-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2009:024 http://www.mandriva.com/security/ _______________________________________________________________________ Package : php4 Date : January 21, 2009 Affected: Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: A buffer overflow in the imageloadfont() function in PHP allowed context-dependent attackers to cause a denial of service (crash) and potentially execute arbitrary code via a crafted font file (CVE-2008-3658). A buffer overflow in the memnstr() function allowed context-dependent attackers to cause a denial of service (crash) and potentially execute arbitrary code via the delimiter argument to the explode() function (CVE-2008-3659). PHP, when used as a FastCGI module, allowed remote attackers to cause a denial of service (crash) via a request with multiple dots preceding the extension (CVE-2008-3660). The updated packages have been patched to correct these issues. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3658 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3659 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3660 _______________________________________________________________________ Updated Packages: Corporate 3.0: acf26c8efc90342d906e59c0444bd46a corporate/3.0/i586/libphp_common432-4.3.4-4.29.C30mdk.i586.rpm f7cf98731681e6af45aca3dd2246c0f7 corporate/3.0/i586/php432-devel-4.3.4-4.29.C30mdk.i586.rpm 8f8d00fa42b95a28e77d600d081c95d9 corporate/3.0/i586/php-cgi-4.3.4-4.29.C30mdk.i586.rpm d6b96c7cf8d6416ec3d8bb111c4440da corporate/3.0/i586/php-cli-4.3.4-4.29.C30mdk.i586.rpm 57b308993c4e4635f343d4ef0d36a6c2 corporate/3.0/SRPMS/php-4.3.4-4.29.C30mdk.src.rpm Corporate 3.0/X86_64: 8164e4bfb1a7ffb5fd1bca2afcaef9ef corporate/3.0/x86_64/lib64php_common432-4.3.4-4.29.C30mdk.x86_64.rpm 625a98ec0ec42052ffbb9da5f8b9caca corporate/3.0/x86_64/php432-devel-4.3.4-4.29.C30mdk.x86_64.rpm 5b3143860009e7cf82f323e45f575324 corporate/3.0/x86_64/php-cgi-4.3.4-4.29.C30mdk.x86_64.rpm 48bff6270d231dffc8a5fbfbe0d1630e corporate/3.0/x86_64/php-cli-4.3.4-4.29.C30mdk.x86_64.rpm 57b308993c4e4635f343d4ef0d36a6c2 corporate/3.0/SRPMS/php-4.3.4-4.29.C30mdk.src.rpm Corporate 4.0: 828884555043ebbf5af7d91d8a6401ad corporate/4.0/i586/libphp4_common4-4.4.4-1.9.20060mlcs4.i586.rpm ac0b8ea0e61fdda9e8716fde02f25100 corporate/4.0/i586/php4-cgi-4.4.4-1.9.20060mlcs4.i586.rpm 19eddb6987778bee19f9978cc59cb54b corporate/4.0/i586/php4-cli-4.4.4-1.9.20060mlcs4.i586.rpm 4ea6bb54f1ea066cd6ee29d894d9a0fd corporate/4.0/i586/php4-devel-4.4.4-1.9.20060mlcs4.i586.rpm dc2d58cb2ed98936ec15dc030689fb14 corporate/4.0/SRPMS/php4-4.4.4-1.9.20060mlcs4.src.rpm Corporate 4.0/X86_64: 60d3900495dd46161a6ba20fdbdfdd7d corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.9.20060mlcs4.x86_64.rpm 60e039c9d60030616e4f05c81ea29455 corporate/4.0/x86_64/php4-cgi-4.4.4-1.9.20060mlcs4.x86_64.rpm f8e9e9faf82d8edbe2d9bf88572f2311 corporate/4.0/x86_64/php4-cli-4.4.4-1.9.20060mlcs4.x86_64.rpm 5561a9c77979daf567d1acffc73d4918 corporate/4.0/x86_64/php4-devel-4.4.4-1.9.20060mlcs4.x86_64.rpm dc2d58cb2ed98936ec15dc030689fb14 corporate/4.0/SRPMS/php4-4.4.4-1.9.20060mlcs4.src.rpm Multi Network Firewall 2.0: 0183137a3353b21a77e147b745d21ec4 mnf/2.0/i586/libphp_common432-4.3.4-4.29.C30mdk.i586.rpm 1173011f1e24f85619f78966b1533e11 mnf/2.0/i586/php-cgi-4.3.4-4.29.C30mdk.i586.rpm b726b9c13b620a12c5e8603c197d76c9 mnf/2.0/i586/php-cli-4.3.4-4.29.C30mdk.i586.rpm 87805cd270bffde644fee3ec29ecfd54 mnf/2.0/SRPMS/php-4.3.4-4.29.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJd55+mqjQ0CJFipgRAmtGAJ45ZVHxX/mQROiWu/W+EmPyT+UwFgCfRdDR jaoTCVqDPgqPjX/k4OYu1Vk= =fHY4 -----END PGP SIGNATURE-----