Security Advisory Moderate: php security update

Advisory: RHSA-2007:0153-3
Type: Security Advisory
Severity: Moderate
Issued on: 2007-04-20
Last updated on: 2007-04-20
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
OVAL: com.redhat.rhsa-20070153.xml
CVEs (cve.mitre.org): CVE-2007-0455
CVE-2007-1001
CVE-2007-1583
CVE-2007-1718

Details

Updated PHP packages that fix several security issues are now available for
Red Hat Enterprise Linux 5.

This update has been rated as having important security impact by the Red
Hat Security Response Team.

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Web server.

A flaw was found in the way the mbstring extension set global variables. A
script which used the mb_parse_str() function to set global variables could
be forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-1583)

A heap based buffer overflow flaw was discovered in PHP's gd extension. A
script that could be forced to process WBMP images from an untrusted source
could result in arbitrary code execution. (CVE-2007-1001)

A buffer over-read flaw was discovered in PHP's gd extension. A script that
could be forced to write arbitrary string using a JIS font from an
untrusted source could cause the PHP interpreter to crash. (CVE-2007-0455)

A flaw was discovered in the way PHP's mail() function processed header
data. If a script sent mail using a Subject header containing a string from
an untrusted source, a remote attacker could send bulk e-mail to unintended
recipients. (CVE-2007-1718)

Users of PHP should upgrade to these updated packages which contain
backported patches to correct these issues.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/FAQ_58_10188

Updated packages

RHEL Desktop Workstation (v. 5 client)
SRPMS:
php-5.1.6-11.el5.src.rpm
File outdated by:  RHSA-2009:0338		     6bb51aa2c094e0073d355539601158d2
 
IA-32:
php-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     d53bd0f7f66bd5cb9f0c5dd8376aaa10
php-bcmath-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     a3120b1d8e25e0a140f3ab478d455ef0
php-cli-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     65e8d1207657e293fc1ceb5df8ef5542
php-common-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     00f59127e8297d45e87eed974913398f
php-dba-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     0e54b49ad88811e5667b22683597359c
php-devel-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     8b5c86ad82c07a30bdb2bd4a729a7084
php-gd-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     101002cf8b2cf6e51705fcace07f250d
php-imap-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     78e84e93106dccba49311b9654b89dbd
php-ldap-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     c71cd331c511fc3e3c0f02dc198fdfa3
php-mbstring-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     f5deb5a99bce0524abe71ac1b7541f35
php-mysql-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     7ea600da7c59dab628c95faff735e7bb
php-ncurses-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     e59b54ab91380f04ccd6a85932170a14
php-odbc-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     2535008822ba4102c6ea3399ea3e6592
php-pdo-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     97d3386be258cfb5c8adfdc993c81b71
php-pgsql-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     6bfda2a0428775ae0c5246027c6576b2
php-snmp-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     773077dfc0d46c268b5bcbf2ed546a43
php-soap-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     1da346df94ec940e1fb83d68a79738c7
php-xml-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     4cad86f42866176ef8df9b0315cd6eea
php-xmlrpc-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     590d277c31f7b57a23199d4edf8502a4
 
x86_64:
php-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     eb30d9a59029cb441b770df74e4bb120
php-bcmath-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     8c430e36ca52c690ffc64410f4e9a97b
php-cli-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     f40a8a0f122e84f551c2b56125b72f7a
php-common-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     d807f7e7f7dbb6392f20a0da9c94a7b0
php-dba-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     705c7666de1d24f0460bda27f83acef4
php-devel-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     a13ad5a1023646fef9609f8f6b94e65d
php-gd-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     25e164d3270a72b10fa14ad73929f70c
php-imap-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     1bf9e5e14910abd12be86c5de065c0a1
php-ldap-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     7206536783846f283b2b618c7602b43d
php-mbstring-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     649ddff34b26b747309537c02a1ebf31
php-mysql-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     c08d703a5602d801aaca95c02b25126a
php-ncurses-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     e376de4524c7a6cc35d57a10edcaceb1
php-odbc-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     6f0f33e91cc3f46da73ce37962093dfa
php-pdo-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     6f51fec2e9e703c44968b5bc45bd5b71
php-pgsql-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     0d5022bec64a6378819b4f4a51dd2f7e
php-snmp-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     a543a653849fea7676fe80c71000063b
php-soap-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     3fd0162bdfd5f9890e4e228f37e8001c
php-xml-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     4be0a0b9aac607f16c520faaa0ba8da4
php-xmlrpc-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     9c9861a1ca2dfdd59444638b6c479191
 
Red Hat Enterprise Linux (v. 5 server)
SRPMS:
php-5.1.6-11.el5.src.rpm
File outdated by:  RHSA-2009:0338		     6bb51aa2c094e0073d355539601158d2
 
IA-32:
php-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     d53bd0f7f66bd5cb9f0c5dd8376aaa10
php-bcmath-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     a3120b1d8e25e0a140f3ab478d455ef0
php-cli-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     65e8d1207657e293fc1ceb5df8ef5542
php-common-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     00f59127e8297d45e87eed974913398f
php-dba-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     0e54b49ad88811e5667b22683597359c
php-devel-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     8b5c86ad82c07a30bdb2bd4a729a7084
php-gd-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     101002cf8b2cf6e51705fcace07f250d
php-imap-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     78e84e93106dccba49311b9654b89dbd
php-ldap-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     c71cd331c511fc3e3c0f02dc198fdfa3
php-mbstring-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     f5deb5a99bce0524abe71ac1b7541f35
php-mysql-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     7ea600da7c59dab628c95faff735e7bb
php-ncurses-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     e59b54ab91380f04ccd6a85932170a14
php-odbc-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     2535008822ba4102c6ea3399ea3e6592
php-pdo-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     97d3386be258cfb5c8adfdc993c81b71
php-pgsql-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     6bfda2a0428775ae0c5246027c6576b2
php-snmp-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     773077dfc0d46c268b5bcbf2ed546a43
php-soap-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     1da346df94ec940e1fb83d68a79738c7
php-xml-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     4cad86f42866176ef8df9b0315cd6eea
php-xmlrpc-5.1.6-11.el5.i386.rpm
File outdated by:  RHSA-2009:0338		     590d277c31f7b57a23199d4edf8502a4
 
IA-64:
php-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     6fbc0e4156c6779e7447d7acfd979787
php-bcmath-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     fa926ee03b6d8d8657a9bbc48c666291
php-cli-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     1e2fb09743054b16862a698bacd6c8f3
php-common-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     d992b8f6b824930d58e3651715259745
php-dba-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     42f9b945b95d04a19c37ac543d64e92a
php-devel-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     c9f6555c46d5a43572e29e78b7ec266a
php-gd-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     6da9aba1aa0b1554895e607b29795f41
php-imap-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     779ae74bfd7cd0a1c6778370948d3069
php-ldap-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     bee411a3917d621a21e630a0df278362
php-mbstring-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     cacef16531e6560a69fe20f3becf0f8a
php-mysql-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     96ed534d298db11d6189603d4a4a1b46
php-ncurses-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     c41c1b55283a6a52f761246e96e765d9
php-odbc-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     76fabcb8bf8b8395ba97962e5a84e0a4
php-pdo-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     395cd8ab832c72d27954f2fcff14f5b2
php-pgsql-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     e7838476e6288e7b96b37a38e94aff7f
php-snmp-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     7465e1b6b9e40e264c581ef9eea18b08
php-soap-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     07e19feffca99486f1658fac2f66f484
php-xml-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     b0d574612016dd8e2fca1d06364f75c2
php-xmlrpc-5.1.6-11.el5.ia64.rpm
File outdated by:  RHSA-2009:0338		     70f19c815037ee3d98a85e879018b80d
 
PPC:
php-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     2e0a33efafcdf78b5882e0ab03ff065d
php-bcmath-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     b3bf05016ba8bb376bd2597420b15c59
php-cli-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     bd9a12f42c3859d251636736b5c41615
php-common-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     4c8d3b8d237ccb59de0232e2d9d0d4cf
php-dba-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     ec6609133713b50e807dcf96b8900275
php-devel-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     5035f6ae3d92b9dda48540beb765a5de
php-gd-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     571bb8cfdf27b1de242b96b08e7782db
php-imap-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     3d905e8e2e49c4dd7a0dbaa744b4df9e
php-ldap-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     f9f3424c9a571b6d7df4f3e9cdbe1806
php-mbstring-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     6802616d81b7699ec841e7efa134ef1c
php-mysql-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     aa2eea656e7a13d95884e83611ac666d
php-ncurses-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     d44546ce79b9fe8915b972c948e329a7
php-odbc-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     783c28604cc426785187175ccc8bcd2c
php-pdo-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     a53c9d6dcf93f565c507be75b634b7c4
php-pgsql-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     5939ecafbdf9154673068092ab56b702
php-snmp-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     164d1301fc9cfe67c8a390a3e8b13203
php-soap-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     b645a0e76b0fb300581a4e43b8764cfb
php-xml-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     4c004ecb53a40dd0e76e14d8715e27f6
php-xmlrpc-5.1.6-11.el5.ppc.rpm
File outdated by:  RHSA-2009:0338		     02bb2911d00505dfd67079cb119cdfab
 
s390x:
php-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     d0d56e20f7f30ccbc278848472950fd8
php-bcmath-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     447f7beeadd7fbf5c20bff791aa01993
php-cli-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     a1945ee0fb7292318e5d2e94771f74a3
php-common-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     32dee0fc91006ae761fcfde592cd94ad
php-dba-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     623b96dade743a60ca60aff42d77dfb9
php-devel-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     023a3125038045d0ad91a837619c31f4
php-gd-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     3918ccb7b01723501741b727e7d37c98
php-imap-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     d3620373bb72c6f106f49e10d92517c4
php-ldap-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     daff492934155941111ad2cfa3dda25b
php-mbstring-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     bd3f9060ad1e210ea418e74574b8d8ec
php-mysql-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     5aad9fab17b78542fed284605ae7db8c
php-ncurses-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     d90329cda9386195f0ee10803474474a
php-odbc-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     2777213261dc62b7b6269bf694bbc532
php-pdo-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     579567b50e96e4250c81ada9a6a42318
php-pgsql-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     8117672429d790b5791a80d51c43ef9b
php-snmp-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     240087bce7f67e35c63193e2589a703c
php-soap-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     645cbd9c82fa2501bc69b681fa3a644a
php-xml-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     bd3c21a09517b135c8cdf8de61eb9fe2
php-xmlrpc-5.1.6-11.el5.s390x.rpm
File outdated by:  RHSA-2009:0338		     2419051b6081fa84181b05baaefcaafd
 
x86_64:
php-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     eb30d9a59029cb441b770df74e4bb120
php-bcmath-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     8c430e36ca52c690ffc64410f4e9a97b
php-cli-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     f40a8a0f122e84f551c2b56125b72f7a
php-common-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     d807f7e7f7dbb6392f20a0da9c94a7b0
php-dba-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     705c7666de1d24f0460bda27f83acef4
php-devel-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     a13ad5a1023646fef9609f8f6b94e65d
php-gd-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     25e164d3270a72b10fa14ad73929f70c
php-imap-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     1bf9e5e14910abd12be86c5de065c0a1
php-ldap-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     7206536783846f283b2b618c7602b43d
php-mbstring-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     649ddff34b26b747309537c02a1ebf31
php-mysql-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     c08d703a5602d801aaca95c02b25126a
php-ncurses-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     e376de4524c7a6cc35d57a10edcaceb1
php-odbc-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     6f0f33e91cc3f46da73ce37962093dfa
php-pdo-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     6f51fec2e9e703c44968b5bc45bd5b71
php-pgsql-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     0d5022bec64a6378819b4f4a51dd2f7e
php-snmp-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     a543a653849fea7676fe80c71000063b
php-soap-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     3fd0162bdfd5f9890e4e228f37e8001c
php-xml-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     4be0a0b9aac607f16c520faaa0ba8da4
php-xmlrpc-5.1.6-11.el5.x86_64.rpm
File outdated by:  RHSA-2009:0338		     9c9861a1ca2dfdd59444638b6c479191
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

235016 - CVE-2007-1583 mbstring register_globals activation and mail() header injection (CVE-2007-1718)
235036 - CVE-2007-1001 gd flaws in wbmp, JIS font handling (CVE-2007-0455)


References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-0455
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1583
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1718
http://www.redhat.com/security/updates/classification/#moderate

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/