Secunia Security Advisory - Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious users to bypass certain security restrictions and by malicious people to cause a DoS (Denial of Service).
ffdffeeef8dc1cc467622909f8d68c6b539c282dfa45b95c34c82c2419a8aa50
----------------------------------------------------------------------
Secunia customers receive relevant and filtered advisories.
Delivery is done via different channels including SMS, Email, Web,
and https based XML feed.
http://corporate.secunia.com/trial/38/request/
----------------------------------------------------------------------
TITLE:
Mandriva update for php
SECUNIA ADVISORY ID:
SA24909
VERIFY ADVISORY:
http://secunia.com/advisories/24909/
CRITICAL:
Less critical
IMPACT:
Security Bypass, DoS
WHERE:
>From remote
OPERATING SYSTEM:
Mandriva Linux 2007
http://secunia.com/product/12165/
DESCRIPTION:
Mandriva has issued an update for php. This fixes some
vulnerabilities, which can be exploited by malicious users to bypass
certain security restrictions and by malicious people to cause a DoS
(Denial of Service).
For more information:
SA24814
SA24089
SOLUTION:
Apply updated packages.
Mandriva Linux 2007
9cf466b76665bc033530c80f504eb54e
2007.0/i586/libphp5_common5-5.1.6-1.7mdv2007.0.i586.rpm
a1d9ebfcc187c4494af7e1e39fdf0f47
2007.0/i586/php-cgi-5.1.6-1.7mdv2007.0.i586.rpm
55439de9b2c70cc97cee9b51fb5a89a9
2007.0/i586/php-cli-5.1.6-1.7mdv2007.0.i586.rpm
8c77d342600f50e6157a3df4f1f9b8f1
2007.0/i586/php-devel-5.1.6-1.7mdv2007.0.i586.rpm
f3c5bc37d6a24279a5f63b9f18e913f9
2007.0/i586/php-fcgi-5.1.6-1.7mdv2007.0.i586.rpm
ca1858b16d0a4d080e052bc182fc391f
2007.0/i586/php-gd-5.1.6-1.2mdv2007.0.i586.rpm
ddb1de61592f7a7281e5e91449398305
2007.0/i586/php-mbstring-5.1.6-1.1mdv2007.0.i586.rpm
083edc863400b03a69056dca44ba3a2e
2007.0/i586/php-sqlite-5.1.6-1.1mdv2007.0.i586.rpm
eb4be9590d4b82d63d3041b5963dd365
2007.0/SRPMS/php-5.1.6-1.7mdv2007.0.src.rpm
c488b9c4f369ac8f7bb7b727938d75bc
2007.0/SRPMS/php-gd-5.1.6-1.2mdv2007.0.src.rpm
85269cbd42e2900ee754891e240120b3
2007.0/SRPMS/php-mbstring-5.1.6-1.1mdv2007.0.src.rpm
3672001f271ae73ac8024455a887ef6e
2007.0/SRPMS/php-sqlite-5.1.6-1.1mdv2007.0.src.rpm
Mandriva Linux 2007/X86_64
4da00df59f3a9fc8105c3b540cf4054a
2007.0/x86_64/lib64php5_common5-5.1.6-1.7mdv2007.0.x86_64.rpm
6eb974c7d025e406bd8ee1b72f5972fe
2007.0/x86_64/php-cgi-5.1.6-1.7mdv2007.0.x86_64.rpm
e4922361429c9aab92a44496e04eb409
2007.0/x86_64/php-cli-5.1.6-1.7mdv2007.0.x86_64.rpm
17e01392077a6c435455d0b521e82d7a
2007.0/x86_64/php-devel-5.1.6-1.7mdv2007.0.x86_64.rpm
f73924c3f06c16e1382be7d18e1d1494
2007.0/x86_64/php-fcgi-5.1.6-1.7mdv2007.0.x86_64.rpm
3a88b1be7ed446e0d5a09ae8f0d64cf4
2007.0/x86_64/php-gd-5.1.6-1.2mdv2007.0.x86_64.rpm
d983f296eba0b5d1642c1a673bf6673c
2007.0/x86_64/php-mbstring-5.1.6-1.1mdv2007.0.x86_64.rpm
3f1e547ebc7cb5debd2c818ad3746404
2007.0/x86_64/php-sqlite-5.1.6-1.1mdv2007.0.x86_64.rpm
eb4be9590d4b82d63d3041b5963dd365
2007.0/SRPMS/php-5.1.6-1.7mdv2007.0.src.rpm
c488b9c4f369ac8f7bb7b727938d75bc
2007.0/SRPMS/php-gd-5.1.6-1.2mdv2007.0.src.rpm
85269cbd42e2900ee754891e240120b3
2007.0/SRPMS/php-mbstring-5.1.6-1.1mdv2007.0.src.rpm
3672001f271ae73ac8024455a887ef6e
2007.0/SRPMS/php-sqlite-5.1.6-1.1mdv2007.0.src.rpm
ORIGINAL ADVISORY:
http://www.mandriva.com/security/advisories?name=MDKSA-2007:089
OTHER REFERENCES:
SA24814:
http://secunia.com/advisories/24814/
SA24089:
http://secunia.com/advisories/24089/
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
----------------------------------------------------------------------