USN-320-2: php4 regression
Posted on: 07/26/2006 02:12 PM

A new php4 regression update is available for Ubuntu Linux. Here the announcement:

Ubuntu Security Notice USN-320-2 July 26, 2006
php4 regression
https://launchpad.net/bugs/53581
==========================
==========================
=========

A security issue affects the following Ubuntu releases:

Ubuntu 5.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
libapache2-mod-php4 4:4.3.10-10ubuntu4.6
php4-cgi 4:4.3.10-10ubuntu4.6
php4-cli 4:4.3.10-10ubuntu4.6

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-320-2 fixed several vulnerabilities in PHP. James Manning
discovered that the Ubuntu 5.04 update introduced a regression, the
function tempnam() caused a crash of the PHP interpreter in some
circumstances. The updated packages fix this.

We apologize for the inconvenience.


Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu=
4.6.diff.gz
Size/MD5: 281956 1c914659e6f61602a9f71b8d37b3392b
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu=
4.6.dsc
Size/MD5: 1469 17a8050464f1dbbb1fabb99343a5c6cf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10.orig.tar=
.gz
Size/MD5: 4892209 73f5d1f42e34efa534a09c6091b5a21e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu=
4.6_all.deb
Size/MD5: 1126 a05b26a1ea93b28d73b94422da467918

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_=
4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 1657558 9d8d66e9cb31cb87294b6233fa927e33
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ub=
untu4.6_amd64.deb
Size/MD5: 3275316 4423f48ce31f2f3334506b23f02fedb8
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ub=
untu4.6_amd64.deb
Size/MD5: 1647604 e79fed2516655fc81564e8fe0f488bea
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-1=
0ubuntu4.6_amd64.deb
Size/MD5: 168258 5252917d283455beea87dcfcd80d3bbf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ub=
untu4.6_amd64.deb
Size/MD5: 348252 d38144e70507eeeaccd0f0eb88201332

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_=
4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 1592844 ab4f524bf3b203661ca083fc6cbefb00
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ub=
untu4.6_i386.deb
Size/MD5: 3169886 0b56067b59dd1612562dc82fc6eede43
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ub=
untu4.6_i386.deb
Size/MD5: 1592924 86addeffabaa817733857dfed3e37b29
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-1=
0ubuntu4.6_i386.deb
Size/MD5: 168254 f0ed0ff02813d768a8e600f3646382ba
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ub=
untu4.6_i386.deb
Size/MD5: 348266 70238b0ae0790cd79c645720e66eae19

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_=
4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 1658990 5769a9d9690042900e70f98432ed7d7a
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ub=
untu4.6_powerpc.deb
Size/MD5: 3278826 9a2287a0bf8e587ee651230d8e40b797
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ub=
untu4.6_powerpc.deb
Size/MD5: 1646196 a001bf1a15d25ae4354190d8c722e846
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-1=
0ubuntu4.6_powerpc.deb
Size/MD5: 168268 37293b3c08d1593bb55b73bce39cf6c3
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ub=
untu4.6_powerpc.deb
Size/MD5: 348282 257afdf00afb930d1fb294d12454ae3a

--4wkndigzIeYF6Hbg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEx0vcDecnbV4Fd/IRAkALAKCrBh5WSMZFmHBg3+POwBG8H1h4hQCfWbaQ
c5M2/fjo/d+ly1XrNnv2sZ0=
=+wmv
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/usn_320_2_php4_regression.html)