--------------------------------------------------------------------- Fedora Legacy Update Advisory Synopsis: Updated php packages fix security issues Advisory ID: FLSA:166943 Issue date: 2005-11-28 Product: Red Hat Linux, Fedora Core Keywords: Bugfix CVE Names: CVE-2005-2498 CVE-2005-3390 CVE-2005-3389 CVE-2005-3388 CVE-2005-3353 --------------------------------------------------------------------- --------------------------------------------------------------------- 1. Topic: Updated PHP packages that fix multiple security issues are now available. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. 2. Relevant releases/architectures: Red Hat Linux 7.3 - i386 Red Hat Linux 9 - i386 Fedora Core 1 - i386 Fedora Core 2 - i386 3. Problem description: A bug was discovered in the PEAR XML-RPC Server package included in PHP. If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-2498 to this issue. A flaw was found in the way PHP registers global variables during a file upload request. A remote attacker could submit a carefully crafted multipart/form-data POST request that would overwrite the $GLOBALS array, altering expected script behavior, and possibly leading to the execution of arbitrary PHP commands. Please note that this vulnerability only affects installations which have register_globals enabled in the PHP configuration file, which is not a default or recommended option. The Common Vulnerabilities and Exposures project assigned the name CVE-2005-3390 to this issue. A flaw was found in the PHP parse_str() function. If a PHP script passes only one argument to the parse_str() function, and the script can be forced to abort execution during operation (for example due to the memory_limit setting), the register_globals may be enabled even if it is disabled in the PHP configuration file. This vulnerability only affects installations that have PHP scripts using the parse_str function in this way. (CVE-2005-3389) A Cross-Site Scripting flaw was found in the phpinfo() function. If a victim can be tricked into following a malicious URL to a site with a page displaying the phpinfo() output, it may be possible to inject javascript or HTML content into the displayed page or steal data such as cookies. This vulnerability only affects installations which allow users to view the output of the phpinfo() function. As the phpinfo() function outputs a large amount of information about the current state of PHP, it should only be used during debugging or if protected by authentication. (CVE-2005-3388) A denial of service flaw was found in the way PHP processes EXIF image data. It is possible for an attacker to cause PHP to crash by supplying carefully crafted EXIF image data. (CVE-2005-3353) Users of PHP should upgrade to these updated packages, which contain backported patches that resolve these issues. 4. Solution: Before applying this update, make sure all previously released errata relevant to your system have been applied. To update all RPMs for your particular architecture, run: rpm -Fvh [filenames] where [filenames] is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via yum and apt. Many people find this an easier way to apply updates. To use yum issue: yum update or to use apt: apt-get update; apt-get upgrade This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. This assumes that you have yum or apt-get configured for obtaining Fedora Legacy content. Please visit http://www.fedoralegacy.org/docs for directions on how to configure yum and apt-get. 5. Bug IDs fixed: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=166943 6. RPMs required: Red Hat Linux 7.3: SRPM: http://download.fedoralegacy.org/redhat/7.3/updates/SRPMS/php-4.1.2-7.3.18.legacy.src.rpm i386: http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-devel-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-imap-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-ldap-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-manual-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-mysql-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-odbc-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-pgsql-4.1.2-7.3.18.legacy.i386.rpm http://download.fedoralegacy.org/redhat/7.3/updates/i386/php-snmp-4.1.2-7.3.18.legacy.i386.rpm Red Hat Linux 9: SRPM: http://download.fedoralegacy.org/redhat/9/updates/SRPMS/php-4.2.2-17.16.legacy.src.rpm i386: http://download.fedoralegacy.org/redhat/9/updates/i386/php-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-devel-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-imap-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-ldap-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-manual-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-mysql-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-odbc-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-pgsql-4.2.2-17.16.legacy.i386.rpm http://download.fedoralegacy.org/redhat/9/updates/i386/php-snmp-4.2.2-17.16.legacy.i386.rpm Fedora Core 1: SRPM: http://download.fedoralegacy.org/fedora/1/updates/SRPMS/php-4.3.11-1.fc1.3.legacy.src.rpm i386: http://download.fedoralegacy.org/fedora/1/updates/i386/php-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-devel-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-domxml-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-imap-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-ldap-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-mbstring-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-mysql-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-odbc-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-pgsql-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-snmp-4.3.11-1.fc1.3.legacy.i386.rpm http://download.fedoralegacy.org/fedora/1/updates/i386/php-xmlrpc-4.3.11-1.fc1.3.legacy.i386.rpm Fedora Core 2: SRPM: http://download.fedoralegacy.org/fedora/2/updates/SRPMS/php-4.3.11-1.fc2.4.legacy.src.rpm i386: http://download.fedoralegacy.org/fedora/2/updates/i386/php-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-devel-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-domxml-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-imap-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-ldap-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-mbstring-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-mysql-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-odbc-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-pear-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-pgsql-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-snmp-4.3.11-1.fc2.4.legacy.i386.rpm http://download.fedoralegacy.org/fedora/2/updates/i386/php-xmlrpc-4.3.11-1.fc2.4.legacy.i386.rpm 7. Verification: SHA1 sum Package Name --------------------------------------------------------------------- 8bdf500386f11c6484c04361095061cce6c5c5f8 redhat/7.3/updates/i386/php-4.1.2-7.3.18.legacy.i386.rpm 592c870e99523279267a0daea98c7dc08b09e5ca redhat/7.3/updates/i386/php-devel-4.1.2-7.3.18.legacy.i386.rpm 9f84a76296d88673ba8354f416a6ee75b86afb3f redhat/7.3/updates/i386/php-imap-4.1.2-7.3.18.legacy.i386.rpm 8c4b7136f2cac5f8eea394db819e0f67a973e4ff redhat/7.3/updates/i386/php-ldap-4.1.2-7.3.18.legacy.i386.rpm d579f333822efd11fb2fc1364d2b9218bd3547a9 redhat/7.3/updates/i386/php-manual-4.1.2-7.3.18.legacy.i386.rpm 50ec5b4419f70839b5c0b328a605189137477d12 redhat/7.3/updates/i386/php-mysql-4.1.2-7.3.18.legacy.i386.rpm a73300b91e8ac8aee1792f5ec0975fb312b7f780 redhat/7.3/updates/i386/php-odbc-4.1.2-7.3.18.legacy.i386.rpm af7de72af9756d6085d255544de389eb8f355c39 redhat/7.3/updates/i386/php-pgsql-4.1.2-7.3.18.legacy.i386.rpm d96277ec0aa9d37af3372eedb0868249ca96ff51 redhat/7.3/updates/i386/php-snmp-4.1.2-7.3.18.legacy.i386.rpm 8a03b8a7832aba6baf825ec64778f4a321707405 redhat/7.3/updates/SRPMS/php-4.1.2-7.3.18.legacy.src.rpm 7ad045d32b304f8dd7ddb19b4b635c729e0150df redhat/9/updates/i386/php-4.2.2-17.16.legacy.i386.rpm 1d27a480f2bd80e5de58f2bca1d35866c731a82b redhat/9/updates/i386/php-devel-4.2.2-17.16.legacy.i386.rpm 649d6cf648ae7900e7c2a4d4a5cb6170b4dabf54 redhat/9/updates/i386/php-imap-4.2.2-17.16.legacy.i386.rpm c80cb4ed7a141d71b1506ec53473df0f67a33f87 redhat/9/updates/i386/php-ldap-4.2.2-17.16.legacy.i386.rpm 1b8467345c7a63f7e929052d320e9cafa966e3a1 redhat/9/updates/i386/php-manual-4.2.2-17.16.legacy.i386.rpm 691b73249fcb8555bce72b9cc11f7bf305dc837b redhat/9/updates/i386/php-mysql-4.2.2-17.16.legacy.i386.rpm 373d8598c44551d061c1a1c43699d76533d98941 redhat/9/updates/i386/php-odbc-4.2.2-17.16.legacy.i386.rpm 6ad36765c9d8585222e0ec8814f3000af9ceaefc redhat/9/updates/i386/php-pgsql-4.2.2-17.16.legacy.i386.rpm c8320f5f79c80ba3f22f85d93775db06746fb2a8 redhat/9/updates/i386/php-snmp-4.2.2-17.16.legacy.i386.rpm 1502c7295697edcb34d89c28b922ac39785e6b20 redhat/9/updates/SRPMS/php-4.2.2-17.16.legacy.src.rpm cd04cc6c329e18a9c0c989cdb9a5fcdc9b6712c8 fedora/1/updates/i386/php-4.3.11-1.fc1.3.legacy.i386.rpm bdb82f6017f088488443cec5f97650aa172714bd fedora/1/updates/i386/php-devel-4.3.11-1.fc1.3.legacy.i386.rpm 5921f184247991ddac4b398a617abea8768cd9d5 fedora/1/updates/i386/php-domxml-4.3.11-1.fc1.3.legacy.i386.rpm b38b1aabdcee19a8764b9156ffbd4a7fd15c5345 fedora/1/updates/i386/php-imap-4.3.11-1.fc1.3.legacy.i386.rpm ecb2bfd639fe1e44a389e2527babbd912279d6ad fedora/1/updates/i386/php-ldap-4.3.11-1.fc1.3.legacy.i386.rpm 3bd193c7d75216cbe34cee7c637be042b2197693 fedora/1/updates/i386/php-mbstring-4.3.11-1.fc1.3.legacy.i386.rpm 0883a4ef7c03d8faebc90ed0f4a138e1f9b64c9f fedora/1/updates/i386/php-mysql-4.3.11-1.fc1.3.legacy.i386.rpm 62017bd8700dcaceb2280443abb3e6fd17e9458e fedora/1/updates/i386/php-odbc-4.3.11-1.fc1.3.legacy.i386.rpm c9a90440e780eb1420100ed8b0e28d92ddea0295 fedora/1/updates/i386/php-pgsql-4.3.11-1.fc1.3.legacy.i386.rpm ef627102ded443de2e78c33a29f76c6066f7bf5a fedora/1/updates/i386/php-snmp-4.3.11-1.fc1.3.legacy.i386.rpm 38da5e66ead97e573a7105ad4a62a14c75763268 fedora/1/updates/i386/php-xmlrpc-4.3.11-1.fc1.3.legacy.i386.rpm d2b93da45a735956e980e8a5401c4b171644794a fedora/1/updates/SRPMS/php-4.3.11-1.fc1.3.legacy.src.rpm edce472b6a404a45bb0187ed2058929b51850423 fedora/2/updates/i386/php-4.3.11-1.fc2.4.legacy.i386.rpm 5f55d05ec4dbbbd6717a14f495bfe9948bec3837 fedora/2/updates/i386/php-devel-4.3.11-1.fc2.4.legacy.i386.rpm d308529686de245b33057c4ce1a7e0435ba748e6 fedora/2/updates/i386/php-domxml-4.3.11-1.fc2.4.legacy.i386.rpm a85ba72dbcf8357c63bd7ddd71a8e7b1e270a0d0 fedora/2/updates/i386/php-imap-4.3.11-1.fc2.4.legacy.i386.rpm 8856c97f65e6dfdf5241faa5294a9a8883de049b fedora/2/updates/i386/php-ldap-4.3.11-1.fc2.4.legacy.i386.rpm f7d1159e5756ba33282920d0923bcd338306a2c8 fedora/2/updates/i386/php-mbstring-4.3.11-1.fc2.4.legacy.i386.rpm 24d23bd41dc5c3233019a86a988057dfa8fd3576 fedora/2/updates/i386/php-mysql-4.3.11-1.fc2.4.legacy.i386.rpm 618b32b0c28b71755c8f487b035649e44213b2cf fedora/2/updates/i386/php-odbc-4.3.11-1.fc2.4.legacy.i386.rpm cf728abb52acc26f2f6d33dbb5135fdbd2ec4df0 fedora/2/updates/i386/php-pear-4.3.11-1.fc2.4.legacy.i386.rpm fe3a23d81b92930426f7dd3a5b687ef979d8a3b9 fedora/2/updates/i386/php-pgsql-4.3.11-1.fc2.4.legacy.i386.rpm 771c5041ed29045e4de59bcacbc0c640247c80e7 fedora/2/updates/i386/php-snmp-4.3.11-1.fc2.4.legacy.i386.rpm 2962cc479b53c181dd67fdd4008ee904d81e71ac fedora/2/updates/i386/php-xmlrpc-4.3.11-1.fc2.4.legacy.i386.rpm 2c6d2007423a9334a22451521a742ca942677c57 fedora/2/updates/SRPMS/php-4.3.11-1.fc2.4.legacy.src.rpm These packages are GPG signed by Fedora Legacy for security. Our key is available from http://www.fedoralegacy.org/about/security.php You can verify each package with the following command: rpm --checksig -v <filename> If you only wish to verify that each package has not been corrupted or tampered with, examine only the sha1sum with the following command: sha1sum <filename> 8. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-2498 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3390 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3389 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3388 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3353 9. Contact: The Fedora Legacy security contact is <secnotice@xxxxxxxxxxxxxxxx>. More project details at http://www.fedoralegacy.org ---------------------------------------------------------------------
Attachment:
signature.asc
Description: OpenPGP digital signature