Nom du paquet
php
Date
2007-02-06
Advisory ID
MDKSA-2007:038
Affected versions
CS4.0 x86_64 , MNF2.0 i586 , 2006.0 i586 , 2007.0 x86_64 , 2007.0 i586 , CS3.0 x86_64 , CS4.0 i586 , CS3.0 i586 , 2006.0 x86_64

Problem description

PHP 5.2.0 and 4.4 allows local users to bypass safe_mode and
open_basedir restrictions via a malicious path and a null byte before a
";" in a session_save_path argument, followed by an allowed path, which
causes a parsing inconsistency in which PHP validates the allowed path
but sets session.save_path to the malicious path. (CVE-2006-6383)

Buffer overflow in the gdImageStringFTEx function in gdft.c in GD
Graphics Library 2.0.33 and earlier allows remote attackers to cause a
denial of service (application crash) and possibly execute arbitrary
code via a crafted string with a JIS encoded font. PHP uses an embedded
copy of GD and may be susceptible to the same issue. (CVE-2007-0455)

Updated packages have been patched to correct these issues. Users must
restart Apache for the changes to take effect.

Updated packages

CS4.0 x86_64

 a667b24b7182332997da97d003095bf4  corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.3.20060mlcs4.x86_64.rpm
 96860c73274abe165290ad70a1f8bbec  corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.3.20060mlcs4.x86_64.rpm
 e53ed6e99e23219f351b9dd0faf1fbf8  corporate/4.0/x86_64/php-cgi-5.1.6-1.3.20060mlcs4.x86_64.rpm
 2894870436518afda0788313f6fe9d6e  corporate/4.0/x86_64/php-cli-5.1.6-1.3.20060mlcs4.x86_64.rpm
 3e78d378968a67edda64f8a1db752b21  corporate/4.0/x86_64/php-devel-5.1.6-1.3.20060mlcs4.x86_64.rpm
 16b8070a55f06ede6cce10bbac1f5706  corporate/4.0/x86_64/php-fcgi-5.1.6-1.3.20060mlcs4.x86_64.rpm
 f3fccbe495f311fb13e64b3c2532323b  corporate/4.0/x86_64/php-gd-5.1.6-1.1.20060mlcs4.x86_64.rpm
 e8825bc14914ae4f896b28ab1b04e7ae  corporate/4.0/x86_64/php4-cgi-4.4.4-1.3.20060mlcs4.x86_64.rpm
 1249dfd5f50a707ac6a31c18dec924e0  corporate/4.0/x86_64/php4-cli-4.4.4-1.3.20060mlcs4.x86_64.rpm
 f38d55e2315ba81db68dcb237a783ef0  corporate/4.0/x86_64/php4-devel-4.4.4-1.3.20060mlcs4.x86_64.rpm 
 ab1bc26c56c8d5c0c82544bd189ccb06  corporate/4.0/SRPMS/php-5.1.6-1.3.20060mlcs4.src.rpm
 528acaacac81d6ca4c195355fd5935c1  corporate/4.0/SRPMS/php-gd-5.1.6-1.1.20060mlcs4.src.rpm
 6fea47535848cb3eeb381d8e9ceaf278  corporate/4.0/SRPMS/php4-4.4.4-1.3.20060mlcs4.src.rpm

MNF2.0 i586

 1a5b0a4fa1fe65d9b01ac1fcb87e57f4  mnf/2.0/i586/libphp_common432-4.3.4-4.23.M20mdk.i586.rpm
 1ca60ff9165bc3fc897f5a4fac0a27ab  mnf/2.0/i586/php-cgi-4.3.4-4.23.M20mdk.i586.rpm
 5ecb69d1ba9a1aefb943fdf00922a67e  mnf/2.0/i586/php-cli-4.3.4-4.23.M20mdk.i586.rpm
 43adb03ed86a75a3e90387c075f36bea  mnf/2.0/i586/php-gd-4.3.4-1.5.M20mdk.i586.rpm
 e83875b4d3307b9d16602bf2da0c245a  mnf/2.0/i586/php432-devel-4.3.4-4.23.M20mdk.i586.rpm 
 fb782af12ca499a56594703feb6bed2c  mnf/2.0/SRPMS/php-4.3.4-4.23.M20mdk.src.rpm
 fb344c42cba2a62c03c42b864b2e3151  mnf/2.0/SRPMS/php-gd-4.3.4-1.5.M20mdk.src.rpm

2006.0 i586

 f4975722488c515d7701f3f2475c45c1  2006.0/i586/libphp5_common5-5.0.4-9.18.20060mdk.i586.rpm
 df6d91c7fb6deadd6447c68d41a7a57f  2006.0/i586/php-cgi-5.0.4-9.18.20060mdk.i586.rpm
 861b613a3caa594e9d18de2f66711c1c  2006.0/i586/php-cli-5.0.4-9.18.20060mdk.i586.rpm
 aa74ed178e6523b28d6f0ee1cfb2b9a6  2006.0/i586/php-devel-5.0.4-9.18.20060mdk.i586.rpm
 cdc33f50531e2815c3f39a2f12eca69d  2006.0/i586/php-fcgi-5.0.4-9.18.20060mdk.i586.rpm
 0df45677da595137066ec38171463402  2006.0/i586/php-gd-5.0.4-2.1.20060mdk.i586.rpm 
 09416e0ce824f667f9f247950e3f6b87  2006.0/SRPMS/php-5.0.4-9.18.20060mdk.src.rpm
 9caab8fb262742b7fdc8e2787db26e49  2006.0/SRPMS/php-gd-5.0.4-2.1.20060mdk.src.rpm

2007.0 x86_64

 5bf3650bbe564873a14ea8b6bf3ade06  2007.0/x86_64/lib64php5_common5-5.1.6-1.4mdv2007.0.x86_64.rpm
 34ed4aa6be49dcb88f7bbc0a5c2e8690  2007.0/x86_64/php-cgi-5.1.6-1.4mdv2007.0.x86_64.rpm
 608fc651103e04774dd99542ac9c24e3  2007.0/x86_64/php-cli-5.1.6-1.4mdv2007.0.x86_64.rpm
 ade70a35519251e33fece3b184a5e42c  2007.0/x86_64/php-devel-5.1.6-1.4mdv2007.0.x86_64.rpm
 32a0cd75a40a80b04d4f62e7a5695cf6  2007.0/x86_64/php-fcgi-5.1.6-1.4mdv2007.0.x86_64.rpm
 b65ee3000cc55d6835bde68de1285708  2007.0/x86_64/php-gd-5.1.6-1.1mdv2007.0.x86_64.rpm 
 719976944ad1da508b9dd10eb1068e41  2007.0/SRPMS/php-5.1.6-1.4mdv2007.0.src.rpm
 af2f0370851c3d3729b89586d9eded8e  2007.0/SRPMS/php-gd-5.1.6-1.1mdv2007.0.src.rpm

2007.0 i586

 c8879f538ab9a93f1999c9dc8aa2f6c7  2007.0/i586/libphp5_common5-5.1.6-1.4mdv2007.0.i586.rpm
 e8c050d86574fb1d2a52a5b3ec85a255  2007.0/i586/php-cgi-5.1.6-1.4mdv2007.0.i586.rpm
 92391d48bd18ab9e20e64039a4a9f2ff  2007.0/i586/php-cli-5.1.6-1.4mdv2007.0.i586.rpm
 d7b3ddc58da98113342434d45e04c3a8  2007.0/i586/php-devel-5.1.6-1.4mdv2007.0.i586.rpm
 a5dd9b692fbd9c41be42fa2d59539c1d  2007.0/i586/php-fcgi-5.1.6-1.4mdv2007.0.i586.rpm
 75ac1300b928127481cb8e3540ecb28d  2007.0/i586/php-gd-5.1.6-1.1mdv2007.0.i586.rpm 
 719976944ad1da508b9dd10eb1068e41  2007.0/SRPMS/php-5.1.6-1.4mdv2007.0.src.rpm
 af2f0370851c3d3729b89586d9eded8e  2007.0/SRPMS/php-gd-5.1.6-1.1mdv2007.0.src.rpm

CS3.0 x86_64

 cfd5971fec1866bf5fe3c5e23adaba58  corporate/3.0/x86_64/lib64php_common432-4.3.4-4.23.C30mdk.x86_64.rpm
 14be94ecf6ddc1f3b910b802624de67c  corporate/3.0/x86_64/php-cgi-4.3.4-4.23.C30mdk.x86_64.rpm
 b016f2131f015adf8a0d0da27033569f  corporate/3.0/x86_64/php-cli-4.3.4-4.23.C30mdk.x86_64.rpm
 9355a4e63f1e5193f43f5048541885bf  corporate/3.0/x86_64/php-gd-4.3.4-1.5.C30mdk.x86_64.rpm
 77c18b09786f412789f63d6094a4fd23  corporate/3.0/x86_64/php432-devel-4.3.4-4.23.C30mdk.x86_64.rpm 
 b8efd05ff96d101323b6253aa08b5e93  corporate/3.0/SRPMS/php-4.3.4-4.23.C30mdk.src.rpm
 d18944ac47e27e3653fe99e134ecba18  corporate/3.0/SRPMS/php-gd-4.3.4-1.5.C30mdk.src.rpm

CS4.0 i586

 64274f70614e93e30b479a7ba0613e8a  corporate/4.0/i586/libphp4_common4-4.4.4-1.3.20060mlcs4.i586.rpm
 43f22e53482c4451a24f3008a7ba75eb  corporate/4.0/i586/libphp5_common5-5.1.6-1.3.20060mlcs4.i586.rpm
 2c1b8b75b49bf78b6a677d36832e116c  corporate/4.0/i586/php-cgi-5.1.6-1.3.20060mlcs4.i586.rpm
 64261b179e2db73b5838d96020835cae  corporate/4.0/i586/php-cli-5.1.6-1.3.20060mlcs4.i586.rpm
 dfd172a482e20943dabd3b3fbef9ba95  corporate/4.0/i586/php-devel-5.1.6-1.3.20060mlcs4.i586.rpm
 1a57eb8f5b70cd4ea28b98b462493e51  corporate/4.0/i586/php-fcgi-5.1.6-1.3.20060mlcs4.i586.rpm
 bd060ffd97d1ede4a3c9453de8287970  corporate/4.0/i586/php-gd-5.1.6-1.1.20060mlcs4.i586.rpm
 e7d645e78c829242e3f81ab16aa8903d  corporate/4.0/i586/php4-cgi-4.4.4-1.3.20060mlcs4.i586.rpm
 1379c35acd8c2a414d482d5d0f5c782a  corporate/4.0/i586/php4-cli-4.4.4-1.3.20060mlcs4.i586.rpm
 10f753850f58ea02962272a4a30b8ed0  corporate/4.0/i586/php4-devel-4.4.4-1.3.20060mlcs4.i586.rpm 
 ab1bc26c56c8d5c0c82544bd189ccb06  corporate/4.0/SRPMS/php-5.1.6-1.3.20060mlcs4.src.rpm
 528acaacac81d6ca4c195355fd5935c1  corporate/4.0/SRPMS/php-gd-5.1.6-1.1.20060mlcs4.src.rpm
 6fea47535848cb3eeb381d8e9ceaf278  corporate/4.0/SRPMS/php4-4.4.4-1.3.20060mlcs4.src.rpm

CS3.0 i586

 a4d72dc3de251851206c67e9706432a6  corporate/3.0/i586/libphp_common432-4.3.4-4.23.C30mdk.i586.rpm
 b8e1d56bb999975f9ea0a66d8877847f  corporate/3.0/i586/php-cgi-4.3.4-4.23.C30mdk.i586.rpm
 433ae81fdc6d1238c0931e43f6989a9b  corporate/3.0/i586/php-cli-4.3.4-4.23.C30mdk.i586.rpm
 2a1717d00d78a6a6f34cddb987c0f279  corporate/3.0/i586/php-gd-4.3.4-1.5.C30mdk.i586.rpm
 44c2653add5bf2cc23a2d8f6bfa3b31e  corporate/3.0/i586/php432-devel-4.3.4-4.23.C30mdk.i586.rpm 
 b8efd05ff96d101323b6253aa08b5e93  corporate/3.0/SRPMS/php-4.3.4-4.23.C30mdk.src.rpm
 d18944ac47e27e3653fe99e134ecba18  corporate/3.0/SRPMS/php-gd-4.3.4-1.5.C30mdk.src.rpm

2006.0 x86_64

 94d70f0d65bebd9b8b235ec523bef3c4  2006.0/x86_64/lib64php5_common5-5.0.4-9.18.20060mdk.x86_64.rpm
 3e145f94684bd8aaae230b181a3bab18  2006.0/x86_64/php-cgi-5.0.4-9.18.20060mdk.x86_64.rpm
 5a460212062d85cc35c52c6c42e3babc  2006.0/x86_64/php-cli-5.0.4-9.18.20060mdk.x86_64.rpm
 a31b6a63963f4486ee7839e449fb60ef  2006.0/x86_64/php-devel-5.0.4-9.18.20060mdk.x86_64.rpm
 6c0ae39e3a6b8cb07a44271e5b128e2f  2006.0/x86_64/php-fcgi-5.0.4-9.18.20060mdk.x86_64.rpm
 228bb108271c28550034b39b9f6cafee  2006.0/x86_64/php-gd-5.0.4-2.1.20060mdk.x86_64.rpm 
 09416e0ce824f667f9f247950e3f6b87  2006.0/SRPMS/php-5.0.4-9.18.20060mdk.src.rpm
 9caab8fb262742b7fdc8e2787db26e49  2006.0/SRPMS/php-gd-5.0.4-2.1.20060mdk.src.rpm

References