|
|
Subscribe / Log in / New account

Red Hat alert RHSA-2004:392-01 (php)



From:
    	      bugzilla@redhat.com


To:
    	      enterprise-watch-list@redhat.com


Subject:
    	      [RHSA-2004:392-01] Updated php packages fix security issues


Date:
    	      Mon, 19 Jul 2004 16:45 -0400



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ---------------------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated php packages fix security issues
Advisory ID:       RHSA-2004:392-01
Issue date:        2004-07-19
Updated on:        2004-07-19
Product:           Red Hat Enterprise Linux
Cross references:  RHSA-2004:342
Obsoletes:         RHBA-2004:169
CVE Names:         CAN-2004-0594 CAN-2004-0595
- ---------------------------------------------------------------------

1. Summary:

Updated php packages that fix various security issues are now available.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AS version 3 - i386, ia64, ppc, s390, s390x, x86_64
Red Hat Desktop version 3 - i386, x86_64
Red Hat Enterprise Linux ES version 3 - i386, ia64, x86_64
Red Hat Enterprise Linux WS version 3 - i386, ia64, x86_64

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP server.

Stefan Esser discovered a flaw when memory_limit is enabled in versions of
PHP 4 before 4.3.8. If a remote attacker could force the PHP interpreter to
allocate more memory than the memory_limit setting before script execution
begins, then the attacker may be able to supply the contents of a PHP hash
table remotely. This hash table could then be used to execute arbitrary
code as the 'apache' user. The Common Vulnerabilities and Exposures project
(cve.mitre.org) has assigned the name CAN-2004-0594 to this issue.

This issue has a higher risk when PHP is running on an instance of Apache
which is vulnerable to CAN-2004-0493.  For Red Hat Enterprise Linux 3, this
Apache memory exhaustion issue was fixed by a previous update,
RHSA-2004:342.  It may also be possible to exploit this issue if using a
non-default PHP configuration with the "register_defaults" setting is
changed to "On". Red Hat does not believe that this flaw is exploitable in
the default configuration of Red Hat Enterprise Linux 3.

Stefan Esser discovered a flaw in the strip_tags function in versions of
PHP before 4.3.8.  The strip_tags function is commonly used by PHP scripts
to prevent Cross-Site-Scripting attacks by removing HTML tags from
user-supplied form data.  By embedding NUL bytes into form data, HTML tags
can in some cases be passed intact through the strip_tags function, which
may allow a Cross-Site-Scripting attack.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2004-0595 to
this issue.  

All users of PHP are advised to upgrade to these updated packages, which
contain backported patches that address these issues.

4. Solution:

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.  Use Red Hat
Network to download and update your packages.  To launch the Red Hat
Update Agent, use the following command:

    up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

    http://www.redhat.com/docs/manuals/enterprise/

5. Bug IDs fixed (http://bugzilla.redhat.com/ for more info):

127642 - CAN-2004-0594 PHP memory_limit issue

6. RPMs required:

Red Hat Enterprise Linux AS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3AS/en/os/SRPMS/php-4.3.2-11.1.ent.src.rpm
9613fe94811e3abc0fcbbf75e3fe33b1  php-4.3.2-11.1.ent.src.rpm

i386:
6b71d91abdb066a05ef4ec19f9355485  php-4.3.2-11.1.ent.i386.rpm
42182a3a61a6ffb145fd8871e03ae891  php-imap-4.3.2-11.1.ent.i386.rpm
912582a0321cd1bac6313b90cf33d285  php-ldap-4.3.2-11.1.ent.i386.rpm
4d88b4eafbbd2bc67f372c91d493f8dc  php-mysql-4.3.2-11.1.ent.i386.rpm
c9bc43377266615084d22544449ad7f9  php-odbc-4.3.2-11.1.ent.i386.rpm
cce808facce1f1822f00190f226c27b1  php-pgsql-4.3.2-11.1.ent.i386.rpm

ia64:
ce5adfb8b69de15418ae87c5e27cd538  php-4.3.2-11.1.ent.ia64.rpm
d377ea0c94b05779000a3d874fdbd125  php-imap-4.3.2-11.1.ent.ia64.rpm
819bdf666d70c231f991544fb9752295  php-ldap-4.3.2-11.1.ent.ia64.rpm
654071b05291149c7c7de4352d9e05e6  php-mysql-4.3.2-11.1.ent.ia64.rpm
d10d1a5a809d5899af609b5114ac330a  php-odbc-4.3.2-11.1.ent.ia64.rpm
6fbda694cefa84f48f4a13cb5b3bba2a  php-pgsql-4.3.2-11.1.ent.ia64.rpm

ppc:
8e7b70ca51bc2df2b9bdc17ac450623a  php-4.3.2-11.1.ent.ppc.rpm
5f605263b276896aafae4bd6b4b7239a  php-imap-4.3.2-11.1.ent.ppc.rpm
da531c43274864cfb175acb3b66bf8b7  php-ldap-4.3.2-11.1.ent.ppc.rpm
cdf935d9e13f4a2f23b615944cd497aa  php-mysql-4.3.2-11.1.ent.ppc.rpm
68fdff925a0b72a85fa5e9602cf6f8ad  php-odbc-4.3.2-11.1.ent.ppc.rpm
6dc8cc2c54551934cb16285040e88cbe  php-pgsql-4.3.2-11.1.ent.ppc.rpm

s390:
1241e110e8859029b024343d22aa2df6  php-4.3.2-11.1.ent.s390.rpm
21f3ed14d13ad75e007b5e356efed8de  php-imap-4.3.2-11.1.ent.s390.rpm
268e9bde022de276849ba140a4235c37  php-ldap-4.3.2-11.1.ent.s390.rpm
93f23ab49be6bac55a67011ce9da49be  php-mysql-4.3.2-11.1.ent.s390.rpm
cf87e5a94c29d28bf1d7149a8e3757ac  php-odbc-4.3.2-11.1.ent.s390.rpm
c17462518752ea728180c1974461d269  php-pgsql-4.3.2-11.1.ent.s390.rpm

s390x:
09bd14ec01d446d287f83db8507b3d19  php-4.3.2-11.1.ent.s390x.rpm
b635ebd91ae1aa07563e5aeda9938361  php-imap-4.3.2-11.1.ent.s390x.rpm
98ef889f18f31d40c5c70314ed997c50  php-ldap-4.3.2-11.1.ent.s390x.rpm
d0cece953f1e1f64f154dbb84b4387d5  php-mysql-4.3.2-11.1.ent.s390x.rpm
9664d26f87dc23fe662884807f480e22  php-odbc-4.3.2-11.1.ent.s390x.rpm
b2ec7feef3091c1c1bc8503b86e02ad4  php-pgsql-4.3.2-11.1.ent.s390x.rpm

x86_64:
a49056e941b6bd8ce1b1590bea36ad93  php-4.3.2-11.1.ent.x86_64.rpm
fb2117b18a87f4dbe9d99a1c3bff549c  php-imap-4.3.2-11.1.ent.x86_64.rpm
36868aa1c842e4b51080b36278b89f6c  php-ldap-4.3.2-11.1.ent.x86_64.rpm
580ab1336817233f421aa810f98b01a7  php-mysql-4.3.2-11.1.ent.x86_64.rpm
0d22fa314983cfde41309e3c063386cd  php-odbc-4.3.2-11.1.ent.x86_64.rpm
117f5c46073a1828b32c33835c5c7790  php-pgsql-4.3.2-11.1.ent.x86_64.rpm

Red Hat Desktop version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3desktop/en/os/SRPMS/php-4.3.2-11.1.ent.src.rpm
9613fe94811e3abc0fcbbf75e3fe33b1  php-4.3.2-11.1.ent.src.rpm

i386:
6b71d91abdb066a05ef4ec19f9355485  php-4.3.2-11.1.ent.i386.rpm
42182a3a61a6ffb145fd8871e03ae891  php-imap-4.3.2-11.1.ent.i386.rpm
912582a0321cd1bac6313b90cf33d285  php-ldap-4.3.2-11.1.ent.i386.rpm
4d88b4eafbbd2bc67f372c91d493f8dc  php-mysql-4.3.2-11.1.ent.i386.rpm
c9bc43377266615084d22544449ad7f9  php-odbc-4.3.2-11.1.ent.i386.rpm
cce808facce1f1822f00190f226c27b1  php-pgsql-4.3.2-11.1.ent.i386.rpm

x86_64:
a49056e941b6bd8ce1b1590bea36ad93  php-4.3.2-11.1.ent.x86_64.rpm
fb2117b18a87f4dbe9d99a1c3bff549c  php-imap-4.3.2-11.1.ent.x86_64.rpm
36868aa1c842e4b51080b36278b89f6c  php-ldap-4.3.2-11.1.ent.x86_64.rpm
580ab1336817233f421aa810f98b01a7  php-mysql-4.3.2-11.1.ent.x86_64.rpm
0d22fa314983cfde41309e3c063386cd  php-odbc-4.3.2-11.1.ent.x86_64.rpm
117f5c46073a1828b32c33835c5c7790  php-pgsql-4.3.2-11.1.ent.x86_64.rpm

Red Hat Enterprise Linux ES version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3ES/en/os/SRPMS/php-4.3.2-11.1.ent.src.rpm
9613fe94811e3abc0fcbbf75e3fe33b1  php-4.3.2-11.1.ent.src.rpm

i386:
6b71d91abdb066a05ef4ec19f9355485  php-4.3.2-11.1.ent.i386.rpm
42182a3a61a6ffb145fd8871e03ae891  php-imap-4.3.2-11.1.ent.i386.rpm
912582a0321cd1bac6313b90cf33d285  php-ldap-4.3.2-11.1.ent.i386.rpm
4d88b4eafbbd2bc67f372c91d493f8dc  php-mysql-4.3.2-11.1.ent.i386.rpm
c9bc43377266615084d22544449ad7f9  php-odbc-4.3.2-11.1.ent.i386.rpm
cce808facce1f1822f00190f226c27b1  php-pgsql-4.3.2-11.1.ent.i386.rpm

ia64:
ce5adfb8b69de15418ae87c5e27cd538  php-4.3.2-11.1.ent.ia64.rpm
d377ea0c94b05779000a3d874fdbd125  php-imap-4.3.2-11.1.ent.ia64.rpm
819bdf666d70c231f991544fb9752295  php-ldap-4.3.2-11.1.ent.ia64.rpm
654071b05291149c7c7de4352d9e05e6  php-mysql-4.3.2-11.1.ent.ia64.rpm
d10d1a5a809d5899af609b5114ac330a  php-odbc-4.3.2-11.1.ent.ia64.rpm
6fbda694cefa84f48f4a13cb5b3bba2a  php-pgsql-4.3.2-11.1.ent.ia64.rpm

x86_64:
a49056e941b6bd8ce1b1590bea36ad93  php-4.3.2-11.1.ent.x86_64.rpm
fb2117b18a87f4dbe9d99a1c3bff549c  php-imap-4.3.2-11.1.ent.x86_64.rpm
36868aa1c842e4b51080b36278b89f6c  php-ldap-4.3.2-11.1.ent.x86_64.rpm
580ab1336817233f421aa810f98b01a7  php-mysql-4.3.2-11.1.ent.x86_64.rpm
0d22fa314983cfde41309e3c063386cd  php-odbc-4.3.2-11.1.ent.x86_64.rpm
117f5c46073a1828b32c33835c5c7790  php-pgsql-4.3.2-11.1.ent.x86_64.rpm

Red Hat Enterprise Linux WS version 3:

SRPMS:
ftp://updates.redhat.com/enterprise/3WS/en/os/SRPMS/php-4.3.2-11.1.ent.src.rpm
9613fe94811e3abc0fcbbf75e3fe33b1  php-4.3.2-11.1.ent.src.rpm

i386:
6b71d91abdb066a05ef4ec19f9355485  php-4.3.2-11.1.ent.i386.rpm
42182a3a61a6ffb145fd8871e03ae891  php-imap-4.3.2-11.1.ent.i386.rpm
912582a0321cd1bac6313b90cf33d285  php-ldap-4.3.2-11.1.ent.i386.rpm
4d88b4eafbbd2bc67f372c91d493f8dc  php-mysql-4.3.2-11.1.ent.i386.rpm
c9bc43377266615084d22544449ad7f9  php-odbc-4.3.2-11.1.ent.i386.rpm
cce808facce1f1822f00190f226c27b1  php-pgsql-4.3.2-11.1.ent.i386.rpm

ia64:
ce5adfb8b69de15418ae87c5e27cd538  php-4.3.2-11.1.ent.ia64.rpm
d377ea0c94b05779000a3d874fdbd125  php-imap-4.3.2-11.1.ent.ia64.rpm
819bdf666d70c231f991544fb9752295  php-ldap-4.3.2-11.1.ent.ia64.rpm
654071b05291149c7c7de4352d9e05e6  php-mysql-4.3.2-11.1.ent.ia64.rpm
d10d1a5a809d5899af609b5114ac330a  php-odbc-4.3.2-11.1.ent.ia64.rpm
6fbda694cefa84f48f4a13cb5b3bba2a  php-pgsql-4.3.2-11.1.ent.ia64.rpm

x86_64:
a49056e941b6bd8ce1b1590bea36ad93  php-4.3.2-11.1.ent.x86_64.rpm
fb2117b18a87f4dbe9d99a1c3bff549c  php-imap-4.3.2-11.1.ent.x86_64.rpm
36868aa1c842e4b51080b36278b89f6c  php-ldap-4.3.2-11.1.ent.x86_64.rpm
580ab1336817233f421aa810f98b01a7  php-mysql-4.3.2-11.1.ent.x86_64.rpm
0d22fa314983cfde41309e3c063386cd  php-odbc-4.3.2-11.1.ent.x86_64.rpm
117f5c46073a1828b32c33835c5c7790  php-pgsql-4.3.2-11.1.ent.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and 
details on how to verify the signature are available from
https://www.redhat.com/security/team/key.html#package

7. References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595

8. Contact:

The Red Hat security contact is <secalert@redhat.com>.  More contact
details at https://www.redhat.com/security/team/contact.html

Copyright 2004 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFA/DLjXlSAg2UNWIIRAobrAJ9XKXb7Od9lRDg/MyFT6TRF8n/kpACfakqv
k6vmMxlcQ9aIAOwtH2onUeY=
=my6U
-----END PGP SIGNATURE-----


-- 
Enterprise-watch-list mailing list
Enterprise-watch-list@redhat.com
https://www.redhat.com/mailman/listinfo/enterprise-watch-list
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds