MDVSA-2008:126

Nom du paquet
php
Date
2008-07-03
Advisory ID
MDVSA-2008:126
Affected versions
2007.1 i586 , 2007.1 x86_64

Problem description

A number of vulnerabilities have been found and corrected in PHP:

PHP 5.2.1 would allow context-dependent attackers to read portions
of heap memory by executing certain scripts with a serialized data
input string beginning with 'S:', which did not properly track the
number of input bytes being processed (CVE-2007-1649).

A vulnerability in the chunk_split() function in PHP prior to 5.2.4
has unknown impact and attack vectors, related to an incorrect size
calculation (CVE-2007-4660).

The htmlentities() and htmlspecialchars() functions in PHP prior to
5.2.5 accepted partial multibyte sequences, which has unknown impact
and attack vectors (CVE-2007-5898).

The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites
local forms in which the ACTION attribute references a non-local URL,
which could allow a remote attacker to obtain potentially sensitive
information by reading the requests for this URL (CVE-2007-5899).

The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown
impact and context-dependent attack vectors related to incomplete
multibyte characters (CVE-2008-2051).

Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5
were discovered that could produce a zero seed in rare circumstances on
32bit systems and generations a portion of zero bits during conversion
due to insufficient precision on 64bit systems (CVE-2008-2107,
CVE-2008-2108).

The IMAP module in PHP uses obsolete API calls that allow
context-dependent attackers to cause a denial of service (crash)
via a long IMAP request (CVE-2008-2829).

The updated packages have been patched to correct these issues.

Updated packages

2007.1 i586

 a316408737eaf14cb5728521e26dc446  2007.1/i586/libphp5_common5-5.2.1-4.4mdv2007.1.i586.rpm
 269a3fc71e4e6a17b430d30e74823dca  2007.1/i586/php-cgi-5.2.1-4.4mdv2007.1.i586.rpm
 d840c24a91806daab679185222766687  2007.1/i586/php-cli-5.2.1-4.4mdv2007.1.i586.rpm
 d034af9be26232c573cca06db1692a42  2007.1/i586/php-devel-5.2.1-4.4mdv2007.1.i586.rpm
 85c65924946fa451bd74f6f51dbfcae8  2007.1/i586/php-fcgi-5.2.1-4.4mdv2007.1.i586.rpm
 d6489ed1c6d4e7a35793dd5a5fe4dabd  2007.1/i586/php-imap-5.2.1-1.1mdv2007.1.i586.rpm
 1e478e16e65af0176da924ed73dea263  2007.1/i586/php-openssl-5.2.1-4.4mdv2007.1.i586.rpm
 4a84f4f8b64881333e706554bb26c8a2  2007.1/i586/php-zlib-5.2.1-4.4mdv2007.1.i586.rpm 
 48bdf497322e9b5286a74374d0e1b460  2007.1/SRPMS/php-5.2.1-4.4mdv2007.1.src.rpm
 259d657e68e17b093fa76d29b5e5499d  2007.1/SRPMS/php-imap-5.2.1-1.1mdv2007.1.src.rpm

2007.1 x86_64

 e1c817b7c6b806131a4311493fe45707  2007.1/x86_64/lib64php5_common5-5.2.1-4.4mdv2007.1.x86_64.rpm
 226211fdeb224123af811eb4468362e3  2007.1/x86_64/php-cgi-5.2.1-4.4mdv2007.1.x86_64.rpm
 14e05c3865244c7e9f352bac59268ca3  2007.1/x86_64/php-cli-5.2.1-4.4mdv2007.1.x86_64.rpm
 7e8f6a34863eb897cc6391909ff893ce  2007.1/x86_64/php-devel-5.2.1-4.4mdv2007.1.x86_64.rpm
 8f434207ce93f4e4a20d85b45aaa4093  2007.1/x86_64/php-fcgi-5.2.1-4.4mdv2007.1.x86_64.rpm
 38445ba58c456587fc010dcfe2125030  2007.1/x86_64/php-imap-5.2.1-1.1mdv2007.1.x86_64.rpm
 46f2b06e38148ca0abe2dbb42f6b4a03  2007.1/x86_64/php-openssl-5.2.1-4.4mdv2007.1.x86_64.rpm
 83ce7f229b34c075650cfb92fc795f1d  2007.1/x86_64/php-zlib-5.2.1-4.4mdv2007.1.x86_64.rpm 
 48bdf497322e9b5286a74374d0e1b460  2007.1/SRPMS/php-5.2.1-4.4mdv2007.1.src.rpm
 259d657e68e17b093fa76d29b5e5499d  2007.1/SRPMS/php-imap-5.2.1-1.1mdv2007.1.src.rpm

References