Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

[ MDVSA-2009:303 ] php
From: security () mandriva com
Date: Sat, 28 Nov 2009 21:40:00 +0100


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2009:303
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : php
 Date    : November 28, 2009
 Affected: 2009.1
 _______________________________________________________________________

 Problem Description:

 Some vulnerabilities were discovered and corrected in php-5.2.11:
 
 The tempnam function in ext/standard/file.c in PHP 5.2.11 and
 earlier, and 5.3.x before 5.3.1, allows context-dependent attackers
 to bypass safe_mode restrictions, and create files in group-writable
 or world-writable directories, via the dir and prefix arguments
 (CVE-2009-3557).
 
 The posix_mkfifo function in ext/posix/posix.c in PHP 5.2.11 and
 earlier, and 5.3.x before 5.3.1, allows context-dependent attackers
 to bypass open_basedir restrictions, and create FIFO files, via the
 pathname and mode arguments, as demonstrated by creating a .htaccess
 file (CVE-2009-3558).
 
 PHP 5.2.11, and 5.3.x before 5.3.1, does not restrict the number
 of temporary files created when handling a multipart/form-data POST
 request, which allows remote attackers to cause a denial of service
 (resource exhaustion), and makes it easier for remote attackers to
 exploit local file inclusion vulnerabilities, via multiple requests,
 related to lack of support for the max_file_uploads directive
 (CVE-2009-4017).
 
 The proc_open function in ext/standard/proc_open.c in PHP
 before 5.2.11 and 5.3.x before 5.3.1 does not enforce the (1)
 safe_mode_allowed_env_vars and (2) safe_mode_protected_env_vars
 directives, which allows context-dependent attackers to execute
 programs with an arbitrary environment via the env parameter, as
 demonstrated by a crafted value of the LD_LIBRARY_PATH environment
 variable (CVE-2009-4018).
 
 Intermittent segfaults occured on x86_64 with the latest phpmyadmin
 and with apache (#53735).
 
 Additionally, some packages which require so, have been rebuilt and
 are being provided as updates.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3557
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3558
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4017
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4018
 https://qa.mandriva.com/53735
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2009.1:
 d6253b5d6b67fe9e29ead3314500811a  2009.1/i586/apache-mod_php-5.2.11-0.2mdv2009.1.i586.rpm
 8317800428a0cda85e73f1fd6197aa7f  2009.1/i586/libphp5_common5-5.2.11-0.2mdv2009.1.i586.rpm
 fa6660f4f2c13230591234b4e4221396  2009.1/i586/php-apc-3.1.3p1-0.1mdv2009.1.i586.rpm
 41b24ec40efb1ec4682038e0cfa63c2e  2009.1/i586/php-apc-admin-3.1.3p1-0.1mdv2009.1.i586.rpm
 5221e779179ed303f2e8296a7eb40376  2009.1/i586/php-bcmath-5.2.11-0.2mdv2009.1.i586.rpm
 1c610ca1bc10102f729f44e0ea51cdbd  2009.1/i586/php-bz2-5.2.11-0.2mdv2009.1.i586.rpm
 f2ea50c5e8ae82895d83bc8e875bd068  2009.1/i586/php-calendar-5.2.11-0.2mdv2009.1.i586.rpm
 9bca06c8d3b5cea48dd8113ab8b14eec  2009.1/i586/php-cgi-5.2.11-0.2mdv2009.1.i586.rpm
 97a171fabf60d80e6adfd8397484940a  2009.1/i586/php-cli-5.2.11-0.2mdv2009.1.i586.rpm
 0982589d8adf977a9b8fd5dfb8772195  2009.1/i586/php-ctype-5.2.11-0.2mdv2009.1.i586.rpm
 8887ba775917adc531208a29b46d40a3  2009.1/i586/php-curl-5.2.11-0.2mdv2009.1.i586.rpm
 b853fd43dcc0d41ed76c99b8cfd0161d  2009.1/i586/php-dba-5.2.11-0.2mdv2009.1.i586.rpm
 8f27c08eacfa7fa6736481e0331779ae  2009.1/i586/php-dbase-5.2.11-0.2mdv2009.1.i586.rpm
 304c768d7aa7159d61f675179d95e27f  2009.1/i586/php-dbx-1.1.0-26.1mdv2009.1.i586.rpm
 a43b31d87edf15967fc1bb14e86649ed  2009.1/i586/php-devel-5.2.11-0.2mdv2009.1.i586.rpm
 895f8ede6191cca1e547e6b74e4d2a92  2009.1/i586/php-dio-0.0.2-3.1mdv2009.1.i586.rpm
 c03c9ae71de51dd52fb85b86c36ccdba  2009.1/i586/php-dom-5.2.11-0.2mdv2009.1.i586.rpm
 b083ea7848154bc9152cb7a335b81fcc  2009.1/i586/php-eaccelerator-0.9.5.3-8.1mdv2009.1.i586.rpm
 022595d3b6ae4d4ee796ee8275929551  2009.1/i586/php-eaccelerator-admin-0.9.5.3-8.1mdv2009.1.i586.rpm
 0fa75d1ae3207ed333b753c5812dd5ef  2009.1/i586/php-exif-5.2.11-0.2mdv2009.1.i586.rpm
 00babf1c5db0f2d1fb1d1ce5798a2860  2009.1/i586/php-fam-5.0.1-7.1mdv2009.1.i586.rpm
 efb36e532b0d70701c487421152f2072  2009.1/i586/php-fcgi-5.2.11-0.2mdv2009.1.i586.rpm
 58762976212d02998eb9e14699cd7e3f  2009.1/i586/php-fileinfo-1.0.4-15.1mdv2009.1.i586.rpm
 4aec2ef9767225c12b80b0ca99ae378d  2009.1/i586/php-filepro-5.1.6-17.1mdv2009.1.i586.rpm
 382c7714c48758c531624da6b69d6c8f  2009.1/i586/php-filter-5.2.11-0.2mdv2009.1.i586.rpm
 cb9239b9b5e0b1fd02063d845417c551  2009.1/i586/php-ftp-5.2.11-0.2mdv2009.1.i586.rpm
 807c98e8e0d74980ef1c724084c04b57  2009.1/i586/php-gd-5.2.11-0.2mdv2009.1.i586.rpm
 2aea5bec3838eb67d06cb3076560a5bf  2009.1/i586/php-gettext-5.2.11-0.2mdv2009.1.i586.rpm
 b7281e53036b7c7ec2d9edad084f8aeb  2009.1/i586/php-gmp-5.2.11-0.2mdv2009.1.i586.rpm
 0797234189e5806606081bd4abe54677  2009.1/i586/php-hash-5.2.11-0.2mdv2009.1.i586.rpm
 c5a40bc573d8d9bcf1a3f35a70a0c4fc  2009.1/i586/php-iconv-5.2.11-0.2mdv2009.1.i586.rpm
 0962b3e43005b963ee94edd3b2ac855f  2009.1/i586/php-idn-1.2b-15.1mdv2009.1.i586.rpm
 ae15eb81b8cb2bb16f835e2ae150301b  2009.1/i586/php-imap-5.2.11-0.2mdv2009.1.i586.rpm
 1f2d53602a9233587e5678b28f633e8c  2009.1/i586/php-ini-5.2.11-0.2mdv2009.1.i586.rpm
 a4148df6d3e3d51337d051e3822e98b4  2009.1/i586/php-json-5.2.11-0.2mdv2009.1.i586.rpm
 cf75d10cd7370953f600074542b0885c  2009.1/i586/php-ldap-5.2.11-0.2mdv2009.1.i586.rpm
 95194d5294466720b8d33ff73965358c  2009.1/i586/php-mbstring-5.2.11-0.2mdv2009.1.i586.rpm
 0ad19e34a48a67c3a89bac3e02ab7c51  2009.1/i586/php-mcal-0.6-27.1mdv2009.1.i586.rpm
 0ec6855392e5a5b04590c69cffb919cf  2009.1/i586/php-mcrypt-5.2.11-0.2mdv2009.1.i586.rpm
 94161fd99dca4e8678b428a393e7b5a3  2009.1/i586/php-mhash-5.2.11-0.2mdv2009.1.i586.rpm
 3c2d1daf7afa759ce4333b8a1bed54d8  2009.1/i586/php-mime_magic-5.2.11-0.2mdv2009.1.i586.rpm
 b0cdeb91498c39f994e37c79f70d705b  2009.1/i586/php-ming-5.2.11-0.2mdv2009.1.i586.rpm
 b5a8baab2a22256f50807941847d89f4  2009.1/i586/php-mssql-5.2.11-0.2mdv2009.1.i586.rpm
 bd51a9a74014dd0f8c851de6d673569d  2009.1/i586/php-mysql-5.2.11-0.2mdv2009.1.i586.rpm
 34141016f49c4a6bf0d1778631a72282  2009.1/i586/php-mysqli-5.2.11-0.2mdv2009.1.i586.rpm
 2039a799b4d838ad59a741ba671b6464  2009.1/i586/php-ncurses-5.2.11-0.2mdv2009.1.i586.rpm
 3c9318de4cfb070bd3b8631084269fe0  2009.1/i586/php-odbc-5.2.11-0.2mdv2009.1.i586.rpm
 71abb842e523085d733d1d08d993f59b  2009.1/i586/php-openssl-5.2.11-0.2mdv2009.1.i586.rpm
 3189bc2242db93d41d01d289d4a279ef  2009.1/i586/php-optimizer-0.1-0.alpha1.5.1mdv2009.1.i586.rpm
 31f0bab62fe3bae49bc472e7a3c7c604  2009.1/i586/php-pcntl-5.2.11-0.2mdv2009.1.i586.rpm
 16be1cb87cc154fe197bf2ec28902514  2009.1/i586/php-pdo-5.2.11-0.2mdv2009.1.i586.rpm
 386cd2e9e126fc637120c0484f512a36  2009.1/i586/php-pdo_dblib-5.2.11-0.2mdv2009.1.i586.rpm
 b4e4ee26da2f8a98566c81dd860caa25  2009.1/i586/php-pdo_mysql-5.2.11-0.2mdv2009.1.i586.rpm
 f68174ed1a5249904fbebd860eeb5a89  2009.1/i586/php-pdo_odbc-5.2.11-0.2mdv2009.1.i586.rpm
 450b1fa480d1405db1e8f1b28825ba4d  2009.1/i586/php-pdo_pgsql-5.2.11-0.2mdv2009.1.i586.rpm
 97aeedd9d04e8d9e99b06122438eb8a3  2009.1/i586/php-pdo_sqlite-5.2.11-0.2mdv2009.1.i586.rpm
 2df3d8c8a5f0c60fce661688d8289747  2009.1/i586/php-pgsql-5.2.11-0.2mdv2009.1.i586.rpm
 2e1c993e5659e2588fdd53c4843280f1  2009.1/i586/php-posix-5.2.11-0.2mdv2009.1.i586.rpm
 62c02ab2ec3ef17672fac70f1511982c  2009.1/i586/php-pspell-5.2.11-0.2mdv2009.1.i586.rpm
 1f99d50a9f93e1cef2b4fc0ae2aba226  2009.1/i586/php-readline-5.2.11-0.2mdv2009.1.i586.rpm
 1530675b3c59cfccf06ca6febcb09c94  2009.1/i586/php-recode-5.2.11-0.2mdv2009.1.i586.rpm
 f512cbd395580f02c8153daa97c84841  2009.1/i586/php-sasl-0.1.0-25.1mdv2009.1.i586.rpm
 9e6d04d721e39c9be218afe4be9fd3b8  2009.1/i586/php-session-5.2.11-0.2mdv2009.1.i586.rpm
 6b368a3302dac8feafe8f494237151bc  2009.1/i586/php-shmop-5.2.11-0.2mdv2009.1.i586.rpm
 1e3963337e20685cbada37d37c8fc465  2009.1/i586/php-snmp-5.2.11-0.2mdv2009.1.i586.rpm
 e2fb9a812e2845feea1fd4f5ade239ed  2009.1/i586/php-soap-5.2.11-0.2mdv2009.1.i586.rpm
 00ee08d3df798b5afbcfd56651a5b0c9  2009.1/i586/php-sockets-5.2.11-0.2mdv2009.1.i586.rpm
 4eae120e4aec4b62bcdb879dec4e2ca8  2009.1/i586/php-sqlite-5.2.11-0.2mdv2009.1.i586.rpm
 f5edf04ad26b0482c59b657b4fc79ef5  2009.1/i586/php-ssh2-0.11.0-2.1mdv2009.1.i586.rpm
 35c0a5ab803fcb56f6cc42c7c85e8527  2009.1/i586/php-suhosin-0.9.29-0.1mdv2009.1.i586.rpm
 f7bb800f8b97ed15a6abc553e0069426  2009.1/i586/php-sybase-5.2.11-0.2mdv2009.1.i586.rpm
 009198a7c43ad5486d515f8c98b48619  2009.1/i586/php-sysvmsg-5.2.11-0.2mdv2009.1.i586.rpm
 3ee82aa04924b325cc67cd5624abeaad  2009.1/i586/php-sysvsem-5.2.11-0.2mdv2009.1.i586.rpm
 058d54a39589ed25d1aeab545044081d  2009.1/i586/php-sysvshm-5.2.11-0.2mdv2009.1.i586.rpm
 5ed92070a823624b2fc3f77abcc6e470  2009.1/i586/php-tclink-3.4.4-10.1mdv2009.1.i586.rpm
 e63d316ae3e4da543a2e419857e9d3df  2009.1/i586/php-tidy-5.2.11-0.2mdv2009.1.i586.rpm
 257d7506f03b75ace88b3372d812d81e  2009.1/i586/php-tokenizer-5.2.11-0.2mdv2009.1.i586.rpm
 4cfa06ffeea8cfa7e85ccdefedfbee8f  2009.1/i586/php-translit-0.6.0-7.1mdv2009.1.i586.rpm
 6481916f2b7ccb0006b4f8da4fdc4e7b  2009.1/i586/php-vld-0.9.1-8.1mdv2009.1.i586.rpm
 7ef637e8f86d20583f34f0d15af958db  2009.1/i586/php-wddx-5.2.11-0.2mdv2009.1.i586.rpm
 e0ce4587e601725592c770d06101a726  2009.1/i586/php-xattr-1.1.0-6.1mdv2009.1.i586.rpm
 eab70348ad94f1b053c29728ef04d1ae  2009.1/i586/php-xdebug-2.0.5-0.1mdv2009.1.i586.rpm
 00416bc35980a1ffd1e9cfc01340d250  2009.1/i586/php-xml-5.2.11-0.2mdv2009.1.i586.rpm
 e6dc3bd19118cad8b35402432d10c614  2009.1/i586/php-xmlreader-5.2.11-0.2mdv2009.1.i586.rpm
 f6a171e05b4c50fc3d0215517a43b5ad  2009.1/i586/php-xmlrpc-5.2.11-0.2mdv2009.1.i586.rpm
 daa050f966122c5e9106b63a2059460b  2009.1/i586/php-xmlwriter-5.2.11-0.2mdv2009.1.i586.rpm
 305380acce3937932d8cd54da71acacd  2009.1/i586/php-xsl-5.2.11-0.2mdv2009.1.i586.rpm
 956e83dcfb803c3d1a4cc73bfa407c6e  2009.1/i586/php-zip-5.2.11-0.2mdv2009.1.i586.rpm
 3dd94fc0d0980e422787162d415e50ed  2009.1/i586/php-zlib-5.2.11-0.2mdv2009.1.i586.rpm 
 db514f461e076c4cbd1f1888cc0770b2  2009.1/SRPMS/apache-mod_php-5.2.11-0.2mdv2009.1.src.rpm
 ca33a8ecccae7e4504b8f029a36d9fb8  2009.1/SRPMS/php-5.2.11-0.2mdv2009.1.src.rpm
 e24d41d0fd79871eaa8fc69b15a26a17  2009.1/SRPMS/php-apc-3.1.3p1-0.1mdv2009.1.src.rpm
 ccf9dfb71283034893e6fb048d3a6a70  2009.1/SRPMS/php-dbx-1.1.0-26.1mdv2009.1.src.rpm
 0bf81682e9d42113cd3b120db9570971  2009.1/SRPMS/php-dio-0.0.2-3.1mdv2009.1.src.rpm
 76ce936e3a10c19ce5aacdc4587e38d5  2009.1/SRPMS/php-eaccelerator-0.9.5.3-8.1mdv2009.1.src.rpm
 4636daf01a795bf8e07ed4efd22b8005  2009.1/SRPMS/php-fam-5.0.1-7.1mdv2009.1.src.rpm
 4dc8de56cd34cd69562945be7e3657cd  2009.1/SRPMS/php-fileinfo-1.0.4-15.1mdv2009.1.src.rpm
 2e50161183b4a19851311293741d94b3  2009.1/SRPMS/php-filepro-5.1.6-17.1mdv2009.1.src.rpm
 a05a5da4763ae372f1479e25604e0623  2009.1/SRPMS/php-idn-1.2b-15.1mdv2009.1.src.rpm
 b177c6b71c473a3d9eec9fb861dbb924  2009.1/SRPMS/php-ini-5.2.11-0.2mdv2009.1.src.rpm
 7a66830d43f063b9301a4e792fa99613  2009.1/SRPMS/php-mcal-0.6-27.1mdv2009.1.src.rpm
 7b8ce394d2897c586a9198b61ca59140  2009.1/SRPMS/php-optimizer-0.1-0.alpha1.5.1mdv2009.1.src.rpm
 f2adce006b6afe2f80bb272ae67b9962  2009.1/SRPMS/php-sasl-0.1.0-25.1mdv2009.1.src.rpm
 e4f7a16e624afd527f9c9687fd6131ae  2009.1/SRPMS/php-ssh2-0.11.0-2.1mdv2009.1.src.rpm
 c90af9a9f54945444200956d52c0a858  2009.1/SRPMS/php-suhosin-0.9.29-0.1mdv2009.1.src.rpm
 0c1cc8612d562f419b7aab58d565d7a5  2009.1/SRPMS/php-tclink-3.4.4-10.1mdv2009.1.src.rpm
 568e48c576e2b280436a120e97e7f795  2009.1/SRPMS/php-translit-0.6.0-7.1mdv2009.1.src.rpm
 255074b241ebbd4b6646eb2fdf75596e  2009.1/SRPMS/php-vld-0.9.1-8.1mdv2009.1.src.rpm
 4ac02b4bbaa8d816e5d6502dfd1d9300  2009.1/SRPMS/php-xattr-1.1.0-6.1mdv2009.1.src.rpm
 43e186faa97725d60cb512bd477d54f5  2009.1/SRPMS/php-xdebug-2.0.5-0.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 5056afbc782b8e34e0dbf82ed02ea5d0  2009.1/x86_64/apache-mod_php-5.2.11-0.2mdv2009.1.x86_64.rpm
 9455728d029e751b21985daebbddcf46  2009.1/x86_64/lib64php5_common5-5.2.11-0.2mdv2009.1.x86_64.rpm
 6d8716949d02234961f207c32b82f0d2  2009.1/x86_64/php-apc-3.1.3p1-0.1mdv2009.1.x86_64.rpm
 b097fa43503dfa36e97e4fdf84eaea50  2009.1/x86_64/php-apc-admin-3.1.3p1-0.1mdv2009.1.x86_64.rpm
 6066b28d721f9bffde4b1207c6ce70cf  2009.1/x86_64/php-bcmath-5.2.11-0.2mdv2009.1.x86_64.rpm
 9e31d54865b51970acc625e53026e049  2009.1/x86_64/php-bz2-5.2.11-0.2mdv2009.1.x86_64.rpm
 90b775f7c3d3e9fb0d6c5f670a5bd5a4  2009.1/x86_64/php-calendar-5.2.11-0.2mdv2009.1.x86_64.rpm
 7ac891bc5c79c0c95b021e79b55e9ee0  2009.1/x86_64/php-cgi-5.2.11-0.2mdv2009.1.x86_64.rpm
 76174f20c80a7b11694332c2ba672e71  2009.1/x86_64/php-cli-5.2.11-0.2mdv2009.1.x86_64.rpm
 d5229c6a59bd777dc41785bb94f37bb8  2009.1/x86_64/php-ctype-5.2.11-0.2mdv2009.1.x86_64.rpm
 f156be17613fc9649139d18725e3a22e  2009.1/x86_64/php-curl-5.2.11-0.2mdv2009.1.x86_64.rpm
 a96ab92a582e9a6bfcc07058a68daa51  2009.1/x86_64/php-dba-5.2.11-0.2mdv2009.1.x86_64.rpm
 7a88757b1db59c9147b6bfb8135dd161  2009.1/x86_64/php-dbase-5.2.11-0.2mdv2009.1.x86_64.rpm
 f95297772d07e7722693b6f3a99aec64  2009.1/x86_64/php-dbx-1.1.0-26.1mdv2009.1.x86_64.rpm
 f725a5b5ee9f7ac45b3680ed3cae0f7f  2009.1/x86_64/php-devel-5.2.11-0.2mdv2009.1.x86_64.rpm
 96ee982f0ea9ffa157598ce81953a7e9  2009.1/x86_64/php-dio-0.0.2-3.1mdv2009.1.x86_64.rpm
 92b4f00d90ccc3278a3407f10a980412  2009.1/x86_64/php-dom-5.2.11-0.2mdv2009.1.x86_64.rpm
 ea6e97aa761c9997dc74f807c58222c3  2009.1/x86_64/php-eaccelerator-0.9.5.3-8.1mdv2009.1.x86_64.rpm
 79377b9ea6547160b424d9d8444d7ebe  2009.1/x86_64/php-eaccelerator-admin-0.9.5.3-8.1mdv2009.1.x86_64.rpm
 fce4100854000aa2e56a5937fcc9cc18  2009.1/x86_64/php-exif-5.2.11-0.2mdv2009.1.x86_64.rpm
 6d4fbea8eceb41f378a91b798c9da05c  2009.1/x86_64/php-fam-5.0.1-7.1mdv2009.1.x86_64.rpm
 8d9a7de80f1d9264024b8f1541c887e0  2009.1/x86_64/php-fcgi-5.2.11-0.2mdv2009.1.x86_64.rpm
 e4736b0033297a80db9567f22469a1a9  2009.1/x86_64/php-fileinfo-1.0.4-15.1mdv2009.1.x86_64.rpm
 2aa18713eba3278d9ce4e0b96dbc5cc9  2009.1/x86_64/php-filepro-5.1.6-17.1mdv2009.1.x86_64.rpm
 5ca56d7d9c2de57f121c7622f72a7807  2009.1/x86_64/php-filter-5.2.11-0.2mdv2009.1.x86_64.rpm
 d43a3e8a9a880f85af7304076593d66c  2009.1/x86_64/php-ftp-5.2.11-0.2mdv2009.1.x86_64.rpm
 acc98e45f382d0bd1d1fa1ac5ddbc117  2009.1/x86_64/php-gd-5.2.11-0.2mdv2009.1.x86_64.rpm
 4b42f2b66c84ab292c74d19f7c585fcb  2009.1/x86_64/php-gettext-5.2.11-0.2mdv2009.1.x86_64.rpm
 97cef193d16421e034929d3773bc4136  2009.1/x86_64/php-gmp-5.2.11-0.2mdv2009.1.x86_64.rpm
 8d6bca0b86b99829f3d0fee395b33be3  2009.1/x86_64/php-hash-5.2.11-0.2mdv2009.1.x86_64.rpm
 361f9dbe89532b99bd1573aeddcf5531  2009.1/x86_64/php-iconv-5.2.11-0.2mdv2009.1.x86_64.rpm
 cb0b84ab3982c49baef3545ca022eff2  2009.1/x86_64/php-idn-1.2b-15.1mdv2009.1.x86_64.rpm
 791cdfd1aa3b5520a7fa73329c8fadca  2009.1/x86_64/php-imap-5.2.11-0.2mdv2009.1.x86_64.rpm
 30c7e7c12e920d6e0c4262bccf32b3bd  2009.1/x86_64/php-ini-5.2.11-0.2mdv2009.1.x86_64.rpm
 4d76ef742cef5f8d8dfe259b8bbce7bf  2009.1/x86_64/php-json-5.2.11-0.2mdv2009.1.x86_64.rpm
 2cecd7858f9a37d1fc87687f8ddc7551  2009.1/x86_64/php-ldap-5.2.11-0.2mdv2009.1.x86_64.rpm
 ad1e67493557739f2e77f7d23cd4fc37  2009.1/x86_64/php-mbstring-5.2.11-0.2mdv2009.1.x86_64.rpm
 9ebbb9727d8c00b2f57a8da26b458a9e  2009.1/x86_64/php-mcal-0.6-27.1mdv2009.1.x86_64.rpm
 d17626b9bb64c99a580f01de8806706b  2009.1/x86_64/php-mcrypt-5.2.11-0.2mdv2009.1.x86_64.rpm
 aa1a4b89d6292780799c1b7af805cca0  2009.1/x86_64/php-mhash-5.2.11-0.2mdv2009.1.x86_64.rpm
 0a6b94b5b0bbd87ee8df605f72ad8c22  2009.1/x86_64/php-mime_magic-5.2.11-0.2mdv2009.1.x86_64.rpm
 7c6af202c926195416e4c297c0a7ff8f  2009.1/x86_64/php-ming-5.2.11-0.2mdv2009.1.x86_64.rpm
 27006f6641ab1ed9b997ab890a19c889  2009.1/x86_64/php-mssql-5.2.11-0.2mdv2009.1.x86_64.rpm
 e72f7c46b6ec24dcd0a099a4b7907f21  2009.1/x86_64/php-mysql-5.2.11-0.2mdv2009.1.x86_64.rpm
 cc317ef62f4a748694396b471277be25  2009.1/x86_64/php-mysqli-5.2.11-0.2mdv2009.1.x86_64.rpm
 803f4bf71500884d411749575813bb6b  2009.1/x86_64/php-ncurses-5.2.11-0.2mdv2009.1.x86_64.rpm
 56ae0a29c7e9d363800bc58164f86130  2009.1/x86_64/php-odbc-5.2.11-0.2mdv2009.1.x86_64.rpm
 041fe87c34459f45a7ded497a798f014  2009.1/x86_64/php-openssl-5.2.11-0.2mdv2009.1.x86_64.rpm
 c7e11c043b0639c750766498c3571055  2009.1/x86_64/php-optimizer-0.1-0.alpha1.5.1mdv2009.1.x86_64.rpm
 03da70f804c479db50029390369ac444  2009.1/x86_64/php-pcntl-5.2.11-0.2mdv2009.1.x86_64.rpm
 6294653ab0312a6e6b004c49df2ffc7b  2009.1/x86_64/php-pdo-5.2.11-0.2mdv2009.1.x86_64.rpm
 d2de53b4d571fcfb27cb76cd6d78faa5  2009.1/x86_64/php-pdo_dblib-5.2.11-0.2mdv2009.1.x86_64.rpm
 5d931a0858ed2ad6671ef5bdba3ad2d7  2009.1/x86_64/php-pdo_mysql-5.2.11-0.2mdv2009.1.x86_64.rpm
 b817ba9ffbee014a5f92dc0021a82696  2009.1/x86_64/php-pdo_odbc-5.2.11-0.2mdv2009.1.x86_64.rpm
 e6910d7a115a55ffb8f13fc7195914ae  2009.1/x86_64/php-pdo_pgsql-5.2.11-0.2mdv2009.1.x86_64.rpm
 417db8ad10739e62e276b0f041bb54f1  2009.1/x86_64/php-pdo_sqlite-5.2.11-0.2mdv2009.1.x86_64.rpm
 580a6ec997fe86782f03c1a96d8bbeaf  2009.1/x86_64/php-pgsql-5.2.11-0.2mdv2009.1.x86_64.rpm
 21c60f7d31a56f80724f5c4e77b5b339  2009.1/x86_64/php-posix-5.2.11-0.2mdv2009.1.x86_64.rpm
 61030cb7573df84252ef21606dccdd21  2009.1/x86_64/php-pspell-5.2.11-0.2mdv2009.1.x86_64.rpm
 852af4d43e3daf4f5518608e5ed4065d  2009.1/x86_64/php-readline-5.2.11-0.2mdv2009.1.x86_64.rpm
 3905ca94e433e58cfe1d325d85bded55  2009.1/x86_64/php-recode-5.2.11-0.2mdv2009.1.x86_64.rpm
 f5aff678c581d08adfe042812cfdcef8  2009.1/x86_64/php-sasl-0.1.0-25.1mdv2009.1.x86_64.rpm
 88e6ae754ef9713197b1fb241bb6ca94  2009.1/x86_64/php-session-5.2.11-0.2mdv2009.1.x86_64.rpm
 e7868232be6a3f2ab19a53930c038c67  2009.1/x86_64/php-shmop-5.2.11-0.2mdv2009.1.x86_64.rpm
 829ba0eeb19616159e30a5e21ce49c82  2009.1/x86_64/php-snmp-5.2.11-0.2mdv2009.1.x86_64.rpm
 2564d557d1a7d8d97eae546a940a9bf0  2009.1/x86_64/php-soap-5.2.11-0.2mdv2009.1.x86_64.rpm
 404626167449becb32ecd002cc50afe7  2009.1/x86_64/php-sockets-5.2.11-0.2mdv2009.1.x86_64.rpm
 dedaa4c274b39c850f02c8fc615a55bf  2009.1/x86_64/php-sqlite-5.2.11-0.2mdv2009.1.x86_64.rpm
 8240e064b421d28cf363047743a83711  2009.1/x86_64/php-ssh2-0.11.0-2.1mdv2009.1.x86_64.rpm
 5b9987592c727c4bfa25dfc863776b6e  2009.1/x86_64/php-suhosin-0.9.29-0.1mdv2009.1.x86_64.rpm
 19faf36f9a4275891f607a13a748b06b  2009.1/x86_64/php-sybase-5.2.11-0.2mdv2009.1.x86_64.rpm
 8c645f0acd055c357a066050bf08a00b  2009.1/x86_64/php-sysvmsg-5.2.11-0.2mdv2009.1.x86_64.rpm
 c850ddadf6e6012f5d2a73149d40ddac  2009.1/x86_64/php-sysvsem-5.2.11-0.2mdv2009.1.x86_64.rpm
 abea677da3b6c03b85be94a6e72df404  2009.1/x86_64/php-sysvshm-5.2.11-0.2mdv2009.1.x86_64.rpm
 ee2e817f498b4a1cd9a2c64917ac7cd0  2009.1/x86_64/php-tclink-3.4.4-10.1mdv2009.1.x86_64.rpm
 022d30501a6919606c3e25e424285837  2009.1/x86_64/php-tidy-5.2.11-0.2mdv2009.1.x86_64.rpm
 6e287bb2d81bd3baa5217f50dec0f363  2009.1/x86_64/php-tokenizer-5.2.11-0.2mdv2009.1.x86_64.rpm
 2389025b493b179a8861ace07c37d430  2009.1/x86_64/php-translit-0.6.0-7.1mdv2009.1.x86_64.rpm
 7b4b5db0f1ba32ad86265edca540157f  2009.1/x86_64/php-vld-0.9.1-8.1mdv2009.1.x86_64.rpm
 98fa5cdae2f7a15614bb83580b408709  2009.1/x86_64/php-wddx-5.2.11-0.2mdv2009.1.x86_64.rpm
 92168fdd480cc7ce2b674952cf346e5d  2009.1/x86_64/php-xattr-1.1.0-6.1mdv2009.1.x86_64.rpm
 3e362a67fc587cf76236402282d6b42c  2009.1/x86_64/php-xdebug-2.0.5-0.1mdv2009.1.x86_64.rpm
 3c32c44e4a437bb9d401e6045d8bf944  2009.1/x86_64/php-xml-5.2.11-0.2mdv2009.1.x86_64.rpm
 bc7b1b1beb4bc276bf007a755fef3188  2009.1/x86_64/php-xmlreader-5.2.11-0.2mdv2009.1.x86_64.rpm
 9e044c2d0544fb327fb8eca7b5eb514a  2009.1/x86_64/php-xmlrpc-5.2.11-0.2mdv2009.1.x86_64.rpm
 53fd25b221e4018a4b8ac08efd0bc63f  2009.1/x86_64/php-xmlwriter-5.2.11-0.2mdv2009.1.x86_64.rpm
 5cfcb21b0c625f213a398f7d4b46d042  2009.1/x86_64/php-xsl-5.2.11-0.2mdv2009.1.x86_64.rpm
 f5b52c894e7286a3cf6dce68e4384f44  2009.1/x86_64/php-zip-5.2.11-0.2mdv2009.1.x86_64.rpm
 f8b3def9f1b8f3702714afe1cd006709  2009.1/x86_64/php-zlib-5.2.11-0.2mdv2009.1.x86_64.rpm 
 db514f461e076c4cbd1f1888cc0770b2  2009.1/SRPMS/apache-mod_php-5.2.11-0.2mdv2009.1.src.rpm
 ca33a8ecccae7e4504b8f029a36d9fb8  2009.1/SRPMS/php-5.2.11-0.2mdv2009.1.src.rpm
 e24d41d0fd79871eaa8fc69b15a26a17  2009.1/SRPMS/php-apc-3.1.3p1-0.1mdv2009.1.src.rpm
 ccf9dfb71283034893e6fb048d3a6a70  2009.1/SRPMS/php-dbx-1.1.0-26.1mdv2009.1.src.rpm
 0bf81682e9d42113cd3b120db9570971  2009.1/SRPMS/php-dio-0.0.2-3.1mdv2009.1.src.rpm
 76ce936e3a10c19ce5aacdc4587e38d5  2009.1/SRPMS/php-eaccelerator-0.9.5.3-8.1mdv2009.1.src.rpm
 4636daf01a795bf8e07ed4efd22b8005  2009.1/SRPMS/php-fam-5.0.1-7.1mdv2009.1.src.rpm
 4dc8de56cd34cd69562945be7e3657cd  2009.1/SRPMS/php-fileinfo-1.0.4-15.1mdv2009.1.src.rpm
 2e50161183b4a19851311293741d94b3  2009.1/SRPMS/php-filepro-5.1.6-17.1mdv2009.1.src.rpm
 a05a5da4763ae372f1479e25604e0623  2009.1/SRPMS/php-idn-1.2b-15.1mdv2009.1.src.rpm
 b177c6b71c473a3d9eec9fb861dbb924  2009.1/SRPMS/php-ini-5.2.11-0.2mdv2009.1.src.rpm
 7a66830d43f063b9301a4e792fa99613  2009.1/SRPMS/php-mcal-0.6-27.1mdv2009.1.src.rpm
 7b8ce394d2897c586a9198b61ca59140  2009.1/SRPMS/php-optimizer-0.1-0.alpha1.5.1mdv2009.1.src.rpm
 f2adce006b6afe2f80bb272ae67b9962  2009.1/SRPMS/php-sasl-0.1.0-25.1mdv2009.1.src.rpm
 e4f7a16e624afd527f9c9687fd6131ae  2009.1/SRPMS/php-ssh2-0.11.0-2.1mdv2009.1.src.rpm
 c90af9a9f54945444200956d52c0a858  2009.1/SRPMS/php-suhosin-0.9.29-0.1mdv2009.1.src.rpm
 0c1cc8612d562f419b7aab58d565d7a5  2009.1/SRPMS/php-tclink-3.4.4-10.1mdv2009.1.src.rpm
 568e48c576e2b280436a120e97e7f795  2009.1/SRPMS/php-translit-0.6.0-7.1mdv2009.1.src.rpm
 255074b241ebbd4b6646eb2fdf75596e  2009.1/SRPMS/php-vld-0.9.1-8.1mdv2009.1.src.rpm
 4ac02b4bbaa8d816e5d6502dfd1d9300  2009.1/SRPMS/php-xattr-1.1.0-6.1mdv2009.1.src.rpm
 43e186faa97725d60cb512bd477d54f5  2009.1/SRPMS/php-xdebug-2.0.5-0.1mdv2009.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLEV9hmqjQ0CJFipgRApgIAJ49GiQXPqNh4sa7ndjdDlKm+NeJ2QCbBbKt
prBLJ29F/5FhiOPP801L+WE=
=857H
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
  • [ MDVSA-2009:303 ] php security (Nov 28)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]