- Issued:
- 2004-09-01
- Updated:
- 2004-09-01
RHBA-2004:272 - Bug Fix Advisory
Synopsis
Updated php packages
Type/Severity
Bug Fix Advisory
Topic
Updated php packages that fix various bugs are now available.
Description
PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.
PHP contains a modified copy of the GD graphics library used for creating
images and text in real time from PHP scripts. If an Apache module loads
the system copy of the GD library, such as a third-party Perl module loaded
by mod_perl, symbol conflicts between the system GD library and the GD
library bundled with PHP could cause an Apache child process to crash.
PHP stream support for the SSL protocol could issue a warning message
when using an SSL server that does not shut down the connection cleanly.
This warning message has been downgraded to a notice message, and will no
longer appear by default.
The php-devel package, used for building PHP extensions, is now included in
Red Hat Enterprise Linux 3.
Users of PHP should upgrade to these updated packages, which contain fixes
for these issues.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
To update all RPMs for your particular architecture, run:
rpm -Fvh [filenames]
where [filenames] is a list of the RPMs you wish to upgrade. Only those
RPMs which are currently installed will be updated. Those RPMs which are
not installed but included in the list will not be updated. Note that you
can also use wildcards (*.rpm) if your current directory *only* contains the
desired RPMs.
Please note that this update is also available via Red Hat Network. Many
people find this an easier way to apply updates. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:
up2date
This will start an interactive process that will result in the appropriate
RPMs being upgraded on your system.
If up2date fails to connect to Red Hat Network due to SSL
Certificate Errors, you need to install a version of the
up2date client with an updated certificate. The latest version of
up2date is available from the Red Hat FTP site and may also be
downloaded directly from the RHN website:
Affected Products
- Red Hat Enterprise Linux Server 3 x86_64
- Red Hat Enterprise Linux Server 3 ia64
- Red Hat Enterprise Linux Server 3 i386
- Red Hat Enterprise Linux Workstation 3 x86_64
- Red Hat Enterprise Linux Workstation 3 ia64
- Red Hat Enterprise Linux Workstation 3 i386
- Red Hat Enterprise Linux Desktop 3 x86_64
- Red Hat Enterprise Linux Desktop 3 i386
- Red Hat Enterprise Linux for IBM z Systems 3 s390x
- Red Hat Enterprise Linux for IBM z Systems 3 s390
- Red Hat Enterprise Linux for Power, big endian 3 ppc
Fixes
- BZ - 109697 - php-devel is missing from the unified build tree.
- BZ - 124530 - httpd segfaults in conjunction with mod_perl and GD
- BZ - 124582 - fgets erroring on https protocol
CVEs
(none)
References
(none)
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.