Synopsis: Moderate: php security, bug fix, and enhancement update Advisory ID: SLSA-2013:1615-2 Issue Date: 2013-11-21 CVE Numbers: CVE-2006-7243 CVE-2013-1643 CVE-2013-4248 -- It was found that PHP did not properly handle file names with a NULL character. A remote attacker could possibly use this flaw to make a PHP script access unexpected files and bypass intended file system access restrictions. (CVE-2006-7243) A flaw was found in PHP's SSL client's hostname identity check when handling certificates that contain hostnames with NULL bytes. If an attacker was able to get a carefully crafted certificate signed by a trusted Certificate Authority, the attacker could use the certificate to conduct man-in-the-middle attacks to spoof SSL servers. (CVE-2013-4248) It was found that the PHP SOAP parser allowed the expansion of external XML entities during SOAP message parsing. A remote attacker could possibly use this flaw to read arbitrary files that are accessible to a PHP application using a SOAP extension. (CVE-2013-1643) This update fixes the following bugs: * Previously, when the allow_call_time_pass_reference setting was disabled, a virtual host on the Apache server could terminate with a segmentation fault when attempting to process certain PHP content. This bug has been fixed and virtual hosts no longer crash when allow_call_time_pass_reference is off. * Prior to this update, if an error occurred during the operation of the fclose(), file_put_contents(), or copy() function, the function did not report it. This could have led to data loss. With this update, the aforementioned functions have been modified to properly report any errors. * The internal buffer for the SQLSTATE error code can store maximum of 5 characters. Previously, when certain calls exceeded this limit, a buffer overflow occurred. With this update, messages longer than 5 characters are automatically replaced with the default "HY000" string, thus preventing the overflow. In addition, this update adds the following enhancement: * This update adds the following rpm macros to the php package: %__php, %php_inidir, %php_incldir. After installing the updated packages, the httpd daemon must be restarted for the update to take effect. -- SL6 x86_64 php-5.3.3-26.el6.x86_64.rpm php-bcmath-5.3.3-26.el6.x86_64.rpm php-cli-5.3.3-26.el6.x86_64.rpm php-common-5.3.3-26.el6.x86_64.rpm php-dba-5.3.3-26.el6.x86_64.rpm php-debuginfo-5.3.3-26.el6.x86_64.rpm php-devel-5.3.3-26.el6.x86_64.rpm php-embedded-5.3.3-26.el6.x86_64.rpm php-enchant-5.3.3-26.el6.x86_64.rpm php-fpm-5.3.3-26.el6.x86_64.rpm php-gd-5.3.3-26.el6.x86_64.rpm php-imap-5.3.3-26.el6.x86_64.rpm php-intl-5.3.3-26.el6.x86_64.rpm php-ldap-5.3.3-26.el6.x86_64.rpm php-mbstring-5.3.3-26.el6.x86_64.rpm php-mysql-5.3.3-26.el6.x86_64.rpm php-odbc-5.3.3-26.el6.x86_64.rpm php-pdo-5.3.3-26.el6.x86_64.rpm php-pgsql-5.3.3-26.el6.x86_64.rpm php-process-5.3.3-26.el6.x86_64.rpm php-pspell-5.3.3-26.el6.x86_64.rpm php-recode-5.3.3-26.el6.x86_64.rpm php-snmp-5.3.3-26.el6.x86_64.rpm php-soap-5.3.3-26.el6.x86_64.rpm php-tidy-5.3.3-26.el6.x86_64.rpm php-xml-5.3.3-26.el6.x86_64.rpm php-xmlrpc-5.3.3-26.el6.x86_64.rpm php-zts-5.3.3-26.el6.x86_64.rpm i386 php-5.3.3-26.el6.i686.rpm php-bcmath-5.3.3-26.el6.i686.rpm php-cli-5.3.3-26.el6.i686.rpm php-common-5.3.3-26.el6.i686.rpm php-dba-5.3.3-26.el6.i686.rpm php-debuginfo-5.3.3-26.el6.i686.rpm php-devel-5.3.3-26.el6.i686.rpm php-embedded-5.3.3-26.el6.i686.rpm php-enchant-5.3.3-26.el6.i686.rpm php-fpm-5.3.3-26.el6.i686.rpm php-gd-5.3.3-26.el6.i686.rpm php-imap-5.3.3-26.el6.i686.rpm php-intl-5.3.3-26.el6.i686.rpm php-ldap-5.3.3-26.el6.i686.rpm php-mbstring-5.3.3-26.el6.i686.rpm php-mysql-5.3.3-26.el6.i686.rpm php-odbc-5.3.3-26.el6.i686.rpm php-pdo-5.3.3-26.el6.i686.rpm php-pgsql-5.3.3-26.el6.i686.rpm php-process-5.3.3-26.el6.i686.rpm php-pspell-5.3.3-26.el6.i686.rpm php-recode-5.3.3-26.el6.i686.rpm php-snmp-5.3.3-26.el6.i686.rpm php-soap-5.3.3-26.el6.i686.rpm php-tidy-5.3.3-26.el6.i686.rpm php-xml-5.3.3-26.el6.i686.rpm php-xmlrpc-5.3.3-26.el6.i686.rpm php-zts-5.3.3-26.el6.i686.rpm - Scientific Linux Development Team