-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:127 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php Date : July 3, 2008 Affected: 2008.0 _______________________________________________________________________ Problem Description: A number of vulnerabilities have been found and corrected in PHP: The htmlentities() and htmlspecialchars() functions in PHP prior to 5.2.5 accepted partial multibyte sequences, which has unknown impact and attack vectors (CVE-2007-5898). The output_add_rewrite_var() function in PHP prior to 5.2.5 rewrites local forms in which the ACTION attribute references a non-local URL, which could allow a remote attacker to obtain potentially sensitive information by reading the requests for this URL (CVE-2007-5899). php-cgi in PHP prior to 5.2.6 does not properly calculate the length of PATH_TRANSLATED, which has unknown impact and attack vectors (CVE-2008-0599). The escapeshellcmd() API function in PHP prior to 5.2.6 has unknown impact and context-dependent attack vectors related to incomplete multibyte characters (CVE-2008-2051). Weaknesses in the GENERATE_SEED macro in PHP prior to 4.4.8 and 5.2.5 were discovered that could produce a zero seed in rare circumstances on 32bit systems and generations a portion of zero bits during conversion due to insufficient precision on 64bit systems (CVE-2008-2107, CVE-2008-2108). The IMAP module in PHP uses obsolete API calls that allow context-dependent attackers to cause a denial of service (crash) via a long IMAP request (CVE-2008-2829). In addition, this update also corrects an issue with some float to string conversions. The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5898 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5899 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-0599 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2051 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2107 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2108 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2829 http://qa.mandriva.com/show_bug.cgi?id=37171 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 4964496fdee7d2fff5f4b1fa8c14532b 2008.0/i586/libphp5_common5-5.2.4-3.2mdv2008.0.i586.rpm 39937c9c935ad96fb6cf346018b81d57 2008.0/i586/php-bcmath-5.2.4-3.2mdv2008.0.i586.rpm 112de70d3898dea5b99248eff489a78d 2008.0/i586/php-bz2-5.2.4-3.2mdv2008.0.i586.rpm 3f4804e2a62bcafa66c1ca7a181537fd 2008.0/i586/php-calendar-5.2.4-3.2mdv2008.0.i586.rpm 14377775243a1d5d3f3eed5f1b01261c 2008.0/i586/php-cgi-5.2.4-3.2mdv2008.0.i586.rpm 6dbade915c57c8d2b87352f8fe6e0450 2008.0/i586/php-cli-5.2.4-3.2mdv2008.0.i586.rpm 7a0cd01543c1e9f032018b5ce05f664a 2008.0/i586/php-ctype-5.2.4-3.2mdv2008.0.i586.rpm 22f4036085ae339b6fe8248b4e316850 2008.0/i586/php-curl-5.2.4-3.2mdv2008.0.i586.rpm 84a3f3752567dbbe12a4942da80a5b30 2008.0/i586/php-dba-5.2.4-3.2mdv2008.0.i586.rpm 65916c79bd3716748f2115542402f9e1 2008.0/i586/php-dbase-5.2.4-3.2mdv2008.0.i586.rpm 4ed4fbfc2322ab332de781b078f5fbf6 2008.0/i586/php-devel-5.2.4-3.2mdv2008.0.i586.rpm 8de4887cda8cb1ca0527a7ddac80da34 2008.0/i586/php-dom-5.2.4-3.2mdv2008.0.i586.rpm c1c3eeb952c1492e65bafa53cc98dda7 2008.0/i586/php-exif-5.2.4-3.2mdv2008.0.i586.rpm 5f4cb00ef6a273b03be7749d8181c873 2008.0/i586/php-fcgi-5.2.4-3.2mdv2008.0.i586.rpm 38d62f9676137e7f4267ec488d029e12 2008.0/i586/php-filter-5.2.4-3.2mdv2008.0.i586.rpm f72252bd88ec2e34a7821aa5a70c37c1 2008.0/i586/php-ftp-5.2.4-3.2mdv2008.0.i586.rpm 63b43f95c94e3f121a49c2c6016995bd 2008.0/i586/php-gd-5.2.4-3.2mdv2008.0.i586.rpm 8cd73b8ca8370954c7e8c3f92b17cf26 2008.0/i586/php-gettext-5.2.4-3.2mdv2008.0.i586.rpm 43702222ddbc3e9e8674d893174eab02 2008.0/i586/php-gmp-5.2.4-3.2mdv2008.0.i586.rpm 3db9582768562fb6edca7d37504ac555 2008.0/i586/php-hash-5.2.4-3.2mdv2008.0.i586.rpm 0494c0f6d0d1526d308ed8d131fe8771 2008.0/i586/php-iconv-5.2.4-3.2mdv2008.0.i586.rpm 74e84b579bd1fafa55b3792795b32a2a 2008.0/i586/php-imap-5.2.4-3.2mdv2008.0.i586.rpm c25acebf5ab78b503ce889f9d434eb9d 2008.0/i586/php-json-5.2.4-3.2mdv2008.0.i586.rpm 75c0858eebc00515193a8525e6abc52f 2008.0/i586/php-ldap-5.2.4-3.2mdv2008.0.i586.rpm ad813ea774c87cc21dfc03e1737e9992 2008.0/i586/php-mbstring-5.2.4-3.2mdv2008.0.i586.rpm cd672d701608dbc6285e83805b0caed6 2008.0/i586/php-mcrypt-5.2.4-3.2mdv2008.0.i586.rpm daff2f108122f193b1cdb7c53a63b439 2008.0/i586/php-mhash-5.2.4-3.2mdv2008.0.i586.rpm 41713242ffef20ec2d201f47cf1394ad 2008.0/i586/php-mime_magic-5.2.4-3.2mdv2008.0.i586.rpm c532358f85d2dc2c29ca328a9b2bdc3d 2008.0/i586/php-ming-5.2.4-3.2mdv2008.0.i586.rpm f1ebed79be33a3a04ec75e6fc300b5d1 2008.0/i586/php-mssql-5.2.4-3.2mdv2008.0.i586.rpm 116cb44f5b7092d2dbd4a0e2f861350f 2008.0/i586/php-mysql-5.2.4-3.2mdv2008.0.i586.rpm 856c66c7136d7ca94fdf22b873664b75 2008.0/i586/php-mysqli-5.2.4-3.2mdv2008.0.i586.rpm 731889df3739bb8413bf81287ba40459 2008.0/i586/php-ncurses-5.2.4-3.2mdv2008.0.i586.rpm 9d100f8050649a4601ee2eecbaf9db22 2008.0/i586/php-odbc-5.2.4-3.2mdv2008.0.i586.rpm 3333c9d55426bfdf7b14a4f3bfc0280b 2008.0/i586/php-openssl-5.2.4-3.2mdv2008.0.i586.rpm 0faf70d76ad40914abb2b07235db0fe0 2008.0/i586/php-pcntl-5.2.4-3.2mdv2008.0.i586.rpm 420c8170c11b5bcbf858e897a625a568 2008.0/i586/php-pdo-5.2.4-3.2mdv2008.0.i586.rpm 33fa19cf7c0ec490aaa4150f4d1dc68e 2008.0/i586/php-pdo_dblib-5.2.4-3.2mdv2008.0.i586.rpm 89245d8ab6d05972005ac5fb963d9021 2008.0/i586/php-pdo_mysql-5.2.4-3.2mdv2008.0.i586.rpm d7b8841964b26212fca668441102bb02 2008.0/i586/php-pdo_odbc-5.2.4-3.2mdv2008.0.i586.rpm a68b90f68d6627772b0b5fcda4352616 2008.0/i586/php-pdo_pgsql-5.2.4-3.2mdv2008.0.i586.rpm 7de4ce0b46f67f2b5e86bac05bcdee1b 2008.0/i586/php-pdo_sqlite-5.2.4-3.2mdv2008.0.i586.rpm c2600185c76439cdf4485308d96f677b 2008.0/i586/php-pgsql-5.2.4-3.2mdv2008.0.i586.rpm 36067daf02d684c247a0198478a9eca9 2008.0/i586/php-posix-5.2.4-3.2mdv2008.0.i586.rpm ca12377f3130587ed0e291219298ea85 2008.0/i586/php-pspell-5.2.4-3.2mdv2008.0.i586.rpm 7bb0a857e8d68a167d2619896aa9138d 2008.0/i586/php-readline-5.2.4-3.2mdv2008.0.i586.rpm 3d84362d34a97213908a060a011b761b 2008.0/i586/php-recode-5.2.4-3.2mdv2008.0.i586.rpm b3be6e8921d1400699bf5dd8d01534b8 2008.0/i586/php-session-5.2.4-3.2mdv2008.0.i586.rpm de73d4de81f7ff00ed7043fdaeb92c2b 2008.0/i586/php-shmop-5.2.4-3.2mdv2008.0.i586.rpm 4e90e4c3bbf351c3e25d719803dbbbcd 2008.0/i586/php-simplexml-5.2.4-3.2mdv2008.0.i586.rpm 0ba85b7cd04ae54c1be0212a3651abe7 2008.0/i586/php-snmp-5.2.4-3.2mdv2008.0.i586.rpm 1edddb67795d167f199d08ad7c8544f7 2008.0/i586/php-soap-5.2.4-3.2mdv2008.0.i586.rpm 447a4d2ce60d61385f655800582b255f 2008.0/i586/php-sockets-5.2.4-3.2mdv2008.0.i586.rpm 7d1da4760885e4a93085a3251522c359 2008.0/i586/php-sqlite-5.2.4-3.2mdv2008.0.i586.rpm 8ed94bd708eaa97d8274c3247f431a09 2008.0/i586/php-sysvmsg-5.2.4-3.2mdv2008.0.i586.rpm d1a8c118166c26bdd9a51a6539c2170d 2008.0/i586/php-sysvsem-5.2.4-3.2mdv2008.0.i586.rpm 8fcb4e6ff9be40125d31dfa72c91304a 2008.0/i586/php-sysvshm-5.2.4-3.2mdv2008.0.i586.rpm e41ed56b79a47764bd2569c4807ef6c5 2008.0/i586/php-tidy-5.2.4-3.2mdv2008.0.i586.rpm d004aa350d12aa97d9e38facb7384923 2008.0/i586/php-tokenizer-5.2.4-3.2mdv2008.0.i586.rpm 9b530981f55d4c13a135e9795ae26e80 2008.0/i586/php-wddx-5.2.4-3.2mdv2008.0.i586.rpm 1d69762dc0ab2230eaa1b89649aa321d 2008.0/i586/php-xml-5.2.4-3.2mdv2008.0.i586.rpm 79c68e71802c054e7f6a3fff96c135de 2008.0/i586/php-xmlreader-5.2.4-3.2mdv2008.0.i586.rpm efe5041757651f3b5e699031f6cdf69f 2008.0/i586/php-xmlrpc-5.2.4-3.2mdv2008.0.i586.rpm 21ffedc32409617c2aa4e433818e349a 2008.0/i586/php-xmlwriter-5.2.4-3.2mdv2008.0.i586.rpm a9317dbd662e0c0a9d718ed37c2b2bad 2008.0/i586/php-xsl-5.2.4-3.2mdv2008.0.i586.rpm 5c4ed89d027aea291d01d535a0b9b404 2008.0/i586/php-zlib-5.2.4-3.2mdv2008.0.i586.rpm 2c717855b2ed804e20c05da11f958e6b 2008.0/SRPMS/php-5.2.4-3.2mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 7c6ec0a220b884b70591d817b018854e 2008.0/x86_64/lib64php5_common5-5.2.4-3.2mdv2008.0.x86_64.rpm f82a02bf5481d88a10fd4a9435da20f1 2008.0/x86_64/php-bcmath-5.2.4-3.2mdv2008.0.x86_64.rpm c07ecb49cc0c56f85c2240c77d55e604 2008.0/x86_64/php-bz2-5.2.4-3.2mdv2008.0.x86_64.rpm 55f39affa7ae19880ba553909c6f22fd 2008.0/x86_64/php-calendar-5.2.4-3.2mdv2008.0.x86_64.rpm 84419c18107b9c0a1b0babbd97dc60b2 2008.0/x86_64/php-cgi-5.2.4-3.2mdv2008.0.x86_64.rpm 76cd079e91c6c4e295769fe37b7bbb87 2008.0/x86_64/php-cli-5.2.4-3.2mdv2008.0.x86_64.rpm 7fc9beea712fd5078c89c34af19a9946 2008.0/x86_64/php-ctype-5.2.4-3.2mdv2008.0.x86_64.rpm d284562916df646f74a804f91fcd659a 2008.0/x86_64/php-curl-5.2.4-3.2mdv2008.0.x86_64.rpm faa6f7d38a59cfa81e931e9537f6381d 2008.0/x86_64/php-dba-5.2.4-3.2mdv2008.0.x86_64.rpm 0403c3c1073a5e4887dd978ba4c0b14a 2008.0/x86_64/php-dbase-5.2.4-3.2mdv2008.0.x86_64.rpm 2571b773d626d0c2b14fca3be0dbcdd5 2008.0/x86_64/php-devel-5.2.4-3.2mdv2008.0.x86_64.rpm c0beeee29f9d5306162b59593f4b6590 2008.0/x86_64/php-dom-5.2.4-3.2mdv2008.0.x86_64.rpm c391c5b836ad63f1599333a823f9785b 2008.0/x86_64/php-exif-5.2.4-3.2mdv2008.0.x86_64.rpm c5af8ee7d5938468ea36424adddb42cb 2008.0/x86_64/php-fcgi-5.2.4-3.2mdv2008.0.x86_64.rpm a1e2e7e3c5d96ba24a205f0c6f799755 2008.0/x86_64/php-filter-5.2.4-3.2mdv2008.0.x86_64.rpm 5d0f0db6c857986a8e0bed8ce1b2f274 2008.0/x86_64/php-ftp-5.2.4-3.2mdv2008.0.x86_64.rpm f29b00bc367ec0c17fca44a0eca1d2ee 2008.0/x86_64/php-gd-5.2.4-3.2mdv2008.0.x86_64.rpm 9f36fac78f0615052cb1459981796eb5 2008.0/x86_64/php-gettext-5.2.4-3.2mdv2008.0.x86_64.rpm 8b02cd2bfc64dafe36221ab2a84f1e1e 2008.0/x86_64/php-gmp-5.2.4-3.2mdv2008.0.x86_64.rpm 6b8b3e930cad66d85c1e7c3798082696 2008.0/x86_64/php-hash-5.2.4-3.2mdv2008.0.x86_64.rpm a7f7d7e45415de6e8806ec8cd24fab15 2008.0/x86_64/php-iconv-5.2.4-3.2mdv2008.0.x86_64.rpm e71c04769901527f75bb32900d19138e 2008.0/x86_64/php-imap-5.2.4-3.2mdv2008.0.x86_64.rpm ea23fc2159c3fe956eef9a55335b87f4 2008.0/x86_64/php-json-5.2.4-3.2mdv2008.0.x86_64.rpm 6ff77a39d3998b24650dc91eb09e902e 2008.0/x86_64/php-ldap-5.2.4-3.2mdv2008.0.x86_64.rpm 441208300d91f0849ca6e0b8e26b9b19 2008.0/x86_64/php-mbstring-5.2.4-3.2mdv2008.0.x86_64.rpm a95bec26dfd5e2a8773a5edcca612c9b 2008.0/x86_64/php-mcrypt-5.2.4-3.2mdv2008.0.x86_64.rpm 167bc322f2204d4c643ce499e8f303a2 2008.0/x86_64/php-mhash-5.2.4-3.2mdv2008.0.x86_64.rpm 34b6a244a5361ea596b78e31e152087d 2008.0/x86_64/php-mime_magic-5.2.4-3.2mdv2008.0.x86_64.rpm 07c137c89962d1bf9f02eb76d590fc9b 2008.0/x86_64/php-ming-5.2.4-3.2mdv2008.0.x86_64.rpm a4a23328014899da202ca3585202fb14 2008.0/x86_64/php-mssql-5.2.4-3.2mdv2008.0.x86_64.rpm fc523fd93e5ed4f8b5b2bdebfbb084c1 2008.0/x86_64/php-mysql-5.2.4-3.2mdv2008.0.x86_64.rpm d0c36a5ec8f31317ef18d4f86ab0d0e8 2008.0/x86_64/php-mysqli-5.2.4-3.2mdv2008.0.x86_64.rpm 5548d0c4b41141ef095cef2b10e48e65 2008.0/x86_64/php-ncurses-5.2.4-3.2mdv2008.0.x86_64.rpm 4afea2b1f843ab580288c7d2e2970885 2008.0/x86_64/php-odbc-5.2.4-3.2mdv2008.0.x86_64.rpm 46ba4fa02760007576378428bb80feb5 2008.0/x86_64/php-openssl-5.2.4-3.2mdv2008.0.x86_64.rpm 79ff2c4c60b58c950db9336e1ba2e5ec 2008.0/x86_64/php-pcntl-5.2.4-3.2mdv2008.0.x86_64.rpm 30a0c1a42dee0e63df8edf4a03705583 2008.0/x86_64/php-pdo-5.2.4-3.2mdv2008.0.x86_64.rpm 4934e452fdddfea4bd049319256e5c0b 2008.0/x86_64/php-pdo_dblib-5.2.4-3.2mdv2008.0.x86_64.rpm 2aac1840cceb12487440906758b302d9 2008.0/x86_64/php-pdo_mysql-5.2.4-3.2mdv2008.0.x86_64.rpm e2f8ff3183b0aa2502f6f0f8b9c25dbf 2008.0/x86_64/php-pdo_odbc-5.2.4-3.2mdv2008.0.x86_64.rpm 8f6d42248dbb2733ea961832bf1c8002 2008.0/x86_64/php-pdo_pgsql-5.2.4-3.2mdv2008.0.x86_64.rpm 12fa367e082312b6ca239c48aa60d532 2008.0/x86_64/php-pdo_sqlite-5.2.4-3.2mdv2008.0.x86_64.rpm 80cef4fd4f1bd43aafd329f5d3dd0746 2008.0/x86_64/php-pgsql-5.2.4-3.2mdv2008.0.x86_64.rpm ffe606c87612f73ce2aa346e2f6ef88a 2008.0/x86_64/php-posix-5.2.4-3.2mdv2008.0.x86_64.rpm e5a43918a92e042abb8744462c11450d 2008.0/x86_64/php-pspell-5.2.4-3.2mdv2008.0.x86_64.rpm 3489f296995bbd4c39060a4dcef708a8 2008.0/x86_64/php-readline-5.2.4-3.2mdv2008.0.x86_64.rpm 056f4802270d25466956722a084c0630 2008.0/x86_64/php-recode-5.2.4-3.2mdv2008.0.x86_64.rpm de836669d4705ce2876002be7c0ac0f5 2008.0/x86_64/php-session-5.2.4-3.2mdv2008.0.x86_64.rpm a6911b797b25eaecd320da289c8a6032 2008.0/x86_64/php-shmop-5.2.4-3.2mdv2008.0.x86_64.rpm b477a40948286c534204d1d4f22f9ab0 2008.0/x86_64/php-simplexml-5.2.4-3.2mdv2008.0.x86_64.rpm 80f3d118ca6cf804d4ae1f9239ca443b 2008.0/x86_64/php-snmp-5.2.4-3.2mdv2008.0.x86_64.rpm b84262ac2963a40a1b2cead035c73a66 2008.0/x86_64/php-soap-5.2.4-3.2mdv2008.0.x86_64.rpm 06c54cc25362d9402c57975c0c1fdb6c 2008.0/x86_64/php-sockets-5.2.4-3.2mdv2008.0.x86_64.rpm 979551b073fb7a07dac96b7590e75eab 2008.0/x86_64/php-sqlite-5.2.4-3.2mdv2008.0.x86_64.rpm 76a11ff08c0e8b10b54996ddc4d24f33 2008.0/x86_64/php-sysvmsg-5.2.4-3.2mdv2008.0.x86_64.rpm 899c3c8cf2604a34c95c1f2777f7faca 2008.0/x86_64/php-sysvsem-5.2.4-3.2mdv2008.0.x86_64.rpm 0e9dca07c599f6ab0fe7cd678bfd4056 2008.0/x86_64/php-sysvshm-5.2.4-3.2mdv2008.0.x86_64.rpm 23554f0d3e453e262d8cf06004570db2 2008.0/x86_64/php-tidy-5.2.4-3.2mdv2008.0.x86_64.rpm a9775d8aa17c056b6ecf33493f460af6 2008.0/x86_64/php-tokenizer-5.2.4-3.2mdv2008.0.x86_64.rpm 0de28245d48636781d26186a3f7aa3bf 2008.0/x86_64/php-wddx-5.2.4-3.2mdv2008.0.x86_64.rpm c68b945348738daedffaffc2c7116921 2008.0/x86_64/php-xml-5.2.4-3.2mdv2008.0.x86_64.rpm 11a1d8dfe53bc833def78382853ec2bd 2008.0/x86_64/php-xmlreader-5.2.4-3.2mdv2008.0.x86_64.rpm 8695d6aa557f9947b1c85c9b1f0ff794 2008.0/x86_64/php-xmlrpc-5.2.4-3.2mdv2008.0.x86_64.rpm 30921f94417b1c0a36d91097319ccb69 2008.0/x86_64/php-xmlwriter-5.2.4-3.2mdv2008.0.x86_64.rpm fc8bd211ec721efe34e79b9c37c50be4 2008.0/x86_64/php-xsl-5.2.4-3.2mdv2008.0.x86_64.rpm 20f1b68969555b6d16ee4862f9dbf401 2008.0/x86_64/php-zlib-5.2.4-3.2mdv2008.0.x86_64.rpm 2c717855b2ed804e20c05da11f958e6b 2008.0/SRPMS/php-5.2.4-3.2mdv2008.0.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFIbT1tmqjQ0CJFipgRArQFAKCcqymdDdwSuu+57idL7jxJ9IPiEQCeN8oP oaOP1b+JJp5AsiD6UfECzaY= =7pe0 -----END PGP SIGNATURE-----