Описание
ELSA-2009-0338: php security update (MODERATE)
[5.1.6-23.2.el5]
- ext/gd: fix overflow2 usage for CVE-2007-3996, CVE-2008-3658
[5.1.6-23.1.el5]
- add security fixes for CVE-2008-3658, CVE-2008-3660, CVE-2008-5498, CVE-2008-5557, CVE-2008-5814, and mbstring func_overload issue (#487369)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
php
5.1.6-23.2.el5_3
php-bcmath
5.1.6-23.2.el5_3
php-cli
5.1.6-23.2.el5_3
php-common
5.1.6-23.2.el5_3
php-dba
5.1.6-23.2.el5_3
php-devel
5.1.6-23.2.el5_3
php-gd
5.1.6-23.2.el5_3
php-imap
5.1.6-23.2.el5_3
php-ldap
5.1.6-23.2.el5_3
php-mbstring
5.1.6-23.2.el5_3
php-mysql
5.1.6-23.2.el5_3
php-ncurses
5.1.6-23.2.el5_3
php-odbc
5.1.6-23.2.el5_3
php-pdo
5.1.6-23.2.el5_3
php-pgsql
5.1.6-23.2.el5_3
php-snmp
5.1.6-23.2.el5_3
php-soap
5.1.6-23.2.el5_3
php-xml
5.1.6-23.2.el5_3
php-xmlrpc
5.1.6-23.2.el5_3
Oracle Linux x86_64
php
5.1.6-23.2.el5_3
php-bcmath
5.1.6-23.2.el5_3
php-cli
5.1.6-23.2.el5_3
php-common
5.1.6-23.2.el5_3
php-dba
5.1.6-23.2.el5_3
php-devel
5.1.6-23.2.el5_3
php-gd
5.1.6-23.2.el5_3
php-imap
5.1.6-23.2.el5_3
php-ldap
5.1.6-23.2.el5_3
php-mbstring
5.1.6-23.2.el5_3
php-mysql
5.1.6-23.2.el5_3
php-ncurses
5.1.6-23.2.el5_3
php-odbc
5.1.6-23.2.el5_3
php-pdo
5.1.6-23.2.el5_3
php-pgsql
5.1.6-23.2.el5_3
php-snmp
5.1.6-23.2.el5_3
php-soap
5.1.6-23.2.el5_3
php-xml
5.1.6-23.2.el5_3
php-xmlrpc
5.1.6-23.2.el5_3
Oracle Linux i386
php
5.1.6-23.2.el5_3
php-bcmath
5.1.6-23.2.el5_3
php-cli
5.1.6-23.2.el5_3
php-common
5.1.6-23.2.el5_3
php-dba
5.1.6-23.2.el5_3
php-devel
5.1.6-23.2.el5_3
php-gd
5.1.6-23.2.el5_3
php-imap
5.1.6-23.2.el5_3
php-ldap
5.1.6-23.2.el5_3
php-mbstring
5.1.6-23.2.el5_3
php-mysql
5.1.6-23.2.el5_3
php-ncurses
5.1.6-23.2.el5_3
php-odbc
5.1.6-23.2.el5_3
php-pdo
5.1.6-23.2.el5_3
php-pgsql
5.1.6-23.2.el5_3
php-snmp
5.1.6-23.2.el5_3
php-soap
5.1.6-23.2.el5_3
php-xml
5.1.6-23.2.el5_3
php-xmlrpc
5.1.6-23.2.el5_3
Ссылки на источники
Связанные уязвимости
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI ...
PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension, as demonstrated using foo..php.