-3.3mdv2008.0.x86_64.rpm
 51735968841ed984937d8bbb129ec515  2008.0/x86_64/php-cgi-5.2.4-3.3mdv2008.0.x86_64.rpm
 271b559fa4a5dff7654f908069a3aba8  2008.0/x86_64/php-cli-5.2.4-3.3mdv2008.0.x86_64.rpm
 2558176bb0d83e12615764374359ed33  2008.0/x86_64/php-ctype-5.2.4-3.3mdv2008.0.x86_64.rpm
 e813815fb84332d469adc6d2a2cf52d9  2008.0/x86_64/php-curl-5.2.4-3.3mdv2008.0.x86_64.rpm
 03be7783fbd67080a3ac7ac203e12d89  2008.0/x86_64/php-dba-5.2.4-3.3mdv2008.0.x86_64.rpm
 48ea284238fa82d159fb665b950162fb  2008.0/x86_64/php-dbase-5.2.4-3.3mdv2008.0.x86_64.rpm
 1b680313ae918dbd6d0605ceb1c37b83  2008.0/x86_64/php-devel-5.2.4-3.3mdv2008.0.x86_64.rpm
 fb9657c80f96d90af8cedb65d5fbc8af  2008.0/x86_64/php-dom-5.2.4-3.3mdv2008.0.x86_64.rpm
 badbfa62b773421cbbec3da18d368eaf  2008.0/x86_64/php-exif-5.2.4-3.3mdv2008.0.x86_64.rpm
 dd405943aa2f7073c00a3e1c0a305c4f  2008.0/x86_64/php-fcgi-5.2.4-3.3mdv2008.0.x86_64.rpm
 1f240a39bbffab1b89df0af047c04ef9  2008.0/x86_64/php-filter-5.2.4-3.3mdv2008.0.x86_64.rpm
 09f930a49b343b5686b9e1b906221f29  2008.0/x86_64/php-ftp-5.2.4-3.3mdv2008.0.x86_64.rpm
 cee4006868185c9d1cccf0ae2764737a  2008.0/x86_64/php-gd-5.2.4-3.3mdv2008.0.x86_64.rpm
 1f90f96d383ac9ff444648fac9706bdd  2008.0/x86_64/php-gettext-5.2.4-3.3mdv2008.0.x86_64.rpm
 3b831a3789ec11c038f4fb0d08badd92  2008.0/x86_64/php-gmp-5.2.4-3.3mdv2008.0.x86_64.rpm
 6c79f8f172d84c278719fd78edb9e8bf  2008.0/x86_64/php-hash-5.2.4-3.3mdv2008.0.x86_64.rpm
 c78688c8a299337f48708e49fb642f35  2008.0/x86_64/php-iconv-5.2.4-3.3mdv2008.0.x86_64.rpm
 cdca33614db11df4d28c195b9e0c2d1b  2008.0/x86_64/php-imap-5.2.4-3.3mdv2008.0.x86_64.rpm
 42827e2ff517d47d340d134b482956cc  2008.0/x86_64/php-json-5.2.4-3.3mdv2008.0.x86_64.rpm
 47b84f7a9c064edec70862dcd62407c2  2008.0/x86_64/php-ldap-5.2.4-3.3mdv2008.0.x86_64.rpm
 7eb75ae9d26308c1f047da264195e0bc  2008.0/x86_64/php-mbstring-5.2.4-3.3mdv2008.0.x86_64.rpm
 ca8404c82e14b76f34505441d7993756  2008.0/x86_64/php-mcrypt-5.2.4-3.3mdv2008.0.x86_64.rpm
 137d94b0bc22b2e3269b69afb2521bc8  2008.0/x86_64/php-mhash-5.2.4-3.3mdv2008.0.x86_64.rpm
 244873acdf03db7e75960dfe7410406a  2008.0/x86_64/php-mime_magic-5.2.4-3.3mdv2008.0.x86_64.rpm
 3cb0ed9c97f740b776365e7ee71c2af2  2008.0/x86_64/php-ming-5.2.4-3.3mdv2008.0.x86_64.rpm
 1cb62b1372b16ad4ebe32f31f9e6b7f9  2008.0/x86_64/php-mssql-5.2.4-3.3mdv2008.0.x86_64.rpm
 9de3e8c8158818bd10e6131c5cb07dd5  2008.0/x86_64/php-mysql-5.2.4-3.3mdv2008.0.x86_64.rpm
 9cc32cd7dd1be8ec371f9d1bb71b686e  2008.0/x86_64/php-mysqli-5.2.4-3.3mdv2008.0.x86_64.rpm
 944bfc97936ff94f6f844e0cbd0dd95a  2008.0/x86_64/php-ncurses-5.2.4-3.3mdv2008.0.x86_64.rpm
 4760b4ab342f44ac87c7f2da54410c0e  2008.0/x86_64/php-odbc-5.2.4-3.3mdv2008.0.x86_64.rpm
 3829b2387029cb3a19b2a2636623f2fa  2008.0/x86_64/php-openssl-5.2.4-3.3mdv2008.0.x86_64.rpm
 62e1e8f8b40e2a8221ea794d9c2b6b5d  2008.0/x86_64/php-pcntl-5.2.4-3.3mdv2008.0.x86_64.rpm
 025965d8df8de7590c8f0d8d4108be78  2008.0/x86_64/php-pdo-5.2.4-3.3mdv2008.0.x86_64.rpm
 2868838706493b2a44f599482fb1d651  2008.0/x86_64/php-pdo_dblib-5.2.4-3.3mdv2008.0.x86_64.rpm
 bd8fe64ddc3ff3600126514157b9e511  2008.0/x86_64/php-pdo_mysql-5.2.4-3.3mdv2008.0.x86_64.rpm
 876f1ad50e59fe4a27860b1dcf6afced  2008.0/x86_64/php-pdo_odbc-5.2.4-3.3mdv2008.0.x86_64.rpm
 e0e86de461e6da0c154cd8408ba7ff2b  2008.0/x86_64/php-pdo_pgsql-5.2.4-3.3mdv2008.0.x86_64.rpm
 9a90b3d24a4f6acb8142563869c92d69  2008.0/x86_64/php-pdo_sqlite-5.2.4-3.3mdv2008.0.x86_64.rpm
 1139217457e537a2ea3e28ef7b7b8f39  2008.0/x86_64/php-pgsql-5.2.4-3.3mdv2008.0.x86_64.rpm
 31377cffd512f021df688f168fa70565  2008.0/x86_64/php-posix-5.2.4-3.3mdv2008.0.x86_64.rpm
 12a6e43f9413d93f582582ba5c8cc0d2  2008.0/x86_64/php-pspell-5.2.4-3.3mdv2008.0.x86_64.rpm
 e257dec42f74358db7ca58d5cc1d524b  2008.0/x86_64/php-readline-5.2.4-3.3mdv2008.0.x86_64.rpm
 6cacff3a4b0a61e60e4ad11ebdafc7bf  2008.0/x86_64/php-recode-5.2.4-3.3mdv2008.0.x86_64.rpm
 025d4d90a09d6de4836dc45228cff6e7  2008.0/x86_64/php-session-5.2.4-3.3mdv2008.0.x86_64.rpm
 908e4379581b86d83d9139879084eb33  2008.0/x86_64/php-shmop-5.2.4-3.3mdv2008.0.x86_64.rpm
 c18c8de8b1629ec5cd2f51bf4e17e817  2008.0/x86_64/php-simplexml-5.2.4-3.3mdv2008.0.x86_64.rpm
 dd8b061f27acae1a7371d8aed868ba23  2008.0/x86_64/php-snmp-5.2.4-3.3mdv2008.0.x86_64.rpm
 3bb622cd884b6712cd7974f88e88a90b  2008.0/x86_64/php-soap-5.2.4-3.3mdv2008.0.x86_64.rpm
 79373a824e2a4a7a0bc900532a1e2801  2008.0/x86_64/php-sockets-5.2.4-3.3mdv2008.0.x86_64.rpm
 5d73d8283b43e69d77396f8f01be8bf3  2008.0/x86_64/php-sqlite-5.2.4-3.3mdv2008.0.x86_64.rpm
 0b2e447aca5263291991c2da1cadd536  2008.0/x86_64/php-sysvmsg-5.2.4-3.3mdv2008.0.x86_64.rpm
 509468b4dbd2935e05e800d9bae37874  2008.0/x86_64/php-sysvsem-5.2.4-3.3mdv2008.0.x86_64.rpm
 1324a045c8e5d05ceb954bc8005fce9e  2008.0/x86_64/php-sysvshm-5.2.4-3.3mdv2008.0.x86_64.rpm
 832fc2acd82c4cb5806f5c5b6ec31086  2008.0/x86_64/php-tidy-5.2.4-3.3mdv2008.0.x86_64.rpm
 a026d9e7a62e9a8064ccb34f7bc73e38  2008.0/x86_64/php-tokenizer-5.2.4-3.3mdv2008.0.x86_64.rpm
 73b8df410ab637a3349adb520e7ddd2b  2008.0/x86_64/php-wddx-5.2.4-3.3mdv2008.0.x86_64.rpm
 35f6c8e61e68c94c7582084b55673c65  2008.0/x86_64/php-xml-5.2.4-3.3mdv2008.0.x86_64.rpm
 117931585f5d3457fad1b924286a34b4  2008.0/x86_64/php-xmlreader-5.2.4-3.3mdv2008.0.x86_64.rpm
 86d4fc9df8514fede7924268cc87cf69  2008.0/x86_64/php-xmlrpc-5.2.4-3.3mdv2008.0.x86_64.rpm
 062ee98ab5ce0675e98adee65131f3f4  2008.0/x86_64/php-xmlwriter-5.2.4-3.3mdv2008.0.x86_64.rpm
 9cad5ac838e1f0f67c55702d4df50c30  2008.0/x86_64/php-xsl-5.2.4-3.3mdv2008.0.x86_64.rpm
 525169a83f9850cbcd3903af389def55  2008.0/x86_64/php-zlib-5.2.4-3.3mdv2008.0.x86_64.rpm 
 ecf0b17dd6998db1a0a7ece0f992db56  2008.0/SRPMS/php-5.2.4-3.3mdv2008.0.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2050
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1384
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4850
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4782