RHSA-2007:0155-01 Important: php security update
Posted on: 04/16/2007 06:45 PM

A new update is available for Red Hat Enterprise Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
Red Hat Security Advisory

Synopsis: Important: php security update
Advisory ID: RHSA-2007:0155-01
Advisory URL: https://rhn.redhat.com/errata/RHSA-2007-0155.html
Issue date: 2007-04-16
Updated on: 2007-04-16
Product: Red Hat Enterprise Linux
CVE Names: CVE-2007-1285 CVE-2007-1286 CVE-2007-1583
CVE-2007-1711 CVE-2007-1718 CVE-2007-0455
CVE-2007-1001
- ---------------------------------------------------------------------

1. Summary:

Updated PHP packages that fix several security issues are now available for
Red Hat Enterprise Linux 3 and 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Enterprise Linux Desktop version 4 - i386, x86_64
Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

A denial of service flaw was found in the way PHP processed a deeply nested
array. A remote attacker could cause the PHP interpreter to crash by
submitting an input variable with a deeply nested array. (CVE-2007-1285)

A flaw was found in the way PHP's unserialize() function processed data. If
a remote attacker was able to pass arbitrary data to PHP's unserialize()
function, they could possibly execute arbitrary code as the apache user.
(CVE-2007-1286)

A flaw was found in the way the mbstring extension set global variables. A
script which used the mb_parse_str() function to set global variables could
be forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-1583)

A double free flaw was found in PHP's session_decode() function. If a
remote attacker was able to pass arbitrary data to PHP's session_decode()
function, they could possibly execute arbitrary code as the apache user.
(CVE-2007-1711)

A flaw was discovered in the way PHP's mail() function processed header
data. If a script sent mail using a Subject header containing a string from
an untrusted source, a remote attacker could send bulk e-mail to unintended
recipients. (CVE-2007-1718)

A heap based buffer overflow flaw was discovered in PHP's gd extension. A
script that could be forced to process WBMP images from an untrusted source
could result in arbitrary code execution. (CVE-2007-1001)

A buffer over-read flaw was discovered in PHP's gd extension. A script that
could be forced to write arbitrary string using a JIS font from an
untrusted source could cause the PHP interpreter to crash. (CVE-2007-0455)

Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

5. Bug IDs fixed (http://bugzilla.redhat.com/):

230556 - CVE-2007-1285 "Month of PHP Bugs" security issues (CVE-2007-1286 CVE-2007-1583 CVE-2007-1711 CVE-2007-1718)
235028 - CVE-2007-1001 gd php flaws (CVE-2007-0455)

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-40.ent.src.rpm
7e86609bb9e811532c0c85f5c29aadf6 php-4.3.2-40.ent.src.rpm

i386:
5855234b933b66fd1b38d93b95418e36 php-4.3.2-40.ent.i386.rpm
dd4b6a49cbeeb001a0c0dcfcf0963607 php-debuginfo-4.3.2-40.ent.i386.rpm
726a6a36fc362508b93f23e784c76bba php-devel-4.3.2-40.ent.i386.rpm
b012de2b5ec4e0479662403585efffd6 php-imap-4.3.2-40.ent.i386.rpm
5e8c4165ebd99f0c066f0cd0d386d88f php-ldap-4.3.2-40.ent.i386.rpm
96fa828e93e5959287ce42aebd5abcd8 php-mysql-4.3.2-40.ent.i386.rpm
46078615f2a34ad087daa0853f8d034e php-odbc-4.3.2-40.ent.i386.rpm
3cead419f1826fb8a87ec873be4ac3c6 php-pgsql-4.3.2-40.ent.i386.rpm

ia64:
f94a6c8b571d82ee18a8644d87c590ae php-4.3.2-40.ent.ia64.rpm
d8c1d8be8220080cea88a43ee501f015 php-debuginfo-4.3.2-40.ent.ia64.rpm
675f141a212250fe1b261977cb06d663 php-devel-4.3.2-40.ent.ia64.rpm
a94c845cb1a0f6efb1b93a9ce861deae php-imap-4.3.2-40.ent.ia64.rpm
10a8b591e979cf4de740b8201713f9c6 php-ldap-4.3.2-40.ent.ia64.rpm
6e84db87339583f63a328e2f2874fcbc php-mysql-4.3.2-40.ent.ia64.rpm
c3b8d618680e1729929672a4fea44a8f php-odbc-4.3.2-40.ent.ia64.rpm
1e7e8bf549ac53207e500d7f2f6d3c20 php-pgsql-4.3.2-40.ent.ia64.rpm

ppc:
3e189182e17922c9daee13ff52f669ed php-4.3.2-40.ent.ppc.rpm
d27bed9e8850e0d6a056fa547ebc0c24 php-debuginfo-4.3.2-40.ent.ppc.rpm
c40c8bd36612d53eda6f5de9f1a9c4b4 php-devel-4.3.2-40.ent.ppc.rpm
04cf5dccd60a060528f09146fdf6fa60 php-imap-4.3.2-40.ent.ppc.rpm
e06a27348e9b05710785dcc4b6e7bc4f php-ldap-4.3.2-40.ent.ppc.rpm
a628721aa86e2c320ebf1a6321616bf1 php-mysql-4.3.2-40.ent.ppc.rpm
12f1179b6bff0aa9054011f33c14acd5 php-odbc-4.3.2-40.ent.ppc.rpm
ede204fd5316d57e7e13dc89a3667656 php-pgsql-4.3.2-40.ent.ppc.rpm

s390:
1090cad41dd8ca0b90f9edaedb394016 php-4.3.2-40.ent.s390.rpm
701de4979a162cb6116540bf96571815 php-debuginfo-4.3.2-40.ent.s390.rpm
f32c4b53db882dcd82807437b98d8dd5 php-devel-4.3.2-40.ent.s390.rpm
9c0690db93d5de48d1ce41572812024d php-imap-4.3.2-40.ent.s390.rpm
d26feeb70c11b92ac9ed1d198f380551 php-ldap-4.3.2-40.ent.s390.rpm
8f8013e5d0661a4c465cc37baab64927 php-mysql-4.3.2-40.ent.s390.rpm
fc19db463a2ad003efe029a1d654a81a php-odbc-4.3.2-40.ent.s390.rpm
f57cabeb2190115011c5158e9b4b44bd php-pgsql-4.3.2-40.ent.s390.rpm

s390x:
e442c097fc70c2515d8953d45fe4ce73 php-4.3.2-40.ent.s390x.rpm
24727ecb74139729b2430991c9f65504 php-debuginfo-4.3.2-40.ent.s390x.rpm
f32d9233c7c497b628e3a806247b0011 php-devel-4.3.2-40.ent.s390x.rpm
31163176e3c2a956c90444fea1cf0834 php-imap-4.3.2-40.ent.s390x.rpm
226d22dcd70a2640ce4faaf458be9351 php-ldap-4.3.2-40.ent.s390x.rpm
936033fbba4be66fbbf8e0d4f88c74f9 php-mysql-4.3.2-40.ent.s390x.rpm
d1c553c7eac38f093b08ed80c67c026b php-odbc-4.3.2-40.ent.s390x.rpm
de691c97c6a136525510a1c65b01d7c1 php-pgsql-4.3.2-40.ent.s390x.rpm

x86_64:
8b6bf435c86d7b65640ed8ce38f0ea45 php-4.3.2-40.ent.x86_64.rpm
5ed7565047dd22f732d246470945dc2b php-debuginfo-4.3.2-40.ent.x86_64.rpm
e4ea9b7a4dfa2c24b75dbd643b1667d5 php-devel-4.3.2-40.ent.x86_64.rpm
c852bd2f4ee5cbe115054d453226f7ad php-imap-4.3.2-40.ent.x86_64.rpm
a9f31f47e63a7d4805208b616acfeea4 php-ldap-4.3.2-40.ent.x86_64.rpm
8333dc142c53aa163626df94dca7171a php-mysql-4.3.2-40.ent.x86_64.rpm
64dd8ab0c2649a66c4d664a35607b0f1 php-odbc-4.3.2-40.ent.x86_64.rpm
93ba10a377133db7023559ba04cd19d0 php-pgsql-4.3.2-40.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-40.ent.src.rpm
7e86609bb9e811532c0c85f5c29aadf6 php-4.3.2-40.ent.src.rpm

i386:
5855234b933b66fd1b38d93b95418e36 php-4.3.2-40.ent.i386.rpm
dd4b6a49cbeeb001a0c0dcfcf0963607 php-debuginfo-4.3.2-40.ent.i386.rpm
726a6a36fc362508b93f23e784c76bba php-devel-4.3.2-40.ent.i386.rpm
b012de2b5ec4e0479662403585efffd6 php-imap-4.3.2-40.ent.i386.rpm
5e8c4165ebd99f0c066f0cd0d386d88f php-ldap-4.3.2-40.ent.i386.rpm
96fa828e93e5959287ce42aebd5abcd8 php-mysql-4.3.2-40.ent.i386.rpm
46078615f2a34ad087daa0853f8d034e php-odbc-4.3.2-40.ent.i386.rpm
3cead419f1826fb8a87ec873be4ac3c6 php-pgsql-4.3.2-40.ent.i386.rpm

x86_64:
8b6bf435c86d7b65640ed8ce38f0ea45 php-4.3.2-40.ent.x86_64.rpm
5ed7565047dd22f732d246470945dc2b php-debuginfo-4.3.2-40.ent.x86_64.rpm
e4ea9b7a4dfa2c24b75dbd643b1667d5 php-devel-4.3.2-40.ent.x86_64.rpm
c852bd2f4ee5cbe115054d453226f7ad php-imap-4.3.2-40.ent.x86_64.rpm
a9f31f47e63a7d4805208b616acfeea4 php-ldap-4.3.2-40.ent.x86_64.rpm
8333dc142c53aa163626df94dca7171a php-mysql-4.3.2-40.ent.x86_64.rpm
64dd8ab0c2649a66c4d664a35607b0f1 php-odbc-4.3.2-40.ent.x86_64.rpm
93ba10a377133db7023559ba04cd19d0 php-pgsql-4.3.2-40.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-40.ent.src.rpm
7e86609bb9e811532c0c85f5c29aadf6 php-4.3.2-40.ent.src.rpm

i386:
5855234b933b66fd1b38d93b95418e36 php-4.3.2-40.ent.i386.rpm
dd4b6a49cbeeb001a0c0dcfcf0963607 php-debuginfo-4.3.2-40.ent.i386.rpm
726a6a36fc362508b93f23e784c76bba php-devel-4.3.2-40.ent.i386.rpm
b012de2b5ec4e0479662403585efffd6 php-imap-4.3.2-40.ent.i386.rpm
5e8c4165ebd99f0c066f0cd0d386d88f php-ldap-4.3.2-40.ent.i386.rpm
96fa828e93e5959287ce42aebd5abcd8 php-mysql-4.3.2-40.ent.i386.rpm
46078615f2a34ad087daa0853f8d034e php-odbc-4.3.2-40.ent.i386.rpm
3cead419f1826fb8a87ec873be4ac3c6 php-pgsql-4.3.2-40.ent.i386.rpm

ia64:
f94a6c8b571d82ee18a8644d87c590ae php-4.3.2-40.ent.ia64.rpm
d8c1d8be8220080cea88a43ee501f015 php-debuginfo-4.3.2-40.ent.ia64.rpm
675f141a212250fe1b261977cb06d663 php-devel-4.3.2-40.ent.ia64.rpm
a94c845cb1a0f6efb1b93a9ce861deae php-imap-4.3.2-40.ent.ia64.rpm
10a8b591e979cf4de740b8201713f9c6 php-ldap-4.3.2-40.ent.ia64.rpm
6e84db87339583f63a328e2f2874fcbc php-mysql-4.3.2-40.ent.ia64.rpm
c3b8d618680e1729929672a4fea44a8f php-odbc-4.3.2-40.ent.ia64.rpm
1e7e8bf549ac53207e500d7f2f6d3c20 php-pgsql-4.3.2-40.ent.ia64.rpm

x86_64:
8b6bf435c86d7b65640ed8ce38f0ea45 php-4.3.2-40.ent.x86_64.rpm
5ed7565047dd22f732d246470945dc2b php-debuginfo-4.3.2-40.ent.x86_64.rpm
e4ea9b7a4dfa2c24b75dbd643b1667d5 php-devel-4.3.2-40.ent.x86_64.rpm
c852bd2f4ee5cbe115054d453226f7ad php-imap-4.3.2-40.ent.x86_64.rpm
a9f31f47e63a7d4805208b616acfeea4 php-ldap-4.3.2-40.ent.x86_64.rpm
8333dc142c53aa163626df94dca7171a php-mysql-4.3.2-40.ent.x86_64.rpm
64dd8ab0c2649a66c4d664a35607b0f1 php-odbc-4.3.2-40.ent.x86_64.rpm
93ba10a377133db7023559ba04cd19d0 php-pgsql-4.3.2-40.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-40.ent.src.rpm
7e86609bb9e811532c0c85f5c29aadf6 php-4.3.2-40.ent.src.rpm

i386:
5855234b933b66fd1b38d93b95418e36 php-4.3.2-40.ent.i386.rpm
dd4b6a49cbeeb001a0c0dcfcf0963607 php-debuginfo-4.3.2-40.ent.i386.rpm
726a6a36fc362508b93f23e784c76bba php-devel-4.3.2-40.ent.i386.rpm
b012de2b5ec4e0479662403585efffd6 php-imap-4.3.2-40.ent.i386.rpm
5e8c4165ebd99f0c066f0cd0d386d88f php-ldap-4.3.2-40.ent.i386.rpm
96fa828e93e5959287ce42aebd5abcd8 php-mysql-4.3.2-40.ent.i386.rpm
46078615f2a34ad087daa0853f8d034e php-odbc-4.3.2-40.ent.i386.rpm
3cead419f1826fb8a87ec873be4ac3c6 php-pgsql-4.3.2-40.ent.i386.rpm

ia64:
f94a6c8b571d82ee18a8644d87c590ae php-4.3.2-40.ent.ia64.rpm
d8c1d8be8220080cea88a43ee501f015 php-debuginfo-4.3.2-40.ent.ia64.rpm
675f141a212250fe1b261977cb06d663 php-devel-4.3.2-40.ent.ia64.rpm
a94c845cb1a0f6efb1b93a9ce861deae php-imap-4.3.2-40.ent.ia64.rpm
10a8b591e979cf4de740b8201713f9c6 php-ldap-4.3.2-40.ent.ia64.rpm
6e84db87339583f63a328e2f2874fcbc php-mysql-4.3.2-40.ent.ia64.rpm
c3b8d618680e1729929672a4fea44a8f php-odbc-4.3.2-40.ent.ia64.rpm
1e7e8bf549ac53207e500d7f2f6d3c20 php-pgsql-4.3.2-40.ent.ia64.rpm

x86_64:
8b6bf435c86d7b65640ed8ce38f0ea45 php-4.3.2-40.ent.x86_64.rpm
5ed7565047dd22f732d246470945dc2b php-debuginfo-4.3.2-40.ent.x86_64.rpm
e4ea9b7a4dfa2c24b75dbd643b1667d5 php-devel-4.3.2-40.ent.x86_64.rpm
c852bd2f4ee5cbe115054d453226f7ad php-imap-4.3.2-40.ent.x86_64.rpm
a9f31f47e63a7d4805208b616acfeea4 php-ldap-4.3.2-40.ent.x86_64.rpm
8333dc142c53aa163626df94dca7171a php-mysql-4.3.2-40.ent.x86_64.rpm
64dd8ab0c2649a66c4d664a35607b0f1 php-odbc-4.3.2-40.ent.x86_64.rpm
93ba10a377133db7023559ba04cd19d0 php-pgsql-4.3.2-40.ent.x86_64.rpm

Red Hat Enterprise Linux AS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4AS/en/os/SRPMS/php-4.3.9-3.22.4.src.rpm
7330219fc5d750d1aec2d355841e417d php-4.3.9-3.22.4.src.rpm

i386:
d80d07c71b74894fc8bd5358ecc97ff2 php-4.3.9-3.22.4.i386.rpm
c6e4ba07f8d18cb5a60be16d93f6dfa4 php-debuginfo-4.3.9-3.22.4.i386.rpm
3d8e4694679eaf8873e1ec406eb997b5 php-devel-4.3.9-3.22.4.i386.rpm
fe67e313ea5de21fc8248f36b20b12bd php-domxml-4.3.9-3.22.4.i386.rpm
daf7563b49ea749530c84e0843f0c0e3 php-gd-4.3.9-3.22.4.i386.rpm
dd2dd40935805d96afeb0e009275b752 php-imap-4.3.9-3.22.4.i386.rpm
7b84f5f9775c6608656bc36469ae35e7 php-ldap-4.3.9-3.22.4.i386.rpm
d171c6b6cfcf482cc53b795376301b68 php-mbstring-4.3.9-3.22.4.i386.rpm
11cd6fffc797629f33eb5acc7804d9b3 php-mysql-4.3.9-3.22.4.i386.rpm
1b5170379bd7cce735ef7d12ff0ef0a2 php-ncurses-4.3.9-3.22.4.i386.rpm
aeeeea0fa3d2435367558ed30fe8a564 php-odbc-4.3.9-3.22.4.i386.rpm
c30e561191dd5a75efa2ee62c8c1c92b php-pear-4.3.9-3.22.4.i386.rpm
38bf004f549fceb5c67e63e90b14c38b php-pgsql-4.3.9-3.22.4.i386.rpm
00ef3f0015e7bad3a96368a53211fd2d php-snmp-4.3.9-3.22.4.i386.rpm
a507c9759c585eb98b38257524a34630 php-xmlrpc-4.3.9-3.22.4.i386.rpm

ia64:
1a342c764b41425436d60c0e742b1158 php-4.3.9-3.22.4.ia64.rpm
1e405119359a4713a157630fcd65e55a php-debuginfo-4.3.9-3.22.4.ia64.rpm
18fc4a94c9930906a61830b405746cbb php-devel-4.3.9-3.22.4.ia64.rpm
f6d5489af882e087ca5b33e3c46b7b5a php-domxml-4.3.9-3.22.4.ia64.rpm
1129ac5ac05d179a7aa6fafc61575699 php-gd-4.3.9-3.22.4.ia64.rpm
8423e399a99914b1fde2198e76c42607 php-imap-4.3.9-3.22.4.ia64.rpm
b1dc268a9a3e374dd2636f96eade5b71 php-ldap-4.3.9-3.22.4.ia64.rpm
9fe9c062a2a1e8aa6b53510c8111baf7 php-mbstring-4.3.9-3.22.4.ia64.rpm
da9d4d4b5b37a6b991001dd2d1a57833 php-mysql-4.3.9-3.22.4.ia64.rpm
8927b1f414b9df7c3285724f0e1a3ff0 php-ncurses-4.3.9-3.22.4.ia64.rpm
a8ae9a8a0668fb30e5d0daea11c671f4 php-odbc-4.3.9-3.22.4.ia64.rpm
120fcaf6f9dc847c7c83cd546d0472de php-pear-4.3.9-3.22.4.ia64.rpm
21d4ca5bf779bf3ff832e4f428ad61d7 php-pgsql-4.3.9-3.22.4.ia64.rpm
3df235bffeaed837cc410a7fcf3af963 php-snmp-4.3.9-3.22.4.ia64.rpm
14d89ef4e5fff6a46a207b9853d7988c php-xmlrpc-4.3.9-3.22.4.ia64.rpm

ppc:
c4e83a7dcf3cc379cf35c6ef5f22a114 php-4.3.9-3.22.4.ppc.rpm
2d079520fdce27f0540682fb6e8731f1 php-debuginfo-4.3.9-3.22.4.ppc.rpm
486731bee27a528d5eddc49aa840777c php-devel-4.3.9-3.22.4.ppc.rpm
d64f5b08e93ff3c6a066d7b9babd5929 php-domxml-4.3.9-3.22.4.ppc.rpm
b9cf5f3ec300ea06a0991cc0e31596c9 php-gd-4.3.9-3.22.4.ppc.rpm
e333e79151a8e3c8915f642b62e4552c php-imap-4.3.9-3.22.4.ppc.rpm
599311ca5a32c044f4ca5b5dc31938ff php-ldap-4.3.9-3.22.4.ppc.rpm
673f150ab1e064fb338ff76c91469b17 php-mbstring-4.3.9-3.22.4.ppc.rpm
79a11655dbf6507d671ba5b79d18e9a7 php-mysql-4.3.9-3.22.4.ppc.rpm
6ebe5e5eeb3643f5e2ca465e1588bf5d php-ncurses-4.3.9-3.22.4.ppc.rpm
36b7af9c7b3e35635df3fd915db91c4c php-odbc-4.3.9-3.22.4.ppc.rpm
549ca3cff08ec3f189ac4a401a50aeb7 php-pear-4.3.9-3.22.4.ppc.rpm
d7e75f1f9ed7a18e8428a27ef1a876f9 php-pgsql-4.3.9-3.22.4.ppc.rpm
aaf083facc7c5e92df3440a3b51269d7 php-snmp-4.3.9-3.22.4.ppc.rpm
beb798a1a5306a6b654a5a27805b65b3 php-xmlrpc-4.3.9-3.22.4.ppc.rpm

s390:
0e42e5f89bbfd1bab591cd75f6175b17 php-4.3.9-3.22.4.s390.rpm
95ff98e51138843e1f098ddf8fcd7c4b php-debuginfo-4.3.9-3.22.4.s390.rpm
bb896db1aa137ccc312daea96f47d829 php-devel-4.3.9-3.22.4.s390.rpm
0a93f6543f57047455ad44a37718bd4c php-domxml-4.3.9-3.22.4.s390.rpm
60a50d204e94557dd21327b1d1d97626 php-gd-4.3.9-3.22.4.s390.rpm
b0ea6138bd8cc9c960e1e419693c3f47 php-imap-4.3.9-3.22.4.s390.rpm
928d77e4b2805019d55d816d138ca279 php-ldap-4.3.9-3.22.4.s390.rpm
ac9c7dcd16b89844d3b6015da47bbf29 php-mbstring-4.3.9-3.22.4.s390.rpm
ff0d1435d14cbee5152e5a5d77806418 php-mysql-4.3.9-3.22.4.s390.rpm
57b745fb59f567c9cf0e5783508ecc80 php-ncurses-4.3.9-3.22.4.s390.rpm
4050e30e871a5c809d2e5ec62bb8c6c8 php-odbc-4.3.9-3.22.4.s390.rpm
c9d4e0d6645da86590bd1ef69278301f php-pear-4.3.9-3.22.4.s390.rpm
dc5afc96ca889d8b594262ae38623526 php-pgsql-4.3.9-3.22.4.s390.rpm
45047a67bf062503d206b08cc38b692c php-snmp-4.3.9-3.22.4.s390.rpm
2b05f446eb53f28995e38a739cb0c65b php-xmlrpc-4.3.9-3.22.4.s390.rpm

s390x:
4a33d21727e8e617be56366c6d492618 php-4.3.9-3.22.4.s390x.rpm
376114b6fa415c273327800961e3e4a6 php-debuginfo-4.3.9-3.22.4.s390x.rpm
78b03350ee0bca56d8225352378ceca0 php-devel-4.3.9-3.22.4.s390x.rpm
51658ad34da8a3cf0c7e762b28563bb2 php-domxml-4.3.9-3.22.4.s390x.rpm
b265ce79ffc2359b0ad8dc1173496975 php-gd-4.3.9-3.22.4.s390x.rpm
d6defd52d9a2f9917729c329bae5ab49 php-imap-4.3.9-3.22.4.s390x.rpm
363ea6951d71728402c89a33ba9d859d php-ldap-4.3.9-3.22.4.s390x.rpm
e49224a6d62b8c6ee8ceb4e71cb8d567 php-mbstring-4.3.9-3.22.4.s390x.rpm
a41764ca4bf31cc334a2d02e65943c66 php-mysql-4.3.9-3.22.4.s390x.rpm
5808a3300e0e5014b29698978e378fef php-ncurses-4.3.9-3.22.4.s390x.rpm
046524343a95dd66c25ac3d6c804beab php-odbc-4.3.9-3.22.4.s390x.rpm
1bdba041c96a00fb9c5fe5b01c62e519 php-pear-4.3.9-3.22.4.s390x.rpm
35302f2c701f3cb5a01ba67195247fad php-pgsql-4.3.9-3.22.4.s390x.rpm
56b3c7012faf8de40ff48776df889ea8 php-snmp-4.3.9-3.22.4.s390x.rpm
ce3db221e250d9cf3aeae3ba93f8011a php-xmlrpc-4.3.9-3.22.4.s390x.rpm

x86_64:
6ddc3f5dbfed8b09eb34f03c8fd584a8 php-4.3.9-3.22.4.x86_64.rpm
0af1cffb8b27f5809ecefb418e2ea13f php-debuginfo-4.3.9-3.22.4.x86_64.rpm
17337c831a0e67a71c34fffeda909b5d php-devel-4.3.9-3.22.4.x86_64.rpm
a7277789d5cdbfa67c2a279c990a40fd php-domxml-4.3.9-3.22.4.x86_64.rpm
1575f28a5751a971c1061cc886d2530c php-gd-4.3.9-3.22.4.x86_64.rpm
66e018d19a5ea7c5c88919f1c2a6f9b5 php-imap-4.3.9-3.22.4.x86_64.rpm
e7b8f8ada270244056dda1894db8c14f php-ldap-4.3.9-3.22.4.x86_64.rpm
724f1fc8186ac166328f0647be3544e4 php-mbstring-4.3.9-3.22.4.x86_64.rpm
61a40a74a6fd87337ef6fafd327f1620 php-mysql-4.3.9-3.22.4.x86_64.rpm
9554de6a9fa1d8480186e9f908c7b6f4 php-ncurses-4.3.9-3.22.4.x86_64.rpm
8f1235e1638b6394601a16895e41037d php-odbc-4.3.9-3.22.4.x86_64.rpm
a911be4741f84167ff4da53f0c553991 php-pear-4.3.9-3.22.4.x86_64.rpm
96f69680aa0d3d69a67334367d0f81ea php-pgsql-4.3.9-3.22.4.x86_64.rpm
b6e4e81d7cf6391eb6844b2625616310 php-snmp-4.3.9-3.22.4.x86_64.rpm
4e96d2993c1c0502fff02fc5f2971a50 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm

Red Hat Enterprise Linux Desktop version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4Desktop/en/os/SRPMS/php-4.3.9-3.22.4.src.rpm
7330219fc5d750d1aec2d355841e417d php-4.3.9-3.22.4.src.rpm

i386:
d80d07c71b74894fc8bd5358ecc97ff2 php-4.3.9-3.22.4.i386.rpm
c6e4ba07f8d18cb5a60be16d93f6dfa4 php-debuginfo-4.3.9-3.22.4.i386.rpm
3d8e4694679eaf8873e1ec406eb997b5 php-devel-4.3.9-3.22.4.i386.rpm
fe67e313ea5de21fc8248f36b20b12bd php-domxml-4.3.9-3.22.4.i386.rpm
daf7563b49ea749530c84e0843f0c0e3 php-gd-4.3.9-3.22.4.i386.rpm
dd2dd40935805d96afeb0e009275b752 php-imap-4.3.9-3.22.4.i386.rpm
7b84f5f9775c6608656bc36469ae35e7 php-ldap-4.3.9-3.22.4.i386.rpm
d171c6b6cfcf482cc53b795376301b68 php-mbstring-4.3.9-3.22.4.i386.rpm
11cd6fffc797629f33eb5acc7804d9b3 php-mysql-4.3.9-3.22.4.i386.rpm
1b5170379bd7cce735ef7d12ff0ef0a2 php-ncurses-4.3.9-3.22.4.i386.rpm
aeeeea0fa3d2435367558ed30fe8a564 php-odbc-4.3.9-3.22.4.i386.rpm
c30e561191dd5a75efa2ee62c8c1c92b php-pear-4.3.9-3.22.4.i386.rpm
38bf004f549fceb5c67e63e90b14c38b php-pgsql-4.3.9-3.22.4.i386.rpm
00ef3f0015e7bad3a96368a53211fd2d php-snmp-4.3.9-3.22.4.i386.rpm
a507c9759c585eb98b38257524a34630 php-xmlrpc-4.3.9-3.22.4.i386.rpm

x86_64:
6ddc3f5dbfed8b09eb34f03c8fd584a8 php-4.3.9-3.22.4.x86_64.rpm
0af1cffb8b27f5809ecefb418e2ea13f php-debuginfo-4.3.9-3.22.4.x86_64.rpm
17337c831a0e67a71c34fffeda909b5d php-devel-4.3.9-3.22.4.x86_64.rpm
a7277789d5cdbfa67c2a279c990a40fd php-domxml-4.3.9-3.22.4.x86_64.rpm
1575f28a5751a971c1061cc886d2530c php-gd-4.3.9-3.22.4.x86_64.rpm
66e018d19a5ea7c5c88919f1c2a6f9b5 php-imap-4.3.9-3.22.4.x86_64.rpm
e7b8f8ada270244056dda1894db8c14f php-ldap-4.3.9-3.22.4.x86_64.rpm
724f1fc8186ac166328f0647be3544e4 php-mbstring-4.3.9-3.22.4.x86_64.rpm
61a40a74a6fd87337ef6fafd327f1620 php-mysql-4.3.9-3.22.4.x86_64.rpm
9554de6a9fa1d8480186e9f908c7b6f4 php-ncurses-4.3.9-3.22.4.x86_64.rpm
8f1235e1638b6394601a16895e41037d php-odbc-4.3.9-3.22.4.x86_64.rpm
a911be4741f84167ff4da53f0c553991 php-pear-4.3.9-3.22.4.x86_64.rpm
96f69680aa0d3d69a67334367d0f81ea php-pgsql-4.3.9-3.22.4.x86_64.rpm
b6e4e81d7cf6391eb6844b2625616310 php-snmp-4.3.9-3.22.4.x86_64.rpm
4e96d2993c1c0502fff02fc5f2971a50 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm

Red Hat Enterprise Linux ES version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4ES/en/os/SRPMS/php-4.3.9-3.22.4.src.rpm
7330219fc5d750d1aec2d355841e417d php-4.3.9-3.22.4.src.rpm

i386:
d80d07c71b74894fc8bd5358ecc97ff2 php-4.3.9-3.22.4.i386.rpm
c6e4ba07f8d18cb5a60be16d93f6dfa4 php-debuginfo-4.3.9-3.22.4.i386.rpm
3d8e4694679eaf8873e1ec406eb997b5 php-devel-4.3.9-3.22.4.i386.rpm
fe67e313ea5de21fc8248f36b20b12bd php-domxml-4.3.9-3.22.4.i386.rpm
daf7563b49ea749530c84e0843f0c0e3 php-gd-4.3.9-3.22.4.i386.rpm
dd2dd40935805d96afeb0e009275b752 php-imap-4.3.9-3.22.4.i386.rpm
7b84f5f9775c6608656bc36469ae35e7 php-ldap-4.3.9-3.22.4.i386.rpm
d171c6b6cfcf482cc53b795376301b68 php-mbstring-4.3.9-3.22.4.i386.rpm
11cd6fffc797629f33eb5acc7804d9b3 php-mysql-4.3.9-3.22.4.i386.rpm
1b5170379bd7cce735ef7d12ff0ef0a2 php-ncurses-4.3.9-3.22.4.i386.rpm
aeeeea0fa3d2435367558ed30fe8a564 php-odbc-4.3.9-3.22.4.i386.rpm
c30e561191dd5a75efa2ee62c8c1c92b php-pear-4.3.9-3.22.4.i386.rpm
38bf004f549fceb5c67e63e90b14c38b php-pgsql-4.3.9-3.22.4.i386.rpm
00ef3f0015e7bad3a96368a53211fd2d php-snmp-4.3.9-3.22.4.i386.rpm
a507c9759c585eb98b38257524a34630 php-xmlrpc-4.3.9-3.22.4.i386.rpm

ia64:
1a342c764b41425436d60c0e742b1158 php-4.3.9-3.22.4.ia64.rpm
1e405119359a4713a157630fcd65e55a php-debuginfo-4.3.9-3.22.4.ia64.rpm
18fc4a94c9930906a61830b405746cbb php-devel-4.3.9-3.22.4.ia64.rpm
f6d5489af882e087ca5b33e3c46b7b5a php-domxml-4.3.9-3.22.4.ia64.rpm
1129ac5ac05d179a7aa6fafc61575699 php-gd-4.3.9-3.22.4.ia64.rpm
8423e399a99914b1fde2198e76c42607 php-imap-4.3.9-3.22.4.ia64.rpm
b1dc268a9a3e374dd2636f96eade5b71 php-ldap-4.3.9-3.22.4.ia64.rpm
9fe9c062a2a1e8aa6b53510c8111baf7 php-mbstring-4.3.9-3.22.4.ia64.rpm
da9d4d4b5b37a6b991001dd2d1a57833 php-mysql-4.3.9-3.22.4.ia64.rpm
8927b1f414b9df7c3285724f0e1a3ff0 php-ncurses-4.3.9-3.22.4.ia64.rpm
a8ae9a8a0668fb30e5d0daea11c671f4 php-odbc-4.3.9-3.22.4.ia64.rpm
120fcaf6f9dc847c7c83cd546d0472de php-pear-4.3.9-3.22.4.ia64.rpm
21d4ca5bf779bf3ff832e4f428ad61d7 php-pgsql-4.3.9-3.22.4.ia64.rpm
3df235bffeaed837cc410a7fcf3af963 php-snmp-4.3.9-3.22.4.ia64.rpm
14d89ef4e5fff6a46a207b9853d7988c php-xmlrpc-4.3.9-3.22.4.ia64.rpm

x86_64:
6ddc3f5dbfed8b09eb34f03c8fd584a8 php-4.3.9-3.22.4.x86_64.rpm
0af1cffb8b27f5809ecefb418e2ea13f php-debuginfo-4.3.9-3.22.4.x86_64.rpm
17337c831a0e67a71c34fffeda909b5d php-devel-4.3.9-3.22.4.x86_64.rpm
a7277789d5cdbfa67c2a279c990a40fd php-domxml-4.3.9-3.22.4.x86_64.rpm
1575f28a5751a971c1061cc886d2530c php-gd-4.3.9-3.22.4.x86_64.rpm
66e018d19a5ea7c5c88919f1c2a6f9b5 php-imap-4.3.9-3.22.4.x86_64.rpm
e7b8f8ada270244056dda1894db8c14f php-ldap-4.3.9-3.22.4.x86_64.rpm
724f1fc8186ac166328f0647be3544e4 php-mbstring-4.3.9-3.22.4.x86_64.rpm
61a40a74a6fd87337ef6fafd327f1620 php-mysql-4.3.9-3.22.4.x86_64.rpm
9554de6a9fa1d8480186e9f908c7b6f4 php-ncurses-4.3.9-3.22.4.x86_64.rpm
8f1235e1638b6394601a16895e41037d php-odbc-4.3.9-3.22.4.x86_64.rpm
a911be4741f84167ff4da53f0c553991 php-pear-4.3.9-3.22.4.x86_64.rpm
96f69680aa0d3d69a67334367d0f81ea php-pgsql-4.3.9-3.22.4.x86_64.rpm
b6e4e81d7cf6391eb6844b2625616310 php-snmp-4.3.9-3.22.4.x86_64.rpm
4e96d2993c1c0502fff02fc5f2971a50 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm

Red Hat Enterprise Linux WS version 4:

SRPMS:
ftp://updates.redhat.com/enterprise/4WS/en/os/SRPMS/php-4.3.9-3.22.4.src.rpm
7330219fc5d750d1aec2d355841e417d php-4.3.9-3.22.4.src.rpm

i386:
d80d07c71b74894fc8bd5358ecc97ff2 php-4.3.9-3.22.4.i386.rpm
c6e4ba07f8d18cb5a60be16d93f6dfa4 php-debuginfo-4.3.9-3.22.4.i386.rpm
3d8e4694679eaf8873e1ec406eb997b5 php-devel-4.3.9-3.22.4.i386.rpm
fe67e313ea5de21fc8248f36b20b12bd php-domxml-4.3.9-3.22.4.i386.rpm
daf7563b49ea749530c84e0843f0c0e3 php-gd-4.3.9-3.22.4.i386.rpm
dd2dd40935805d96afeb0e009275b752 php-imap-4.3.9-3.22.4.i386.rpm
7b84f5f9775c6608656bc36469ae35e7 php-ldap-4.3.9-3.22.4.i386.rpm
d171c6b6cfcf482cc53b795376301b68 php-mbstring-4.3.9-3.22.4.i386.rpm
11cd6fffc797629f33eb5acc7804d9b3 php-mysql-4.3.9-3.22.4.i386.rpm
1b5170379bd7cce735ef7d12ff0ef0a2 php-ncurses-4.3.9-3.22.4.i386.rpm
aeeeea0fa3d2435367558ed30fe8a564 php-odbc-4.3.9-3.22.4.i386.rpm
c30e561191dd5a75efa2ee62c8c1c92b php-pear-4.3.9-3.22.4.i386.rpm
38bf004f549fceb5c67e63e90b14c38b php-pgsql-4.3.9-3.22.4.i386.rpm
00ef3f0015e7bad3a96368a53211fd2d php-snmp-4.3.9-3.22.4.i386.rpm
a507c9759c585eb98b38257524a34630 php-xmlrpc-4.3.9-3.22.4.i386.rpm

ia64:
1a342c764b41425436d60c0e742b1158 php-4.3.9-3.22.4.ia64.rpm
1e405119359a4713a157630fcd65e55a php-debuginfo-4.3.9-3.22.4.ia64.rpm
18fc4a94c9930906a61830b405746cbb php-devel-4.3.9-3.22.4.ia64.rpm
f6d5489af882e087ca5b33e3c46b7b5a php-domxml-4.3.9-3.22.4.ia64.rpm
1129ac5ac05d179a7aa6fafc61575699 php-gd-4.3.9-3.22.4.ia64.rpm
8423e399a99914b1fde2198e76c42607 php-imap-4.3.9-3.22.4.ia64.rpm
b1dc268a9a3e374dd2636f96eade5b71 php-ldap-4.3.9-3.22.4.ia64.rpm
9fe9c062a2a1e8aa6b53510c8111baf7 php-mbstring-4.3.9-3.22.4.ia64.rpm
da9d4d4b5b37a6b991001dd2d1a57833 php-mysql-4.3.9-3.22.4.ia64.rpm
8927b1f414b9df7c3285724f0e1a3ff0 php-ncurses-4.3.9-3.22.4.ia64.rpm
a8ae9a8a0668fb30e5d0daea11c671f4 php-odbc-4.3.9-3.22.4.ia64.rpm
120fcaf6f9dc847c7c83cd546d0472de php-pear-4.3.9-3.22.4.ia64.rpm
21d4ca5bf779bf3ff832e4f428ad61d7 php-pgsql-4.3.9-3.22.4.ia64.rpm
3df235bffeaed837cc410a7fcf3af963 php-snmp-4.3.9-3.22.4.ia64.rpm
14d89ef4e5fff6a46a207b9853d7988c php-xmlrpc-4.3.9-3.22.4.ia64.rpm

x86_64:
6ddc3f5dbfed8b09eb34f03c8fd584a8 php-4.3.9-3.22.4.x86_64.rpm
0af1cffb8b27f5809ecefb418e2ea13f php-debuginfo-4.3.9-3.22.4.x86_64.rpm
17337c831a0e67a71c34fffeda909b5d php-devel-4.3.9-3.22.4.x86_64.rpm
a7277789d5cdbfa67c2a279c990a40fd php-domxml-4.3.9-3.22.4.x86_64.rpm
1575f28a5751a971c1061cc886d2530c php-gd-4.3.9-3.22.4.x86_64.rpm
66e018d19a5ea7c5c88919f1c2a6f9b5 php-imap-4.3.9-3.22.4.x86_64.rpm
e7b8f8ada270244056dda1894db8c14f php-ldap-4.3.9-3.22.4.x86_64.rpm
724f1fc8186ac166328f0647be3544e4 php-mbstring-4.3.9-3.22.4.x86_64.rpm
61a40a74a6fd87337ef6fafd327f1620 php-mysql-4.3.9-3.22.4.x86_64.rpm
9554de6a9fa1d8480186e9f908c7b6f4 php-ncurses-4.3.9-3.22.4.x86_64.rpm
8f1235e1638b6394601a16895e41037d php-odbc-4.3.9-3.22.4.x86_64.rpm
a911be4741f84167ff4da53f0c553991 php-pear-4.3.9-3.22.4.x86_64.rpm
96f69680aa0d3d69a67334367d0f81ea php-pgsql-4.3.9-3.22.4.x86_64.rpm
b6e4e81d7cf6391eb6844b2625616310 php-snmp-4.3.9-3.22.4.x86_64.rpm
4e96d2993c1c0502fff02fc5f2971a50 php-xmlrpc-4.3.9-3.22.4.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://www.redhat.com/security/team/key/#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1285
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1286
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1711
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
http://www.redhat.com/security/updates/classification/#important

8. Contact:

The Red Hat security contact is lt;secalert@redhat.comgt;. More contact
details at https://www.redhat.com/security/team/contact/

Copyright 2007 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.4 (GNU/Linux)

iD8DBQFGI5jwXlSAg2UNWIIRApPgAKCO86kXQZ/u55xClHmjLCKYpXb+ngCdGs5e
//yRmqD0d/c9kqfb7KeJ7fk=
=7vsN
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/rhsa_20070155_01_important_php_security_update.html)