Skip to navigation

Security Advisory Moderate: php security update

Advisory: RHSA-2012:0033-1
Type: Security Advisory
Severity: Moderate
Issued on: 2012-01-18
Last updated on: 2012-01-18
Affected Products: RHEL Desktop Workstation (v. 5 client)
Red Hat Enterprise Linux (v. 5 server)
CVEs (cve.mitre.org): CVE-2011-0708
CVE-2011-1148
CVE-2011-1466
CVE-2011-1469
CVE-2011-2202
CVE-2011-4566
CVE-2011-4885

Details

Updated php packages that fix several security issues are now available for
Red Hat Enterprise Linux 5.

The Red Hat Security Response Team has rated this update as having moderate
security impact. Common Vulnerability Scoring System (CVSS) base scores,
which give detailed severity ratings, are available for each vulnerability
from the CVE links in the References section.

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.

It was found that the hashing routine used by PHP arrays was susceptible
to predictable hash collisions. If an HTTP POST request to a PHP
application contained many parameters whose names map to the same hash
value, a large amount of CPU time would be consumed. This flaw has been
mitigated by adding a new configuration directive, max_input_vars, that
limits the maximum number of parameters processed per request. By
default, max_input_vars is set to 1000. (CVE-2011-4885)

A use-after-free flaw was found in the PHP substr_replace() function. If a
PHP script used the same variable as multiple function arguments, a remote
attacker could possibly use this to crash the PHP interpreter or, possibly,
execute arbitrary code. (CVE-2011-1148)

An integer overflow flaw was found in the PHP exif extension. On 32-bit
systems, a specially-crafted image file could cause the PHP interpreter to
crash or disclose portions of its memory when a PHP script tries to extract
Exchangeable image file format (Exif) metadata from the image file.
(CVE-2011-4566)

An insufficient input validation flaw, leading to a buffer over-read, was
found in the PHP exif extension. A specially-crafted image file could cause
the PHP interpreter to crash when a PHP script tries to extract
Exchangeable image file format (Exif) metadata from the image file.
(CVE-2011-0708)

An integer overflow flaw was found in the PHP calendar extension. A remote
attacker able to make a PHP script call SdnToJulian() with a large value
could cause the PHP interpreter to crash. (CVE-2011-1466)

A bug in the PHP Streams component caused the PHP interpreter to crash if
an FTP wrapper connection was made through an HTTP proxy. A remote attacker
could possibly trigger this issue if a PHP script accepted an untrusted URL
to connect to. (CVE-2011-1469)

An off-by-one flaw was found in PHP. If an attacker uploaded a file with a
specially-crafted file name it could cause a PHP script to attempt to write
a file to the root (/) directory. By default, PHP runs as the "apache"
user, preventing it from writing to the root directory. (CVE-2011-2202)

Red Hat would like to thank oCERT for reporting CVE-2011-4885. oCERT
acknowledges Julian Wälde and Alexander Klink as the original reporters of
CVE-2011-4885.

All php users should upgrade to these updated packages, which contain
backported patches to resolve these issues. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/kb/docs/DOC-11259

Updated packages

RHEL Desktop Workstation (v. 5 client)

SRPMS:
php-5.1.6-27.el5_7.4.src.rpm
File outdated by:  RHSA-2014:0311
    MD5: 41db1ee0bc3d65644b198f771b3a7cc0
SHA-256: 8318ea75104842cb77cb4ce38fd5b07febb126c70706fd82a2741013eb794035
 
IA-32:
php-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: de1b666bcc1bf95e06f0f0a47ffbe190
SHA-256: 08acc0b55ae7d7e9b06ecac4639193b0d8882cb1683f1c2bfaa3c5b6554d5fd8
php-bcmath-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 0fa65cb5c9f64bbd33b4df95c1b67796
SHA-256: 143f916c04eb1a7f0dfc9e731aedb39371523ffa6fa773d890d8af98dcf3c974
php-cli-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 69cd33a5607a3c5f8b93697f430f35fc
SHA-256: dd58f3224662386ca861bc52a8d9b71115517e41b4bb272a08f7b91dcec1981f
php-common-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 69e3dfe0ff86b0ed93db7763d7b29a1c
SHA-256: 216469cda577984d929ee38a1a916d1964967465e57c82f03231e8bbdb055bd1
php-dba-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 48be3947ae3be5e16ee8a4f75bdabcfe
SHA-256: 40e4c35f61ff5f78594ec7540e510a531940671da309bc68e912487c7dae3fd3
php-devel-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5df1ad59f7775581417e1aae4131c5ba
SHA-256: 3c5c75b453136be632c6e86365e0f15793b856f8a4f3a4a1b9072a1b158d0882
php-gd-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 608b87150a86debb979440a4dd04279e
SHA-256: 75732475816a5ce2688622a7453003fbad3dc70796df85951e95256ec5ce25f2
php-imap-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 88b262b31b9c439c31ef642cdcc15369
SHA-256: e7f02dcc8e4a8f8debd8bb865889b7c3666bfb0e982bb331fb18adf63e555122
php-ldap-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 267eff9b8e1fb2cebe25f21fc5405a60
SHA-256: ce9a8f4ba2f6e23b6c314a4107b2b81cf5b303612c950b4b1f1800a9b8f258b0
php-mbstring-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 22ce1f67afe51f097949a0c7fb95195a
SHA-256: 44393a7e7b0d192543005b9e26f4e5d83e04e5f13bbc7da5531c7e6310c9e400
php-mysql-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: fcae530c8fb77c6cf92ede56d4f20653
SHA-256: 234ee68fa9dfa5156be7d0279457baf8291378fa4a430d09e8e0545aa23ab4b1
php-ncurses-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: de339d928d790cfec036971ddcec12d1
SHA-256: 169fa405b89d40acd23e72cbfd073b603a70a235fee4b57c7d393213b9a2a4df
php-odbc-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5e2598ed48241096b197965c6c4311bc
SHA-256: 13752f782cf8a241a8f389457ffdd60976361d1c21933a828df9e206ed203004
php-pdo-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9a384f8b86b50362955a9a4d0fb64dad
SHA-256: 4baff93dac4e9e35099d369d0c185fef77c58eed18e5eeaab1e5ac39de4bf320
php-pgsql-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: cd2fac5484d4b8f5e2b4bfc7eaf53267
SHA-256: 38e7da72b085bc42ddb816ee8f50f04ca77dd556e9407e2903eee178db773da9
php-snmp-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: a95e3794b3def878381a4acd64c4650c
SHA-256: 3d6a831679f53b47d62fec5156179f726dce9effc703ea2fb511b06012844a70
php-soap-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: f713f2ff7f3987396c6661d2c1200fac
SHA-256: 3a71df8c256b0dd7a819d8d0b763a948933590f2f4c8564cb6cf795aa15fa95d
php-xml-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 2fdbda75799d571dfa304721405ad6c9
SHA-256: e85ff6d2241b5bedfb3b6d709d59611d8b4f40f88d6ff5cca079f49de9a78cb8
php-xmlrpc-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 17e98baa6891ac14a2f75212ef56c4c3
SHA-256: 888741fc2112e41d75a59836e7d0aabef36f8356885ae20a8f5d011e8145fe7f
 
x86_64:
php-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9af3fe1ada13b293cf7022e267d1f07d
SHA-256: b304570f4165f964ee0e0af3230fadc2bb99b07b56e36f122b982fc55d9d74dc
php-bcmath-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: f54ee69b2e7da207217af99266ac5e68
SHA-256: 422d44f02575664bc66c573e4a4c553a75355a5fe9188b4015a9152d2b82d193
php-cli-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 31adcd9d6112d7483f29261560b4be5b
SHA-256: 730a6ae36b01a7db0834039cc38cf3c2747f520dcff1e822f7f9d8621bed89f6
php-common-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: c97ae3dbf046ef9ca0ac6debc9c8dfac
SHA-256: 4f34567c6798422729fd3b6f3cfade8c784d6b06ef178feb29137afc5adc2d30
php-dba-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3768116830e6179d98e6c5bb4da19383
SHA-256: 219007379914b51ce6c51ecd02a4f18272e336b53d0cfd8e0ac33d048676cc5c
php-devel-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: ef585fa8d39618644ca22c9ee5a742c0
SHA-256: 8468df395050280fdecb7756008ccad8941a14a3f9e803085798a09449cde562
php-gd-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 149d5eb25c3d70537fca589a0cd29f2e
SHA-256: ffa5cf6cbfaf799e330de8daa7eccc3c755aa9ef18d123b08031cf5ae0584a48
php-imap-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 94bba767ecfd21a695fa1fa3eac76fc1
SHA-256: b13296989cb48cdcc94d902a1f6e9859bcac27d30c4fa2d08844ec3733983bc6
php-ldap-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: b8b04a707aa0733d547d64eac16400c3
SHA-256: d168fd78788efcf4a0297e634c0aa50f5dc8ce44e51b68cbcfac82699470eced
php-mbstring-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 643346ce8f24eca6271c25a2d528ad09
SHA-256: 67d9ca02ac1914fb52beefc9198e6342af9328dd4a387c181582b9f09b493ac7
php-mysql-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: eb8475ae6c94a428268188fba0d8c8aa
SHA-256: 7788b5c7480a9f273be24f41194b30168b17b99da9b1376189ebd008f1973202
php-ncurses-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 32567cfb2abb664499f35eb96e9d9883
SHA-256: 67eeaf0d037fbc0afaaa8f70fd9d42846d587cda3cb2691926d112bbf270cb02
php-odbc-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: bc40462653a8e576eba6d26b12fe7573
SHA-256: 61a90bb2d64b4a2971501a4e48123dd363dff814348f71b108a1e3b5f1484e2e
php-pdo-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: ce192df53bd306ba16ed93d6d5fa731c
SHA-256: 96b6071fac3c7c0fa1dd9b0993bb3731b7da8ee997b3c1b92000f780e4bfa870
php-pgsql-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9a43cac049f36c525418e4aad786149c
SHA-256: f7966761c3e0e97719c80b43a6fecc4d0c3acf6e52fc5a813061825c1e5e09f8
php-snmp-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: b1175b5c00d44d3983417c7714fc8856
SHA-256: a39b0afcd6807c908979f4437c70effbfe96655f7f1e7df8e45cb3abf438a69e
php-soap-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 1a8d3248d00f940e961bdacb21c4a802
SHA-256: 08b3c54dc8938bd0f3f3220a981e96c14c44d9397c2ff3e8c564a89901f53142
php-xml-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3132aa01d2d3bd72f761223532109581
SHA-256: 2c24c64f2f7138454dbeabacb22f5213fb3589dedb60c70a6da317c350715185
php-xmlrpc-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3e0fecc31426378ee44b17b30403c682
SHA-256: 7f6695b0bacd4575db29fd73c0578a7bdecd87db610e63ccfcaa6bb6984dfd22
 
Red Hat Enterprise Linux (v. 5 server)

SRPMS:
php-5.1.6-27.el5_7.4.src.rpm
File outdated by:  RHSA-2014:0311
    MD5: 41db1ee0bc3d65644b198f771b3a7cc0
SHA-256: 8318ea75104842cb77cb4ce38fd5b07febb126c70706fd82a2741013eb794035
 
IA-32:
php-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: de1b666bcc1bf95e06f0f0a47ffbe190
SHA-256: 08acc0b55ae7d7e9b06ecac4639193b0d8882cb1683f1c2bfaa3c5b6554d5fd8
php-bcmath-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 0fa65cb5c9f64bbd33b4df95c1b67796
SHA-256: 143f916c04eb1a7f0dfc9e731aedb39371523ffa6fa773d890d8af98dcf3c974
php-cli-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 69cd33a5607a3c5f8b93697f430f35fc
SHA-256: dd58f3224662386ca861bc52a8d9b71115517e41b4bb272a08f7b91dcec1981f
php-common-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 69e3dfe0ff86b0ed93db7763d7b29a1c
SHA-256: 216469cda577984d929ee38a1a916d1964967465e57c82f03231e8bbdb055bd1
php-dba-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 48be3947ae3be5e16ee8a4f75bdabcfe
SHA-256: 40e4c35f61ff5f78594ec7540e510a531940671da309bc68e912487c7dae3fd3
php-devel-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5df1ad59f7775581417e1aae4131c5ba
SHA-256: 3c5c75b453136be632c6e86365e0f15793b856f8a4f3a4a1b9072a1b158d0882
php-gd-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 608b87150a86debb979440a4dd04279e
SHA-256: 75732475816a5ce2688622a7453003fbad3dc70796df85951e95256ec5ce25f2
php-imap-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 88b262b31b9c439c31ef642cdcc15369
SHA-256: e7f02dcc8e4a8f8debd8bb865889b7c3666bfb0e982bb331fb18adf63e555122
php-ldap-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 267eff9b8e1fb2cebe25f21fc5405a60
SHA-256: ce9a8f4ba2f6e23b6c314a4107b2b81cf5b303612c950b4b1f1800a9b8f258b0
php-mbstring-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 22ce1f67afe51f097949a0c7fb95195a
SHA-256: 44393a7e7b0d192543005b9e26f4e5d83e04e5f13bbc7da5531c7e6310c9e400
php-mysql-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: fcae530c8fb77c6cf92ede56d4f20653
SHA-256: 234ee68fa9dfa5156be7d0279457baf8291378fa4a430d09e8e0545aa23ab4b1
php-ncurses-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: de339d928d790cfec036971ddcec12d1
SHA-256: 169fa405b89d40acd23e72cbfd073b603a70a235fee4b57c7d393213b9a2a4df
php-odbc-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5e2598ed48241096b197965c6c4311bc
SHA-256: 13752f782cf8a241a8f389457ffdd60976361d1c21933a828df9e206ed203004
php-pdo-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9a384f8b86b50362955a9a4d0fb64dad
SHA-256: 4baff93dac4e9e35099d369d0c185fef77c58eed18e5eeaab1e5ac39de4bf320
php-pgsql-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: cd2fac5484d4b8f5e2b4bfc7eaf53267
SHA-256: 38e7da72b085bc42ddb816ee8f50f04ca77dd556e9407e2903eee178db773da9
php-snmp-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: a95e3794b3def878381a4acd64c4650c
SHA-256: 3d6a831679f53b47d62fec5156179f726dce9effc703ea2fb511b06012844a70
php-soap-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: f713f2ff7f3987396c6661d2c1200fac
SHA-256: 3a71df8c256b0dd7a819d8d0b763a948933590f2f4c8564cb6cf795aa15fa95d
php-xml-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 2fdbda75799d571dfa304721405ad6c9
SHA-256: e85ff6d2241b5bedfb3b6d709d59611d8b4f40f88d6ff5cca079f49de9a78cb8
php-xmlrpc-5.1.6-27.el5_7.4.i386.rpm
File outdated by:  RHSA-2014:0311
    MD5: 17e98baa6891ac14a2f75212ef56c4c3
SHA-256: 888741fc2112e41d75a59836e7d0aabef36f8356885ae20a8f5d011e8145fe7f
 
IA-64:
php-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: e8e6c41bf20cbd96bb0eff9b86c4a37b
SHA-256: 0ab7f6a5490b670272a67227ecd450cf4e20c4b8693c40536db89c707203c3b4
php-bcmath-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3efb4c4204df90583e37fbd8ff84d8a2
SHA-256: 95bb92faf089ee4eecfdf242ce234744a6fd09d62de8f30b04191daaf6cedf63
php-cli-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 8cfb6b7fc3cb3d6544a79865a772e652
SHA-256: 15ac8b2cfc1b1420bd60be4e5f6742692cc31304fce5005bed7f022d28ffbb02
php-common-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: f8f38c83304ecbf5ed4ef0c1e1392e5b
SHA-256: fd10774971893fd6533523f07c6d822d14e696dbb8a1012aee2682bb6e169063
php-dba-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: b89dad0264814436da59a6532b4fb146
SHA-256: 9ce65f14a138784946da3af89ed07ed868ced7684a69003508ed2ca1cc0b16a1
php-devel-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 0886c64636c5297a788cc1bd1a86f5d9
SHA-256: 6741dd84e40793502df613ff87696442846de022874ce906057b00cc28fb80a1
php-gd-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 01d4fa0187ffff0a5eb79f49c8c0f28c
SHA-256: a3bb390d5cb900be62f9f15a3abfe71d47eca533ceb11fad056bb687771c979f
php-imap-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5d2617718e33c99c2cc8671f1a4545da
SHA-256: 62d991714d0f57b97a907b7e2c87d686cb3cf575fe12cc69d1bf7058b9ce799e
php-ldap-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 033b0def55221049fb8541c05c10b6ae
SHA-256: 1984b5b9c15c41bcb36bb59bf8e8308529eba31fba5a2c8ef21f16b215fd5e13
php-mbstring-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 4ae0605da21f6e6bff3787e1ffeb86c6
SHA-256: b84fcdc91816e06266be10d59d0cb631e38642e42098a125844bebfe516741ff
php-mysql-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 27b1a85853bb05776d91f783a439c8eb
SHA-256: 460e9e98ba797128be7c82b05a9b02561db541d0d9b0b8712b0088fc9f753547
php-ncurses-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 51dc4ebc079014eb2fce264eaebeb4f1
SHA-256: a162b387d9acc778c6cae976da6e1f452c01ab000806dddaa621bfa8c2870d04
php-odbc-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: eaec2933ef9af2b469ac7c01aefeca4e
SHA-256: e701ca4db168417ff4f38032dd1e865fe7a66eaafe32f807d648ec690db33435
php-pdo-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 888df677a9659cee25ddd3f7294b31c6
SHA-256: 469a900d382bc3185ba9bb2fab20330216f272505de6ad6d3a65de056969fb19
php-pgsql-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 995fe3fc923f0d510623356a21a2c2b6
SHA-256: 0b51fc9974f16d0d59cd51c6b872a62d2deb637774dfa63a6262fdf8dc0cea2d
php-snmp-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5e4bb3551c29ba2e1c8dcfbbcdcea3f1
SHA-256: 6808e0f57af6d1296278ae987b444cd6db8b51c208191ef2ed27c662810050f8
php-soap-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: cb73f3ccb7f0653212cb862b16648829
SHA-256: 252c336f4114bc2eb7154f29860d32fd1dc67226b6491ca993348b3fec35ddda
php-xml-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 2bdcf917477c653459e556429f26855f
SHA-256: ea37aa701e1dbd9cfea0b84d4157e3dc8e34d85a80e8b495df41c67974489110
php-xmlrpc-5.1.6-27.el5_7.4.ia64.rpm
File outdated by:  RHSA-2014:0311
    MD5: e7db5e37ac8714ac6f39b2fb37fcd334
SHA-256: 9ddee5070e71760f2a20780f1252ab4f1c4e8230346a9830ee6e96553e027717
 
PPC:
php-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 6cd60bc0a1fdca1d95410bb9ff4fbe4f
SHA-256: ec0339f4ca02d22927856d884a2dfc8eef8816b37b9f9a413028dd6e9fb67524
php-bcmath-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: a341db1f931e62eb93f62c294372c96b
SHA-256: 48e29e77122285e1b721542fa6987ecb6cb98fde8b63f3d2a3e6e72b4c7b9fd4
php-cli-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5b39394a19f0c30b9bbfa38e55b153c9
SHA-256: b22ba7446763fff8922f9528922fa21dc63f38e34957653af94261a8a47a1210
php-common-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 58ed0deac5799dd935d337fd9a743805
SHA-256: c99a763f3c25fc07022e82ff89594d8cbdcbea36f8f89d12515df6401d938cc8
php-dba-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5d84d80be627972a7a4d75e7435993ea
SHA-256: e18182023231311d7fb7559e501e631619dde9827c7bce30730b3d4ba51e1107
php-devel-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: ebc68760b26ef651a79bcb19112ac16e
SHA-256: a7926a25761b4b81f41d2b0baec8bd86f306053def0a3fd5821ff5c12981e075
php-gd-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 0fd2aa80be1b18c9f00498e7216704ce
SHA-256: 3c15b199af583676968962b95bc46f32d066594ce35ded3220cf119f4d79b151
php-imap-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: f3b739ed1d60b1b1693b58fabb5d6764
SHA-256: 2790b65b37b22c776b45b10af1d9e2a586895456578e3de4d2afcc7e9a60e6b3
php-ldap-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: d34ca5501e44894f899a230120a5e898
SHA-256: e05e987490c3d8cc2e51879d9e0dd990387a87b76c77b29e18d80d48474647e1
php-mbstring-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 28179b7063c634bdb40e34b6fd32e4b6
SHA-256: 6e821e15698adb5f25aaefcf19838ccd4ae2d3cc523f81ca09f20c380c29f5dc
php-mysql-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 591d38f77c13c74d17db4c7b1121ae90
SHA-256: 0cb7154ad7363958cf1250f9168af0235827a6aabb4268bd54460c864453c7c2
php-ncurses-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: dda9c87679a1b5df564bd2f274b8e736
SHA-256: f57c3b232e05c153785cbdf5f05293e0aac9f0daeada912317971050d022c699
php-odbc-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9b173cd45c7f20718a0640477f9c10aa
SHA-256: 2cbc90f4aaabb687b454856a3eb49aa8444ae0ca5c3973a498f8c1a0c7c14d2e
php-pdo-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 84c590fd44f3ab8088e26ae41134a307
SHA-256: 554de9b6f3d20ff4bb7f00d369250f206b91fa76d3e0c0b2500f35a4a6c7ef92
php-pgsql-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: a87f876c40b8ddd21a61949257a44008
SHA-256: 16cbd8347a34620cd3a1d48262d1fc99acc6ed0ff25311522f25da4d3da79326
php-snmp-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: bcfa5f3f3c6d9589fecceed2890c4fc5
SHA-256: 1652cfa22a1e7b2d699ea569938114704033646a36447b0962c366a1e10373b3
php-soap-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: 2b21de5a02e107000066aadd3492f347
SHA-256: 198205e29f31af2285596d3b9223948df67976293f8878930fd9156c26fe7788
php-xml-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: b2e07675ab62317b4fc844cf26280281
SHA-256: 712e905d85abe82c44094852ba1c72b4d96e25ad0c7c3c9cacc6ad0994f8c264
php-xmlrpc-5.1.6-27.el5_7.4.ppc.rpm
File outdated by:  RHSA-2014:0311
    MD5: c7b1835cacdd9e151896b18ff40e921c
SHA-256: d465b59ba8f0a35d81ada3055b2052e9f26f31a9c265502b861128c55bca7289
 
s390x:
php-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: d56b901072f962471c63132dd82a9530
SHA-256: 76cc1a2902f48e3acc1bab276079ab1b16211f136f60ef607ba442983c32778e
php-bcmath-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: fe667f9b5a2b25cc02869d9d472f5803
SHA-256: 5cd503288ddbcf797caef1efb9d044e692cace501d2fc4338eed3a3d5f1fe213
php-cli-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: b2181eceee09023d16b40236f84fffbd
SHA-256: e3d3433618ef42bcf23979ed7ff808fecb09b454823c2d8ecb3000f135f0cf39
php-common-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 90d13a54423b32c9200a0ef54d8c47f6
SHA-256: 44ac01b6a540acdcb001dfb28040d17eaa0d55bdbbad9b9bbe9b847360780859
php-dba-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 95eed7bd1ac7e6503b3bd59515d2ad13
SHA-256: c29e5f43a6d554bb9f65d47bea910d40d74f32bfefddddc9f13e81cbe6346839
php-devel-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 2490b6c91847ea462a654666f6ebff9f
SHA-256: ce2b29a8cdfa1ef5a935bf7cdfa7035b3c03070ec05e7e0b7dd4ba4f0594ddc9
php-gd-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: c1d1647a38d1101dec8331f6c7871197
SHA-256: 60be87c9bcce500b6d06dd4b3fbb1a3334fdff8f8dc02f640ecb11a1f06b5022
php-imap-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: ed546ffe08de81b864579a9fd6996b1e
SHA-256: 9fe80f9f1fb039102af00b580dd8a2f0702f8856afb1f88f555af6834c44f5d9
php-ldap-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: d33b07c4ae93fb6d37c4581cbb694e04
SHA-256: 716cc6ede7303b1e7285c3cc412666368ed7ead4137d4c4194b7fad8406ba7f1
php-mbstring-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: d830a1f15f47f5213b13eb85e8998e99
SHA-256: 1fa8d025f8b64f7421d83dbb6ba73bc6fa5a8ac3f8986afa675d79b98d8c3a5e
php-mysql-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: df6b0633412664245485ee31246960e7
SHA-256: 40396534cac81980efbaac15a3dd7b6899163e58b059ec1e1e2f1992be844f0f
php-ncurses-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 5cb3f5277dd32bb8593f4610e6a67255
SHA-256: 6d4e145b4318cebf7822a1fae0f65a10e0843f85a4afaf90903306fcc9529bc9
php-odbc-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: b2eef46831411b715bfd69972cf121a7
SHA-256: 5ec64f1f499cbb2cbee465e6247c2a993b8624bd6732d4db6016d6ded0a3d866
php-pdo-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 02799a762fa7d09b9124dab92e4e0f07
SHA-256: 11d42a735599dddeecd0726eebd47c1e30491f51570d4d8e6dc395ca6c0b3ef4
php-pgsql-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3f3b103bd9102b857326a8fc997a12ea
SHA-256: 208312125e9e68e35b9b70750e0f5be3d45c1bd63142a1cbf472ddece42ecaae
php-snmp-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: dca54fe00187b7982b903ea7ec856efd
SHA-256: 65192c2360d6ecb2c24826cefe160a032a576e0bd8a33817962dba21a0a0c953
php-soap-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 26d217ec820b3a03085e554cf4e0a2d2
SHA-256: 936f8fe6df52067aacc7cefdc000e950f6fb86a4eb658071164deaa5157f50a2
php-xml-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: af4fe3ef317a841ef0b8bc4c1f3713cf
SHA-256: 8fc7df575c9abaa1738857bd29aac27a23cb3b0093e14acf38efbbb4fd071927
php-xmlrpc-5.1.6-27.el5_7.4.s390x.rpm
File outdated by:  RHSA-2014:0311
    MD5: 98f1376c25fcfb714cf0e613dd0d9998
SHA-256: 05de15e5da249045a2f4301399cebbf9b362f86dffe32d3f5cbf95123d8971a5
 
x86_64:
php-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9af3fe1ada13b293cf7022e267d1f07d
SHA-256: b304570f4165f964ee0e0af3230fadc2bb99b07b56e36f122b982fc55d9d74dc
php-bcmath-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: f54ee69b2e7da207217af99266ac5e68
SHA-256: 422d44f02575664bc66c573e4a4c553a75355a5fe9188b4015a9152d2b82d193
php-cli-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 31adcd9d6112d7483f29261560b4be5b
SHA-256: 730a6ae36b01a7db0834039cc38cf3c2747f520dcff1e822f7f9d8621bed89f6
php-common-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: c97ae3dbf046ef9ca0ac6debc9c8dfac
SHA-256: 4f34567c6798422729fd3b6f3cfade8c784d6b06ef178feb29137afc5adc2d30
php-dba-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3768116830e6179d98e6c5bb4da19383
SHA-256: 219007379914b51ce6c51ecd02a4f18272e336b53d0cfd8e0ac33d048676cc5c
php-devel-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: ef585fa8d39618644ca22c9ee5a742c0
SHA-256: 8468df395050280fdecb7756008ccad8941a14a3f9e803085798a09449cde562
php-gd-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 149d5eb25c3d70537fca589a0cd29f2e
SHA-256: ffa5cf6cbfaf799e330de8daa7eccc3c755aa9ef18d123b08031cf5ae0584a48
php-imap-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 94bba767ecfd21a695fa1fa3eac76fc1
SHA-256: b13296989cb48cdcc94d902a1f6e9859bcac27d30c4fa2d08844ec3733983bc6
php-ldap-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: b8b04a707aa0733d547d64eac16400c3
SHA-256: d168fd78788efcf4a0297e634c0aa50f5dc8ce44e51b68cbcfac82699470eced
php-mbstring-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 643346ce8f24eca6271c25a2d528ad09
SHA-256: 67d9ca02ac1914fb52beefc9198e6342af9328dd4a387c181582b9f09b493ac7
php-mysql-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: eb8475ae6c94a428268188fba0d8c8aa
SHA-256: 7788b5c7480a9f273be24f41194b30168b17b99da9b1376189ebd008f1973202
php-ncurses-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 32567cfb2abb664499f35eb96e9d9883
SHA-256: 67eeaf0d037fbc0afaaa8f70fd9d42846d587cda3cb2691926d112bbf270cb02
php-odbc-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: bc40462653a8e576eba6d26b12fe7573
SHA-256: 61a90bb2d64b4a2971501a4e48123dd363dff814348f71b108a1e3b5f1484e2e
php-pdo-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: ce192df53bd306ba16ed93d6d5fa731c
SHA-256: 96b6071fac3c7c0fa1dd9b0993bb3731b7da8ee997b3c1b92000f780e4bfa870
php-pgsql-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 9a43cac049f36c525418e4aad786149c
SHA-256: f7966761c3e0e97719c80b43a6fecc4d0c3acf6e52fc5a813061825c1e5e09f8
php-snmp-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: b1175b5c00d44d3983417c7714fc8856
SHA-256: a39b0afcd6807c908979f4437c70effbfe96655f7f1e7df8e45cb3abf438a69e
php-soap-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 1a8d3248d00f940e961bdacb21c4a802
SHA-256: 08b3c54dc8938bd0f3f3220a981e96c14c44d9397c2ff3e8c564a89901f53142
php-xml-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3132aa01d2d3bd72f761223532109581
SHA-256: 2c24c64f2f7138454dbeabacb22f5213fb3589dedb60c70a6da317c350715185
php-xmlrpc-5.1.6-27.el5_7.4.x86_64.rpm
File outdated by:  RHSA-2014:0311
    MD5: 3e0fecc31426378ee44b17b30403c682
SHA-256: 7f6695b0bacd4575db29fd73c0578a7bdecd87db610e63ccfcaa6bb6984dfd22
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

680972 - CVE-2011-0708 php: buffer over-read in Exif extension
688958 - CVE-2011-1148 php: use-after-free vulnerability in substr_replace()
689386 - CVE-2011-1466 php: Crash by converting serial day numbers (SDN) into Julian calendar
690905 - CVE-2011-1469 php: DoS when using HTTP proxy with the FTP wrapper
713194 - CVE-2011-2202 php: file path injection vulnerability in RFC1867 file upload filename
750547 - CVE-2011-4885 php: hash table collisions CPU usage DoS (oCERT-2011-003)
758413 - CVE-2011-4566 php: integer overflow in exif_process_IFD_TAG() may lead to DoS or arbitrary memory disclosure


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/