Описание
ELSA-2011-0195: php security update (MODERATE)
[5.3.2-6.1]
- add security fixes for CVE-2010-3709, CVE-2010-3870, CVE-2009-5016, CVE-2010-4645 (#670461)
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
php
5.3.2-6.el6_0.1
php-bcmath
5.3.2-6.el6_0.1
php-cli
5.3.2-6.el6_0.1
php-common
5.3.2-6.el6_0.1
php-dba
5.3.2-6.el6_0.1
php-devel
5.3.2-6.el6_0.1
php-embedded
5.3.2-6.el6_0.1
php-enchant
5.3.2-6.el6_0.1
php-gd
5.3.2-6.el6_0.1
php-imap
5.3.2-6.el6_0.1
php-intl
5.3.2-6.el6_0.1
php-ldap
5.3.2-6.el6_0.1
php-mbstring
5.3.2-6.el6_0.1
php-mysql
5.3.2-6.el6_0.1
php-odbc
5.3.2-6.el6_0.1
php-pdo
5.3.2-6.el6_0.1
php-pgsql
5.3.2-6.el6_0.1
php-process
5.3.2-6.el6_0.1
php-pspell
5.3.2-6.el6_0.1
php-recode
5.3.2-6.el6_0.1
php-snmp
5.3.2-6.el6_0.1
php-soap
5.3.2-6.el6_0.1
php-tidy
5.3.2-6.el6_0.1
php-xml
5.3.2-6.el6_0.1
php-xmlrpc
5.3.2-6.el6_0.1
php-zts
5.3.2-6.el6_0.1
Oracle Linux i686
php
5.3.2-6.el6_0.1
php-bcmath
5.3.2-6.el6_0.1
php-cli
5.3.2-6.el6_0.1
php-common
5.3.2-6.el6_0.1
php-dba
5.3.2-6.el6_0.1
php-devel
5.3.2-6.el6_0.1
php-embedded
5.3.2-6.el6_0.1
php-enchant
5.3.2-6.el6_0.1
php-gd
5.3.2-6.el6_0.1
php-imap
5.3.2-6.el6_0.1
php-intl
5.3.2-6.el6_0.1
php-ldap
5.3.2-6.el6_0.1
php-mbstring
5.3.2-6.el6_0.1
php-mysql
5.3.2-6.el6_0.1
php-odbc
5.3.2-6.el6_0.1
php-pdo
5.3.2-6.el6_0.1
php-pgsql
5.3.2-6.el6_0.1
php-process
5.3.2-6.el6_0.1
php-pspell
5.3.2-6.el6_0.1
php-recode
5.3.2-6.el6_0.1
php-snmp
5.3.2-6.el6_0.1
php-soap
5.3.2-6.el6_0.1
php-tidy
5.3.2-6.el6_0.1
php-xml
5.3.2-6.el6_0.1
php-xmlrpc
5.3.2-6.el6_0.1
php-zts
5.3.2-6.el6_0.1
Связанные CVE
Связанные уязвимости
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
The utf8_decode function in PHP before 5.3.4 does not properly handle ...