[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Redhat : Updated PHP packages are available



---------------------------------------------------------------------
                   Red Hat, Inc. Red Hat Security Advisory

Synopsis:          Updated PHP packages are available
Advisory ID:       RHSA-2002:035-13
Issue date:        2002-02-27
Updated on:        2002-02-27
Product:           Red Hat Linux
Keywords:          PHP remote exploit mulitpart MIME
Cross references:  
Obsoletes:         RHSA-2000:088 RHSA-2000:136
---------------------------------------------------------------------

1. Topic:

Updated PHP packages are available to fix vulnerabilities in the functions
that parse multipart MIME data, which are used when uploading files
through forms.

2. Relevant releases/architectures:

Red Hat Linux 6.2 - alpha, i386, sparc

Red Hat Linux 7.0 - alpha, i386

Red Hat Linux 7.1 - alpha, i386, ia64

Red Hat Linux 7.2 - i386, ia64, s390

3. Problem description:

PHP is an HTML-embeddable scripting language.  A number of flaws have been
found in the way PHP handles multipart/form-data POST requests.  Each of
these flaws could allow an attacker to execute arbitrary code on the remote
system.

PHP 3.10-3.18 contains a broken boundary check (hard to exploit) and an
arbitrary heap overflow (easy to exploit).  These versions of PHP were
shipped with Red Hat Linux 6.2.
   
PHP 4.0.1-4.0.3pl1 contains a broken boundary check (hard to exploit) and a
heap-off-by-one (easy to exploit).  These versions of PHP were shipped with 
Red Hat Linux 7.0.

PHP 4.0.2-4.0.5 contains two broken boundary checks (one very easy and one
hard to exploit).  These versions of PHP were shipped with Red Hat Linux
7.1 and as erratas to 7.0.

PHP 4.0.6-4.0.7RC2 contains a broken boundary check (very easy to exploit).
These versions of PHP were shipped with Red Hat Linux 7.2
      
The Common Vulnerabilities and Exposures project (cve.mitre.org) has
assigned the name CAN-2002-0081 to this issue.

If you are running PHP 4.0.3 or above, one way to work around these bugs is
to disable the fileupload support within your php.ini file (by setting
file_uploads = Off).

All users of PHP are advised to immediately upgrade to these errata
packages which close these vulnerabilities.

4. Solution:

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

To update all RPMs for your particular architecture, run:

rpm -Fvh [filenames]

where [filenames] is a list of the RPMs you wish to upgrade.  Only those
RPMs which are currently installed will be updated.  Those RPMs which are
not installed but included in the list will not be updated.  Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.

Please note that this update is also available via Red Hat Network.  Many
people find this an easier way to apply updates.  To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.

After applying these updates you will need to restart your web server if it
was running before the update was applied.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):



6. RPMs required:

Red Hat Linux 6.2:

SRPMS:
ftp://updates.redhat.com/6.2/en/os/SRPMS/php-3.0.18-8.src.rpm

alpha:
ftp://updates.redhat.com/6.2/en/os/alpha/php-3.0.18-8.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/php-manual-3.0.18-8.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/php-pgsql-3.0.18-8.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/php-imap-3.0.18-8.alpha.rpm
ftp://updates.redhat.com/6.2/en/os/alpha/php-ldap-3.0.18-8.alpha.rpm

i386:
ftp://updates.redhat.com/6.2/en/os/i386/php-3.0.18-8.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/php-manual-3.0.18-8.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/php-pgsql-3.0.18-8.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/php-imap-3.0.18-8.i386.rpm
ftp://updates.redhat.com/6.2/en/os/i386/php-ldap-3.0.18-8.i386.rpm

sparc:
ftp://updates.redhat.com/6.2/en/os/sparc/php-3.0.18-8.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/php-manual-3.0.18-8.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/php-pgsql-3.0.18-8.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/php-imap-3.0.18-8.sparc.rpm
ftp://updates.redhat.com/6.2/en/os/sparc/php-ldap-3.0.18-8.sparc.rpm

Red Hat Linux 7.0:

SRPMS:
ftp://updates.redhat.com/7.0/en/os/SRPMS/php-4.0.6-9.7.0.src.rpm

alpha:
ftp://updates.redhat.com/7.0/en/os/alpha/php-4.0.6-9.7.0.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-devel-4.0.6-9.7.0.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-imap-4.0.6-9.7.0.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-ldap-4.0.6-9.7.0.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-manual-4.0.6-9.7.0.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-mysql-4.0.6-9.7.0.alpha.rpm
ftp://updates.redhat.com/7.0/en/os/alpha/php-pgsql-4.0.6-9.7.0.alpha.rpm

i386:
ftp://updates.redhat.com/7.0/en/os/i386/php-4.0.6-9.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-devel-4.0.6-9.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-imap-4.0.6-9.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-ldap-4.0.6-9.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-manual-4.0.6-9.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-mysql-4.0.6-9.7.0.i386.rpm
ftp://updates.redhat.com/7.0/en/os/i386/php-pgsql-4.0.6-9.7.0.i386.rpm

Red Hat Linux 7.1:

SRPMS:
ftp://updates.redhat.com/7.1/en/os/SRPMS/php-4.0.6-9.7.1.src.rpm

alpha:
ftp://updates.redhat.com/7.1/en/os/alpha/php-4.0.6-9.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-devel-4.0.6-9.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-imap-4.0.6-9.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-ldap-4.0.6-9.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-manual-4.0.6-9.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-mysql-4.0.6-9.7.1.alpha.rpm
ftp://updates.redhat.com/7.1/en/os/alpha/php-pgsql-4.0.6-9.7.1.alpha.rpm

i386:
ftp://updates.redhat.com/7.1/en/os/i386/php-4.0.6-9.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-devel-4.0.6-9.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-imap-4.0.6-9.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-ldap-4.0.6-9.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-manual-4.0.6-9.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-mysql-4.0.6-9.7.1.i386.rpm
ftp://updates.redhat.com/7.1/en/os/i386/php-pgsql-4.0.6-9.7.1.i386.rpm

ia64:
ftp://updates.redhat.com/7.1/en/os/ia64/php-4.0.6-9.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-devel-4.0.6-9.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-imap-4.0.6-9.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-ldap-4.0.6-9.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-manual-4.0.6-9.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-mysql-4.0.6-9.7.1.ia64.rpm
ftp://updates.redhat.com/7.1/en/os/ia64/php-pgsql-4.0.6-9.7.1.ia64.rpm

Red Hat Linux 7.2:

SRPMS:
ftp://updates.redhat.com/7.2/en/os/SRPMS/php-4.0.6-12.src.rpm

i386:
ftp://updates.redhat.com/7.2/en/os/i386/php-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-devel-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-imap-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-ldap-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-manual-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-mysql-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-odbc-4.0.6-12.i386.rpm
ftp://updates.redhat.com/7.2/en/os/i386/php-pgsql-4.0.6-12.i386.rpm

ia64:
ftp://updates.redhat.com/7.2/en/os/ia64/php-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-devel-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-imap-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-ldap-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-manual-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-mysql-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-odbc-4.0.6-12.ia64.rpm
ftp://updates.redhat.com/7.2/en/os/ia64/php-pgsql-4.0.6-12.ia64.rpm



7. Verification:

MD5 sum                          Package Name
--------------------------------------------------------------------------
f07b6317aee9ade09625a8166641edc7 6.2/en/os/SRPMS/php-3.0.18-8.src.rpm
c56a2c896756ce982e14b329ee122c97 6.2/en/os/alpha/php-3.0.18-8.alpha.rpm
1a14f54cf642e41b6474f7bd8d89b4b7 6.2/en/os/alpha/php-imap-3.0.18-8.alpha.rpm
90244d18f76ce2f254e946edcb28e4b9 6.2/en/os/alpha/php-ldap-3.0.18-8.alpha.rpm
7b05bacc07896a17866cbe73b9c37eba 6.2/en/os/alpha/php-manual-3.0.18-8.alpha.r
pm
1266ab137b0fb24e7447683e9100c501 6.2/en/os/alpha/php-pgsql-3.0.18-8.alpha.rp
m
f4219464571e14737e1e5e3d414ae5d2 6.2/en/os/i386/php-3.0.18-8.i386.rpm
9e4250f304c8832a0d0e99d98109f59c 6.2/en/os/i386/php-imap-3.0.18-8.i386.rpm
31630b40f901d1617cfe0fce4a2e14df 6.2/en/os/i386/php-ldap-3.0.18-8.i386.rpm
78ade58fa6517548264f21996bf799a3 6.2/en/os/i386/php-manual-3.0.18-8.i386.rpm
c4985d7263824fd4c837f997605afff2 6.2/en/os/i386/php-pgsql-3.0.18-8.i386.rpm
08e4722c97645d8bde860ff0b9dbb48c 6.2/en/os/sparc/php-3.0.18-8.sparc.rpm
17d9aaac1927e3dd631dfd26fd75e25e 6.2/en/os/sparc/php-imap-3.0.18-8.sparc.rpm
4f9a316f188315dddc6d2d7b3f643abc 6.2/en/os/sparc/php-ldap-3.0.18-8.sparc.rpm
f7783e877972c2cd4a8c91574fef4655 6.2/en/os/sparc/php-manual-3.0.18-8.sparc.r
pm
b2ac8533b51b8a63db12cee2e334bc70 6.2/en/os/sparc/php-pgsql-3.0.18-8.sparc.rp
m
984cf05e255e5dba84756f43089ad41d 7.0/en/os/SRPMS/php-4.0.6-9.7.0.src.rpm
23f5e948527d86906c1c0b5c14394443 7.0/en/os/alpha/php-4.0.6-9.7.0.alpha.rpm
27046892357d213bb07af47462dbb2e8 7.0/en/os/alpha/php-devel-4.0.6-9.7.0.alpha
.rpm
60059adcebffe32f7aa42f40ded0ccd6 7.0/en/os/alpha/php-imap-4.0.6-9.7.0.alpha.
rpm
66a9241666dfac55076483446a46c656 7.0/en/os/alpha/php-ldap-4.0.6-9.7.0.alpha.
rpm
efd1b02def9b37c003111b32fd951c47 7.0/en/os/alpha/php-manual-4.0.6-9.7.0.alph
a.rpm
5cedcc04933ef82c06de866591bb14b9 7.0/en/os/alpha/php-mysql-4.0.6-9.7.0.alpha
.rpm
6d41072e5482e5c4ecd72dc20a380608 7.0/en/os/alpha/php-pgsql-4.0.6-9.7.0.alpha
.rpm
c51cae878dbd0ddb59f293bb2b74576a 7.0/en/os/i386/php-4.0.6-9.7.0.i386.rpm
ece39ce64f13090908e1e724e8ac20c2 7.0/en/os/i386/php-devel-4.0.6-9.7.0.i386.r
pm
ddf79ef25cef397db6b375e55ec72461 7.0/en/os/i386/php-imap-4.0.6-9.7.0.i386.rp
m
aa7f45c1bdd74ba24cc478227d1231ef 7.0/en/os/i386/php-ldap-4.0.6-9.7.0.i386.rp
m
a09113571cdf2b494587cdf5d0e3b94e 7.0/en/os/i386/php-manual-4.0.6-9.7.0.i386.
rpm
184160c5c02313d3b00ccb35f440308b 7.0/en/os/i386/php-mysql-4.0.6-9.7.0.i386.r
pm
a26becd661ccc40b073133205494ed31 7.0/en/os/i386/php-pgsql-4.0.6-9.7.0.i386.r
pm
13e044d5838ca92e87a6c75422f1dcfa 7.1/en/os/SRPMS/php-4.0.6-9.7.1.src.rpm
bf4fd0046038fdf77d73be0569a04c1a 7.1/en/os/alpha/php-4.0.6-9.7.1.alpha.rpm
8aee7e333ab227ca9d8e03ecfea81b12 7.1/en/os/alpha/php-devel-4.0.6-9.7.1.alpha
.rpm
80b146826658d08d84ae5d6fb8653f0a 7.1/en/os/alpha/php-imap-4.0.6-9.7.1.alpha.
rpm
77224698038db01686f2e078332db3df 7.1/en/os/alpha/php-ldap-4.0.6-9.7.1.alpha.
rpm
5b70392e70416ca43699e082bc080606 7.1/en/os/alpha/php-manual-4.0.6-9.7.1.alph
a.rpm
a318eecc9ee831d76b2565dd029ab544 7.1/en/os/alpha/php-mysql-4.0.6-9.7.1.alpha
.rpm
a0aceadd726fb8e4003b8e82488c6460 7.1/en/os/alpha/php-pgsql-4.0.6-9.7.1.alpha
.rpm
a3886ccade78602bc997513289f3ea48 7.1/en/os/i386/php-4.0.6-9.7.1.i386.rpm
32e7d5a1b44a5b1f41d2f392dce873ab 7.1/en/os/i386/php-devel-4.0.6-9.7.1.i386.r
pm
0cebe302673d264ba98ca5eb5a336386 7.1/en/os/i386/php-imap-4.0.6-9.7.1.i386.rp
m
108a196736b34d28f4cee176da65c326 7.1/en/os/i386/php-ldap-4.0.6-9.7.1.i386.rp
m
fabc969a08a7f268f74e18d1dfca87a1 7.1/en/os/i386/php-manual-4.0.6-9.7.1.i386.
rpm
8ebdf9dcfa1677667c5e9846df68708c 7.1/en/os/i386/php-mysql-4.0.6-9.7.1.i386.r
pm
90793e84d6689d25d3a242d0e75f5b67 7.1/en/os/i386/php-pgsql-4.0.6-9.7.1.i386.r
pm
467c5b32df73a82a3b4a5e69dac14a3d 7.1/en/os/ia64/php-4.0.6-9.7.1.ia64.rpm
1e4fbc2380f0f68b5384b8523c524a46 7.1/en/os/ia64/php-devel-4.0.6-9.7.1.ia64.r
pm
82c5fc25016e739099689267369172e4 7.1/en/os/ia64/php-imap-4.0.6-9.7.1.ia64.rp
m
5d5d488f11e431fa18782c69f0f7a143 7.1/en/os/ia64/php-ldap-4.0.6-9.7.1.ia64.rp
m
3abf84cd5f344cf8b14226b47474bc2e 7.1/en/os/ia64/php-manual-4.0.6-9.7.1.ia64.
rpm
9c502c398208c15b6b9d9c5467b4a620 7.1/en/os/ia64/php-mysql-4.0.6-9.7.1.ia64.r
pm
5ad2b0aa07efaff0d2f93c38e238cbe2 7.1/en/os/ia64/php-pgsql-4.0.6-9.7.1.ia64.r
pm
0115ad07854838a15cfea42e5cef3002 7.2/en/os/SRPMS/php-4.0.6-12.src.rpm
54fa818f60d7dd918ae05c598a6c9308 7.2/en/os/i386/php-4.0.6-12.i386.rpm
b7332d143c4cab1dc69eecdb7796e1c0 7.2/en/os/i386/php-devel-4.0.6-12.i386.rpm
ed11518798bdecd13996e5e7a04a1b78 7.2/en/os/i386/php-imap-4.0.6-12.i386.rpm
ec94a9b7770d43dc698dc3298aee8d02 7.2/en/os/i386/php-ldap-4.0.6-12.i386.rpm
b8a4de8035343527c545c8823c39ff2e 7.2/en/os/i386/php-manual-4.0.6-12.i386.rpm
72c68100743a945adfb2b8486dafca65 7.2/en/os/i386/php-mysql-4.0.6-12.i386.rpm
daf507853a3a894a9e558b5559d3d27b 7.2/en/os/i386/php-odbc-4.0.6-12.i386.rpm
179026b54d77cc23a79e3e708db0648b 7.2/en/os/i386/php-pgsql-4.0.6-12.i386.rpm
b4b5d57a278022c02842feffb29e939e 7.2/en/os/ia64/php-4.0.6-12.ia64.rpm
5ce8d950d8fc280077f1843a61f248f9 7.2/en/os/ia64/php-devel-4.0.6-12.ia64.rpm
2aeb47f34004bc84b401306f50326e99 7.2/en/os/ia64/php-imap-4.0.6-12.ia64.rpm
955fe4bfde4021e792bd7c69d9e89482 7.2/en/os/ia64/php-ldap-4.0.6-12.ia64.rpm
4a995a96fdadc689c4ea9849900e12e0 7.2/en/os/ia64/php-manual-4.0.6-12.ia64.rpm
7015803c8d5b7d0d9327186c50b8263b 7.2/en/os/ia64/php-mysql-4.0.6-12.ia64.rpm
9867768b827a91939e5d426b15637861 7.2/en/os/ia64/php-odbc-4.0.6-12.ia64.rpm
fc602be9288f8d743525698fa839b766 7.2/en/os/ia64/php-pgsql-4.0.6-12.ia64.rpm
 

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/about/contact/pgpkey.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

8. References:

http://security.e-matters.de/advisories/012002.html
http://www.kb.cert.org/vuls/id/297363
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-0081


Copyright(c) 2000, 2001 Red Hat, Inc.



_______________________________________________
Redhat-watch-list mailing list
To unsubscribe, visit: https://listman.redhat.com/mailman/listinfo/redhat-wa
tch-list