LISTSERV - SCIENTIFIC-LINUX-ERRATA Archives

SCIENTIFIC-LINUX-ERRATA Archives

December 2013

SCIENTIFIC-LINUX-ERRATA@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-ERRATA Home
	SCIENTIFIC-LINUX-ERRATA December 2013

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Security ERRATA Moderate: php on SL6.x i386/x86_64
From:	Pat Riehecky <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Tue, 3 Dec 2013 20:07:13 +0000
Content-Type:	text/plain
Parts/Attachments:	text/plain (114 lines)

Synopsis:          Moderate: php security, bug fix, and enhancement update
Advisory ID:       SLSA-2013:1615-2
Issue Date:        2013-11-21
CVE Numbers:       CVE-2006-7243
                   CVE-2013-1643
                   CVE-2013-4248
--

It was found that PHP did not properly handle file names with a NULL
character. A remote attacker could possibly use this flaw to make a PHP
script access unexpected files and bypass intended file system access
restrictions. (CVE-2006-7243)

A flaw was found in PHP's SSL client's hostname identity check when
handling certificates that contain hostnames with NULL bytes. If an
attacker was able to get a carefully crafted certificate signed by a
trusted Certificate Authority, the attacker could use the certificate to
conduct man-in-the-middle attacks to spoof SSL servers. (CVE-2013-4248)

It was found that the PHP SOAP parser allowed the expansion of external
XML entities during SOAP message parsing. A remote attacker could possibly
use this flaw to read arbitrary files that are accessible to a PHP
application using a SOAP extension. (CVE-2013-1643)

This update fixes the following bugs:

* Previously, when the allow_call_time_pass_reference setting was
disabled, a virtual host on the Apache server could terminate with a
segmentation fault when attempting to process certain PHP content. This
bug has been fixed and virtual hosts no longer crash when
allow_call_time_pass_reference is off.

* Prior to this update, if an error occurred during the operation of the
fclose(), file_put_contents(), or copy() function, the function did not
report it. This could have led to data loss. With this update, the
aforementioned functions have been modified to properly report any errors.

* The internal buffer for the SQLSTATE error code can store maximum of 5
characters. Previously, when certain calls exceeded this limit, a buffer
overflow occurred. With this update, messages longer than 5 characters are
automatically replaced with the default "HY000" string, thus preventing
the overflow.

In addition, this update adds the following enhancement:

* This update adds the following rpm macros to the php package: %__php,
%php_inidir, %php_incldir.

After installing the updated packages, the httpd daemon must be restarted
for the update to take effect.
--

SL6
  x86_64
    php-5.3.3-26.el6.x86_64.rpm
    php-bcmath-5.3.3-26.el6.x86_64.rpm
    php-cli-5.3.3-26.el6.x86_64.rpm
    php-common-5.3.3-26.el6.x86_64.rpm
    php-dba-5.3.3-26.el6.x86_64.rpm
    php-debuginfo-5.3.3-26.el6.x86_64.rpm
    php-devel-5.3.3-26.el6.x86_64.rpm
    php-embedded-5.3.3-26.el6.x86_64.rpm
    php-enchant-5.3.3-26.el6.x86_64.rpm
    php-fpm-5.3.3-26.el6.x86_64.rpm
    php-gd-5.3.3-26.el6.x86_64.rpm
    php-imap-5.3.3-26.el6.x86_64.rpm
    php-intl-5.3.3-26.el6.x86_64.rpm
    php-ldap-5.3.3-26.el6.x86_64.rpm
    php-mbstring-5.3.3-26.el6.x86_64.rpm
    php-mysql-5.3.3-26.el6.x86_64.rpm
    php-odbc-5.3.3-26.el6.x86_64.rpm
    php-pdo-5.3.3-26.el6.x86_64.rpm
    php-pgsql-5.3.3-26.el6.x86_64.rpm
    php-process-5.3.3-26.el6.x86_64.rpm
    php-pspell-5.3.3-26.el6.x86_64.rpm
    php-recode-5.3.3-26.el6.x86_64.rpm
    php-snmp-5.3.3-26.el6.x86_64.rpm
    php-soap-5.3.3-26.el6.x86_64.rpm
    php-tidy-5.3.3-26.el6.x86_64.rpm
    php-xml-5.3.3-26.el6.x86_64.rpm
    php-xmlrpc-5.3.3-26.el6.x86_64.rpm
    php-zts-5.3.3-26.el6.x86_64.rpm
  i386
    php-5.3.3-26.el6.i686.rpm
    php-bcmath-5.3.3-26.el6.i686.rpm
    php-cli-5.3.3-26.el6.i686.rpm
    php-common-5.3.3-26.el6.i686.rpm
    php-dba-5.3.3-26.el6.i686.rpm
    php-debuginfo-5.3.3-26.el6.i686.rpm
    php-devel-5.3.3-26.el6.i686.rpm
    php-embedded-5.3.3-26.el6.i686.rpm
    php-enchant-5.3.3-26.el6.i686.rpm
    php-fpm-5.3.3-26.el6.i686.rpm
    php-gd-5.3.3-26.el6.i686.rpm
    php-imap-5.3.3-26.el6.i686.rpm
    php-intl-5.3.3-26.el6.i686.rpm
    php-ldap-5.3.3-26.el6.i686.rpm
    php-mbstring-5.3.3-26.el6.i686.rpm
    php-mysql-5.3.3-26.el6.i686.rpm
    php-odbc-5.3.3-26.el6.i686.rpm
    php-pdo-5.3.3-26.el6.i686.rpm
    php-pgsql-5.3.3-26.el6.i686.rpm
    php-process-5.3.3-26.el6.i686.rpm
    php-pspell-5.3.3-26.el6.i686.rpm
    php-recode-5.3.3-26.el6.i686.rpm
    php-snmp-5.3.3-26.el6.i686.rpm
    php-soap-5.3.3-26.el6.i686.rpm
    php-tidy-5.3.3-26.el6.i686.rpm
    php-xml-5.3.3-26.el6.i686.rpm
    php-xmlrpc-5.3.3-26.el6.i686.rpm
    php-zts-5.3.3-26.el6.i686.rpm

- Scientific Linux Development Team

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV