<<< Date Index >>>     <<< Thread Index >>>

TSSA-2004-013 - php



 ===========================================================================
                                             _     
                         |_ .  _      _  _  (_  _  
                         |_ | | ) \/ _) (_) |  (_| 
                                  /                


                       Security  Advisory  #2004-013

 Package name:      php
 Summary:           Multiple Security Fixes
 Advisory ID:       TSSA-2004-013
 Date:              2004-07-14
 Affected versions: tinysofa enterprise server 1.0
                    tinysofa enterprise server 2.0-pre[1-3]

 ===========================================================================

 Security Fixes
 ============== 

 Description
 -----------

  php:
  * PHP [0] is a widely-used general-purpose scripting language that is 
    especially suited for Web development and can be embedded into HTML. 

  [Issue #1]
    During a reaudit of the memory_limit problem it was discovered that it
    is possible for a remote attacker to trigger the memory_limit request 
    termination in places where an interruption is unsafe. This can be 
    abused to execute arbitrary code on remote PHP servers.

    This problem has been assigned the name CAN-2004-0594 [1] by the 
    Common Vulnerabilities and Exposures (CVE) project, and was first
    reported by Stefan Esser [2] of e-matters GmbH.

  [Issue #2]
    During an audit of the PHP source code a binary safety problem in the 
    handling of allowed tags within PHP's strip_tags() function was 
    discovered. This problem may allow injection of malicious Javascript
    in the Internet Explorer and Safari browsers.

    This problem has been assigned the name CAN-2004-0595 [3] by the 
    Common Vulnerabilities and Exposures (CVE) project, and was first
    reported by Stefan Esser [4] of e-matters GmbH.

 References
 ----------
  [0] http://www.php.org/
  [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
  [2] http://security.e-matters.de/advisories/112004.html
  [3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
  [4] http://security.e-matters.de/advisories/122004.html


 Recommended Action
 ==================

  We recommend that all systems with these packages installed be upgraded.
  Please note that if you do not need the functionality provided by this
  package, you may want to remove it from your system.


 Location
 ========

  All tinysofa updates are available from
  <URI:http://http.tinysofa.org/pub/tinysofa/updates/>
  <URI:ftp://ftp.tinysofa.org/pub/tinysofa/updates/>


 Automatic Updates
 =================

  Users of the SWUP tool can enjoy having updates automatically
  installed using 'swup --upgrade'.

  Users of the APT tool may use the 'apt-get update' command, followed
  by an 'apt-get upgrade' command.


 Questions?
 ==========

  Check out our mailing lists:
  <URI:http://www.tinysofa.org/support/>


 Verification
 ============

  This advisory is signed with the tinysofa security sign key.
  This key is available from:
  <URI:http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xAEDCBB4B>

  All tinysofa packages are signed with the tinysofa stable sign key.
  This key is available from:
  <URI:http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x0F1240A2>

  The advisory is available from the tinysofa errata database at
  <URI:http://www.tinysofa.org/support/errata/>
  or directly at
  <URI:http://www.tinysofa.org/support/errata/2004/013.html>


 MD5sums Of The Packages
 =======================

 [server-1.0]

  e1ffce3acc558c7e5269fd637b38d085  mod_php4-4.3.8-1ts.i586.rpm
  c02a8166b6d89269fa2c8d02589b3690  mod_php4-cli-4.3.8-1ts.i586.rpm
  909156cf09c5489c7e0042d5c21d0bf7  mod_php4-devel-4.3.8-1ts.i586.rpm
  e7c08ddfb7137d7aeb30290f24675d50  mod_php4-domxml-4.3.8-1ts.i586.rpm
  ee1c25883b22f549b6a8e0996d3be18c  mod_php4-exif-4.3.8-1ts.i586.rpm
  2c5e9012c4d9868f041049269009485c  mod_php4-gd-4.3.8-1ts.i586.rpm
  348a60d1b953c62eadfb7d866697f18e  mod_php4-imap-4.3.8-1ts.i586.rpm
  6e950a881ec0e15f6ceedf0250cbc820  mod_php4-ldap-4.3.8-1ts.i586.rpm
  89ce47c168e4de0be68ad1b59ce6df33  mod_php4-mysql-4.3.8-1ts.i586.rpm
  e982347926de5e427af28a97b6659a72  mod_php4-pgsql-4.3.8-1ts.i586.rpm
  69f18f4ee8639f422c02e3db0c77796b  mod_php4-sysv-4.3.8-1ts.i586.rpm
  6484043213a52fe8dd26ef0ab9868ade  mod_php4-test-4.3.8-1ts.i586.rpm

 [server-2.0]

  26f4138ba3d6b5f4f23290be8643a6df  php-4.3.8-1ts.i386.rpm
  a6e96cda8777dac2a1f536ece6cf0c85  php-devel-4.3.8-1ts.i386.rpm
  10859240ea4aae5b79317d0eb4db6d2e  php-domxml-4.3.8-1ts.i386.rpm
  853644f7e40e3b71b2ed2f78c591d653  php-gd-4.3.8-1ts.i386.rpm
  7e54e37375696909678e10c152b459e2  php-imap-4.3.8-1ts.i386.rpm
  ac80ece11dfea8e9cae08d8cbf6c4fb6  php-ldap-4.3.8-1ts.i386.rpm
  aee6a93771032b191d7e9369db6d45cd  php-mbstring-4.3.8-1ts.i386.rpm
  f7d361ea347b3d2e8b1723ec8e051614  php-mssql-4.3.8-1ts.i386.rpm
  ad23fa72f9ca067b7e033e782c4913cb  php-mysql-4.3.8-1ts.i386.rpm
  70afbec8a0969160f22dd5847f54f2dc  php-ncurses-4.3.8-1ts.i386.rpm
  4ab163aa1df09619936f8a8930b7973c  php-odbc-4.3.8-1ts.i386.rpm
  a6196a1d96643ae90b00e0c27255dbbf  php-openssl-4.3.8-1ts.i386.rpm
  a88dab2943a986b0b44683ff8bb15750  php-pear-4.3.8-1ts.i386.rpm
  78c60456204e51183cb58511861a0268  php-pgsql-4.3.8-1ts.i386.rpm
  f5d1edd1859eba41fe9bd735b8fee856  php-snmp-4.3.8-1ts.i386.rpm
  1a0a1039daa8b21d28bc398c8167ed59  php-xmlrpc-4.3.8-1ts.i386.rpm

 --
 tinysofa Security Team <security at tinysofa dot org>

Attachment: pgpREQ1YUbj8z.pgp
Description: PGP signature