Welcome to our website
To take full advantage of all features you need to login or register. Registration is completely free and takes only a few seconds.
CESA-2005:1110-001 Moderate CentOS 4 i386 php - security update
Posted by Philipp Esselbach on: 11/11/2005 01:41 PM [ Print | 0 comment(s) ]
CentOS Errata and Security Advisory 2005:1110-001
Moderate CentOS 4 i386 php - security update
This CESA is for the version of php is that is included in the centosplus repo for CentOS-4 ... this is not an update to the main CentOS-4 repo.
------------------
Name : php
Version : 5.0.4 Vendor: CentOS
Release : 4.centos4 Build Date: Fri 11 Nov 2005
Install Date: (not installed) Build Host: build-i386
Group : Development/Languages
Source RPM: php-5.0.4-4.centos4.src.rpm
License: The PHP License
Packager : Johnny Hughes lt;johnny (at) centos.orggt;
Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext
Preprocessor)
------------------
Moderate CentOS 4 i386 php - security update
This CESA is for the version of php is that is included in the centosplus repo for CentOS-4 ... this is not an update to the main CentOS-4 repo.
------------------
Name : php
Version : 5.0.4 Vendor: CentOS
Release : 4.centos4 Build Date: Fri 11 Nov 2005
Install Date: (not installed) Build Host: build-i386
Group : Development/Languages
Source RPM: php-5.0.4-4.centos4.src.rpm
License: The PHP License
Packager : Johnny Hughes lt;johnny (at) centos.orggt;
Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext
Preprocessor)
------------------
Update Information:
This update is considered moderate by the CentOS Development Team.
This update includes several security fixes:
- fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390)
- a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389)
- fixes for Cross-Site Scripting flaws in the phpinfo()
output (CVE-2005-3388)
- a fix for a denial of service (process crash) in EXIF
image parsing (CVE-2005-3353)
All Users of PHP-5 from the CentOSPlus Repo should upgrade to these
updated packages.
More info is available at:
https://www.redhat.com/archives/fedora-announce-list/2005-November/msg00022
.html
https://rhn.redhat.com/errata/RHSA-2005-831.html
------------------------
The following updated files have been uploaded and are currently
syncing to the mirrors:
i386:
php-5.0.4-4.centos4.i386.rpm
php-bcmath-5.0.4-4.centos4.i386.rpm
php-dba-5.0.4-4.centos4.i386.rpm
php-devel-5.0.4-4.centos4.i386.rpm
php-gd-5.0.4-4.centos4.i386.rpm
php-imap-5.0.4-4.centos4.i386.rpm
php-ldap-5.0.4-4.centos4.i386.rpm
php-mbstring-5.0.4-4.centos4.i386.rpm
php-mysql-5.0.4-4.centos4.i386.rpm
php-ncurses-5.0.4-4.centos4.i386.rpm
php-odbc-5.0.4-4.centos4.i386.rpm
php-pear-5.0.4-4.centos4.i386.rpm
php-pgsql-5.0.4-4.centos4.i386.rpm
php-snmp-5.0.4-4.centos4.i386.rpm
php-soap-5.0.4-4.centos4.i386.rpm
php-xml-5.0.4-4.centos4.i386.rpm
php-xmlrpc-5.0.4-4.centos4.i386.rpm
src:
php-5.0.4-4.centos4.src.rpm
This update is considered moderate by the CentOS Development Team.
This update includes several security fixes:
- fixes for prevent malicious requests from overwriting the GLOBALS array (CVE-2005-3390)
- a fix to stop the parse_str() function from enabling the register_globals setting (CVE-2005-3389)
- fixes for Cross-Site Scripting flaws in the phpinfo()
output (CVE-2005-3388)
- a fix for a denial of service (process crash) in EXIF
image parsing (CVE-2005-3353)
All Users of PHP-5 from the CentOSPlus Repo should upgrade to these
updated packages.
More info is available at:
https://www.redhat.com/archives/fedora-announce-list/2005-November/msg00022
.html
https://rhn.redhat.com/errata/RHSA-2005-831.html
------------------------
The following updated files have been uploaded and are currently
syncing to the mirrors:
i386:
php-5.0.4-4.centos4.i386.rpm
php-bcmath-5.0.4-4.centos4.i386.rpm
php-dba-5.0.4-4.centos4.i386.rpm
php-devel-5.0.4-4.centos4.i386.rpm
php-gd-5.0.4-4.centos4.i386.rpm
php-imap-5.0.4-4.centos4.i386.rpm
php-ldap-5.0.4-4.centos4.i386.rpm
php-mbstring-5.0.4-4.centos4.i386.rpm
php-mysql-5.0.4-4.centos4.i386.rpm
php-ncurses-5.0.4-4.centos4.i386.rpm
php-odbc-5.0.4-4.centos4.i386.rpm
php-pear-5.0.4-4.centos4.i386.rpm
php-pgsql-5.0.4-4.centos4.i386.rpm
php-snmp-5.0.4-4.centos4.i386.rpm
php-soap-5.0.4-4.centos4.i386.rpm
php-xml-5.0.4-4.centos4.i386.rpm
php-xmlrpc-5.0.4-4.centos4.i386.rpm
src:
php-5.0.4-4.centos4.src.rpm
