Skip to navigation

Security Advisory Critical: php security update

Advisory: RHSA-2012:0570-1
Type: Security Advisory
Severity: Critical
Issued on: 2012-05-11
Last updated on: 2012-05-11
Affected Products: Red Hat Application Stack v2
CVEs (cve.mitre.org): CVE-2012-1823

Details

Updated php packages that fix one security issue are now available for
Red Hat Application Stack v2.

The Red Hat Security Response Team has rated this update as having critical
security impact. A Common Vulnerability Scoring System (CVSS) base score,
which gives a detailed severity rating, is available from the CVE link in
the References section.

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP Server.

A flaw was found in the way the php-cgi executable processed command line
arguments when running in CGI mode. A remote attacker could send a
specially-crafted request to a PHP script that would result in the query
string being parsed by php-cgi as command line options and arguments. This
could lead to the disclosure of the script's source code or arbitrary code
execution with the privileges of the PHP interpreter. (CVE-2012-1823)

Red Hat is aware that a public exploit for this issue is available that
allows remote code execution in affected PHP CGI configurations. This flaw
does not affect the default configuration using the PHP module for Apache
httpd to handle PHP scripts.

All php users should upgrade to these updated packages, which contain a
backported patch to resolve this issue. After installing the updated
packages, the httpd daemon must be restarted for the update to take effect.


Solution

Before applying this update, make sure all previously-released errata
relevant to your system have been applied.

This update is available via the Red Hat Network. Details on how to
use the Red Hat Network to apply this update are available at
https://access.redhat.com/knowledge/articles/11258

Updated packages

Red Hat Application Stack v2

SRPMS:
php-5.2.10-2.el5s2.src.rpm     MD5: 68c06af0e90c06a16b1d06bb2ed2a362
SHA-256: cf83380ddd322fa4ec202fc65f33b76fd3dfa807d7e84b47d7b5892e50a3305b
 
IA-32:
php-5.2.10-2.el5s2.i386.rpm     MD5: 2bde0019545113914a38f80c58334073
SHA-256: 8cd0e51db440c0245944d24a8fe0dda698e83eea6eae20d94322e50a4e96e2a9
php-bcmath-5.2.10-2.el5s2.i386.rpm     MD5: 6b2ff637e26f233d1d636acdd62da89d
SHA-256: 8f8fd09a103a2360bdfa14107b3e47cb6f668a9abc9ee0ddc5564fb28cfaad6f
php-cli-5.2.10-2.el5s2.i386.rpm     MD5: 4d6cb514495e931e97c5aff72b5ca413
SHA-256: 868eb92e7da289899f76903efe32eff82b9e36e9c073ec67231f54df9e5473af
php-common-5.2.10-2.el5s2.i386.rpm     MD5: 471e4c9fe0d78809f6eb35b210f11bb1
SHA-256: d789be26b50359a90ddc77318e590625b739f60868033f7b6ff30bc6d89450e4
php-dba-5.2.10-2.el5s2.i386.rpm     MD5: cac25aa971886daa64329f4d08612ccb
SHA-256: 4e51b083b65c2f129dc368a2d77e58f91dc20b59a5ea2b9be429733657ebe048
php-devel-5.2.10-2.el5s2.i386.rpm     MD5: c16c4853a07d37c904f8c4f917efd20c
SHA-256: a31fb67ea525922142a599bbc1af535bdfd721a007e039b461594ef1620c9f28
php-gd-5.2.10-2.el5s2.i386.rpm     MD5: 364abaa3057e50b3f43cc1d5d81caf2f
SHA-256: 4f0b3208bec0452d93c63c9864836e33425e5513ad209a2ce8eca883ecb40314
php-imap-5.2.10-2.el5s2.i386.rpm     MD5: 0732ff08e347656ce922ef1124fa1af8
SHA-256: 1f9a001b7386aa6eab12d1ffa50982f167289fc94132f3125ccf47078e20fa8c
php-ldap-5.2.10-2.el5s2.i386.rpm     MD5: 419356bce520b28f61e1d847ca88434f
SHA-256: b92dcd328f136482f7b1d4a19862515cb8754d2ef257d7492df90cc5a9d77133
php-mbstring-5.2.10-2.el5s2.i386.rpm     MD5: dc1883d919be2bbd6b4bd311da07dd86
SHA-256: 05f8412bb4b00e077ab621bc1be25e4dac774240dd9f6fd7aa0dfb24c24fd947
php-mysql-5.2.10-2.el5s2.i386.rpm     MD5: b6768f21f09ec1dc81ee937854f693f3
SHA-256: 5b22b538d64a607e1a02305c4cf6fdbe1fc08e1aaba9c765228d64ef0bc8b70b
php-ncurses-5.2.10-2.el5s2.i386.rpm     MD5: 8009eed31e6859e36f2fc337fa140f29
SHA-256: 37a10b5b15b9eb1d098bbcccf062bc856060e4e6fc4002ef913c9b9e505bdef4
php-odbc-5.2.10-2.el5s2.i386.rpm     MD5: de9f12c6b2fa94361a4f3f1d61052873
SHA-256: bc2ccd15f51dd3abeffe334b2e4f6119b669347e6f4bfe54faadafba31ee9d26
php-pdo-5.2.10-2.el5s2.i386.rpm     MD5: c6f69c05bfc77943538584090c66ac7a
SHA-256: 1f12f404148485efdf91cccdffcb8ebef73cad1f60e986eb61a7a42c6091e653
php-pgsql-5.2.10-2.el5s2.i386.rpm     MD5: b623d17948ff3b09ef60a06adec72e79
SHA-256: 2648d0b9e858b0f73f534d747fc7cf71521ffd6e24c833763839d949ae540ba0
php-snmp-5.2.10-2.el5s2.i386.rpm     MD5: 01ccaea7e5a389589a6bb92f58034829
SHA-256: 405eb5c50c55a56bc0a951efa82c661e8883d97110febe030346bf183344ebec
php-soap-5.2.10-2.el5s2.i386.rpm     MD5: 0d0adb88f05be09262f384963af1b5f5
SHA-256: f1ea4508d722e8c42fbb61c82196a271cba8d8c7dd30c9bb2e6a32b3470064c5
php-xml-5.2.10-2.el5s2.i386.rpm     MD5: 77cd33484f3e8c80a4c6b981694abaa2
SHA-256: 26ffc398e1bb54a79aa0cd73ae7a58627406336a4bbeafcdb3cd6015559190b6
php-xmlrpc-5.2.10-2.el5s2.i386.rpm     MD5: c1186b28db0c2a6973085693e4b5b34c
SHA-256: 10689c6420d36ab605623a9b7fbda729cf17852ce5a96033f01582002f6f416a
 
x86_64:
php-5.2.10-2.el5s2.x86_64.rpm     MD5: 45c961de6b4b75dd4a6e3b6ad603d24d
SHA-256: 1bf6f55bdac83785db16578b3fa5f6b99a375bde175520a5e385eeb545a4c040
php-bcmath-5.2.10-2.el5s2.x86_64.rpm     MD5: 5d0aadc2d196329e54489414dc219922
SHA-256: 25a2d1daf2b27c15638e1f225f8927c3e890b14d2270c59ebec6c66492bfa0f6
php-cli-5.2.10-2.el5s2.x86_64.rpm     MD5: 6610877d03227bfe3d775360aa896d16
SHA-256: 8759e6cf7b28da27cb50abaee2808a727f20d791e40390d8d025a4203ae77fef
php-common-5.2.10-2.el5s2.x86_64.rpm     MD5: 88df03ff1101a40479bcaf776bbc8721
SHA-256: 5daba97f8bad400ac2fa3a4b18461ab28f128caafb33800c6a9cdb54867c71b6
php-dba-5.2.10-2.el5s2.x86_64.rpm     MD5: 6d13d864fadf9961d2219fac7ae775e3
SHA-256: 74dc494e1fbdcc4a78dc4b27422af9fc669505987069fac55f6c377331bb0dee
php-devel-5.2.10-2.el5s2.x86_64.rpm     MD5: 29870ab8b3984022537474768a3050b1
SHA-256: f898aa46478b6bf0a8839f2dee695b8d8497e5fced645f243ef671edf90fee9b
php-gd-5.2.10-2.el5s2.x86_64.rpm     MD5: 7488e7b680e6a1597f06ae14fec4a1dc
SHA-256: 347c650cb2cd700baa3f2f97cedd2b7a39a4882eab87a92e77bd0f39fbac2320
php-imap-5.2.10-2.el5s2.x86_64.rpm     MD5: a876df264544ab706ff9cc66f1ca58ef
SHA-256: c8d79e2400b70479a6a6a44f9fad2a41b643b6da2e734c4a2c3809d2ef9710cb
php-ldap-5.2.10-2.el5s2.x86_64.rpm     MD5: 850791de1e2da3dd33624f6555b3e33a
SHA-256: d5ed0fe7d9a195ad2cdbd9d9ce015790032b68164e2229168a0d6dbb1c047d51
php-mbstring-5.2.10-2.el5s2.x86_64.rpm     MD5: 5e82a9df526807e32c00a09675519915
SHA-256: ffb2a65b5f6b121e17012b8c10684ddd9c3b8e9ba4055f7fbe9f7dd01a227d59
php-mysql-5.2.10-2.el5s2.x86_64.rpm     MD5: fbe203b37269360f0b0584ef06e494a3
SHA-256: 336e8de4e6d6aa4db23eca5514cf396b36343f498d2e07e0d3c394e0ecf1bdcb
php-ncurses-5.2.10-2.el5s2.x86_64.rpm     MD5: 282c83303cfb2030a2f84a7ca8c79dee
SHA-256: f7079b0bcfa22e213ca2e8a39813e6e9225ee641743adb95f450ed52a61bb67e
php-odbc-5.2.10-2.el5s2.x86_64.rpm     MD5: 163710370ed01e089a9de0cf92627ec5
SHA-256: 18b035d0ed49a32e0a006e676f4240fa6a7d3f060928fc0b6a2bb6f97cfd3a12
php-pdo-5.2.10-2.el5s2.x86_64.rpm     MD5: 4796f2edb87340f6147e90910a002777
SHA-256: aa449d660f92e7483524ee2578ae9ee0ce8912c093ad1e652d853f149dbb5370
php-pgsql-5.2.10-2.el5s2.x86_64.rpm     MD5: 9d815d8d5bdd3095e908e01038c9c46c
SHA-256: ef3708beccf39d4ccb6c1796b1831a23412f22fd4877f9fa936c8716f0cebb63
php-snmp-5.2.10-2.el5s2.x86_64.rpm     MD5: 87a40aa284728168a38411641285ae1f
SHA-256: 10c15b7411701c4e7a96562b746c48f09f8d8621be6519f95f89ea36a5bbfe29
php-soap-5.2.10-2.el5s2.x86_64.rpm     MD5: cedfd4b8bcb40f8343b68d77398366bc
SHA-256: 700afb83b9d1017d66e5927eb3c847ed0a66be813275d33977ee0765991fb882
php-xml-5.2.10-2.el5s2.x86_64.rpm     MD5: d63ae28028ec1d94454704cc85287855
SHA-256: 59546c8c08ce0dec97d8695606b944daba6aa3229c1c0e523383aad37f304d97
php-xmlrpc-5.2.10-2.el5s2.x86_64.rpm     MD5: 33ed1c84db56e3bd5a1e3792a3e6e3ef
SHA-256: 8ba3b25645bf79ba60b596884781007b44267d4cd108f769f2a850b9d0783832
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

818607 - CVE-2012-1823 php: command line arguments injection when run in CGI mode (VU#520827)


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/