MDVSA-2008:125

Package name

php

Date

2008-07-03

Advisory ID

MDVSA-2008:125

Affected versions

CS4.0 x86_64 , CS4.0 i586

Problem description

A number of vulnerabilities have been found and corrected in PHP:

A vulnerability in the chunk_split() function in PHP prior to 5.2.4
has unknown impact and attack vectors, related to an incorrect size
calculation (CVE-2007-4660).

The htmlentities() and htmlspecialchars() functions in PHP prior to
5.2.5 accepted partial multibyte sequences, which has unknown impact
and attack vectors (CVE-2007-5898).

The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites
local forms in which the ACTION attribute references a non-local URL,
which could allow a remote attacker to obtain potentially sensitive
information by reading the requests for this URL (CVE-2007-5899).

The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown
impact and context-dependent attack vectors related to incomplete
multibyte characters (CVE-2008-2051).

Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5
were discovered that could produce a zero seed in rare circumstances on
32bit systems and generations a portion of zero bits during conversion
due to insufficient precision on 64bit systems (CVE-2008-2107,
CVE-2008-2108).

The updated packages have been patched to correct these issues.

Updated packages

CS4.0 x86_64

 31682b09f5d4b11116b4178c1257dc46  corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.9.20060mlcs4.x86_64.rpm
 980828b8789ebe420a49a6e017f9c862  corporate/4.0/x86_64/php-cgi-5.1.6-1.9.20060mlcs4.x86_64.rpm
 95b5fa22905c223987f3c0bdeb28d3fe  corporate/4.0/x86_64/php-cli-5.1.6-1.9.20060mlcs4.x86_64.rpm
 985ed4da464a4f8ba96e8b086a95d5a3  corporate/4.0/x86_64/php-devel-5.1.6-1.9.20060mlcs4.x86_64.rpm
 56eed2db968237420c59f5a5ec3b7554  corporate/4.0/x86_64/php-fcgi-5.1.6-1.9.20060mlcs4.x86_64.rpm 
 89a3ae3cc996094efa76c4e8ad742fad  corporate/4.0/SRPMS/php-5.1.6-1.9.20060mlcs4.src.rpm

CS4.0 i586

 caaccf7c09c6aaf4776e9e0e5ed5bece  corporate/4.0/i586/libphp5_common5-5.1.6-1.9.20060mlcs4.i586.rpm
 9a8188e1394c8d11879267e3d00f5b51  corporate/4.0/i586/php-cgi-5.1.6-1.9.20060mlcs4.i586.rpm
 a37e970a7e29295bd30db80d4e47b22a  corporate/4.0/i586/php-cli-5.1.6-1.9.20060mlcs4.i586.rpm
 fd2fc49926605a03ff2012fae8bfe4fc  corporate/4.0/i586/php-devel-5.1.6-1.9.20060mlcs4.i586.rpm
 c7ff04be0c2efc6a83f4c7741d7b17cc  corporate/4.0/i586/php-fcgi-5.1.6-1.9.20060mlcs4.i586.rpm 
 89a3ae3cc996094efa76c4e8ad742fad  corporate/4.0/SRPMS/php-5.1.6-1.9.20060mlcs4.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4660
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108