---------------------------------------------------------------------- Secunia is proud to announce the availability of the Secunia Software Inspector. The Secunia Software Inspector is a free service that detects insecure versions of software that you may have installed in your system. When insecure versions are detected, the Secunia Software Inspector also provides thorough guidelines for updating the software to the latest secure version from the vendor. Try it out online: http://secunia.com/software_inspector/ ---------------------------------------------------------------------- TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA24236 VERIFY ADVISORY: http://secunia.com/advisories/24236/ CRITICAL: Moderately critical IMPACT: Security Bypass, Exposure of sensitive information, DoS, System access WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2007 http://secunia.com/product/12165/ Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious people to disclose potentially sensitive information, bypass certain security restrictions, cause a DoS (Denial of Service) and potentially compromise a vulnerable system. For more information: SA24089 SOLUTION: Apply updated packages. Mandriva Linux 2006 14a536e0c07f48b553986725223f54dc 2006.0/i586/libphp5_common5-5.0.4-9.19.20060mdk.i586.rpm 762bc7a2f5500dca2eb7effdb96b6cf0 2006.0/i586/php-cgi-5.0.4-9.19.20060mdk.i586.rpm 3055c27939b2b6451872b39654c7564f 2006.0/i586/php-cli-5.0.4-9.19.20060mdk.i586.rpm 042909d1305a2ceeab45fa11fa4ff434 2006.0/i586/php-devel-5.0.4-9.19.20060mdk.i586.rpm 0bcc6a996a381e6d8ee7c5271bbea166 2006.0/i586/php-fcgi-5.0.4-9.19.20060mdk.i586.rpm 69bc4325439a8ee9ba99ed28af7ed0e2 2006.0/i586/php-imap-5.0.4-2.5.20060mdk.i586.rpm b9a273cc6b7b5e35efea231b27bbc2e5 2006.0/i586/php-odbc-5.0.4-1.1.20060mdk.i586.rpm 7b499c1b38392d556619692780ed41f4 2006.0/i586/php-session-5.0.4-1.1.20060mdk.i586.rpm 452f887b5fcfb2e568ec904b708f611c 2006.0/SRPMS/php-5.0.4-9.19.20060mdk.src.rpm 0ccd978c2b32e74087d237e334a46779 2006.0/SRPMS/php-imap-5.0.4-2.5.20060mdk.src.rpm d7549d0a1c8dd9a8989bbf2519d923fa 2006.0/SRPMS/php-odbc-5.0.4-1.1.20060mdk.src.rpm 92abeadef4272b1e1dff61c956923d23 2006.0/SRPMS/php-session-5.0.4-1.1.20060mdk.src.rpm Mandriva Linux 2006/X86_64 9e66a63f9b6a4694e3b6440afc4e0bd5 2006.0/x86_64/lib64php5_common5-5.0.4-9.19.20060mdk.x86_64.rpm a07a6011defb76f88eba66fc429221e3 2006.0/x86_64/php-cgi-5.0.4-9.19.20060mdk.x86_64.rpm 964d1e6c84a4a8b20fc5257435e64d6e 2006.0/x86_64/php-cli-5.0.4-9.19.20060mdk.x86_64.rpm a0b074323affacd0c3b26302bb791d0a 2006.0/x86_64/php-devel-5.0.4-9.19.20060mdk.x86_64.rpm 74f357e2b7db2b3c1d7e179ab9341b10 2006.0/x86_64/php-fcgi-5.0.4-9.19.20060mdk.x86_64.rpm 6bad08844fe2a99bd12defc982e75e5f 2006.0/x86_64/php-imap-5.0.4-2.5.20060mdk.x86_64.rpm 183f14e7c52ad0b14692661afd478e3c 2006.0/x86_64/php-odbc-5.0.4-1.1.20060mdk.x86_64.rpm f156370ad26f48adcc9fbdb17eb04db1 2006.0/x86_64/php-session-5.0.4-1.1.20060mdk.x86_64.rpm 452f887b5fcfb2e568ec904b708f611c 2006.0/SRPMS/php-5.0.4-9.19.20060mdk.src.rpm 0ccd978c2b32e74087d237e334a46779 2006.0/SRPMS/php-imap-5.0.4-2.5.20060mdk.src.rpm d7549d0a1c8dd9a8989bbf2519d923fa 2006.0/SRPMS/php-odbc-5.0.4-1.1.20060mdk.src.rpm 92abeadef4272b1e1dff61c956923d23 2006.0/SRPMS/php-session-5.0.4-1.1.20060mdk.src.rpm Mandriva Linux 2007 cf3ef7426074a91964ef0086459cc889 2007.0/i586/libphp5_common5-5.1.6-1.6mdv2007.0.i586.rpm 8567efb3d4d7a41bcfeecd1c0a3c64e5 2007.0/i586/php-cgi-5.1.6-1.6mdv2007.0.i586.rpm 675213bf0e797a294776da1bbcbddc69 2007.0/i586/php-cli-5.1.6-1.6mdv2007.0.i586.rpm 115be2e3b5ca6b285dd359374ab4cf5c 2007.0/i586/php-devel-5.1.6-1.6mdv2007.0.i586.rpm b3ca1cf50e10f01d57d9471baf5f330c 2007.0/i586/php-fcgi-5.1.6-1.6mdv2007.0.i586.rpm 40225dcc5e0e4293be737a5043436010 2007.0/i586/php-imap-5.1.6-1.1mdv2007.0.i586.rpm ba41c7d542423eb42539dc6ab3e2ac9f 2007.0/i586/php-odbc-5.1.6-1.1mdv2007.0.i586.rpm 639ede4d200b60c4164f396d6e215b69 2007.0/i586/php-session-5.1.6-1.1mdv2007.0.i586.rpm 0b6a180bef35c9b1945f8c6bd81d7106 2007.0/SRPMS/php-5.1.6-1.6mdv2007.0.src.rpm 7d90955ba0926450ae4d3fe854744f36 2007.0/SRPMS/php-imap-5.1.6-1.1mdv2007.0.src.rpm ed1c1f68a2ffc6d9fdaef4bf7ad7f9b3 2007.0/SRPMS/php-odbc-5.1.6-1.1mdv2007.0.src.rpm 2959ad88632828e143d5ac98fae79a7b 2007.0/SRPMS/php-session-5.1.6-1.1mdv2007.0.src.rpm Mandriva Linux 2007/X86_64 0f3a963e7808ed8be25e7b17544c0c05 2007.0/x86_64/lib64php5_common5-5.1.6-1.6mdv2007.0.x86_64.rpm b7bb612bfc0cb39bb5648dd0b7ea4d37 2007.0/x86_64/php-cgi-5.1.6-1.6mdv2007.0.x86_64.rpm c4b459dc63debe260e8f06d4260e30fd 2007.0/x86_64/php-cli-5.1.6-1.6mdv2007.0.x86_64.rpm 18534448cbe23231900e3da51333dc67 2007.0/x86_64/php-devel-5.1.6-1.6mdv2007.0.x86_64.rpm 6bbd4f1f6c4e060de408183798a2f312 2007.0/x86_64/php-fcgi-5.1.6-1.6mdv2007.0.x86_64.rpm b8c0a446c7fa433e0678e3e58effccab 2007.0/x86_64/php-imap-5.1.6-1.1mdv2007.0.x86_64.rpm f49bb567345c6728baf879e943e15002 2007.0/x86_64/php-odbc-5.1.6-1.1mdv2007.0.x86_64.rpm e60efa04d5b12f98a1c9800c8d3d4a21 2007.0/x86_64/php-session-5.1.6-1.1mdv2007.0.x86_64.rpm 0b6a180bef35c9b1945f8c6bd81d7106 2007.0/SRPMS/php-5.1.6-1.6mdv2007.0.src.rpm 7d90955ba0926450ae4d3fe854744f36 2007.0/SRPMS/php-imap-5.1.6-1.1mdv2007.0.src.rpm ed1c1f68a2ffc6d9fdaef4bf7ad7f9b3 2007.0/SRPMS/php-odbc-5.1.6-1.1mdv2007.0.src.rpm 2959ad88632828e143d5ac98fae79a7b 2007.0/SRPMS/php-session-5.1.6-1.1mdv2007.0.src.rpm ORIGINAL ADVISORY: http://www.mandriva.com/security/advisories?name=MDKSA-2007:048 OTHER REFERENCES: SA24089: http://secunia.com/advisories/24089/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------