[<prev] [next>] [day] [month] [year] [list]
Message-ID: <471f79c7.g9/+OlRsMyTYpw9g%announce-noreply@rpath.com>
Date: Wed, 24 Oct 2007 12:58:47 -0400
From: rPath Update Announcements <announce-noreply@...th.com>
To: security-announce@...ts.rpath.com,
update-announce@...ts.rpath.com
Cc: full-disclosure@...ts.grok.org.uk, vulnwatch@...nwatch.org,
bugtraq@...urityfocus.com, lwn@....net
Subject: rPSA-2007-0221-1 php php-mysql php-pgsql
rPath Security Advisory: 2007-0221-1
Published: 2007-10-24
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote System User Deterministic Unauthorized Access
Updated Versions:
php=conary.rpath.com@rpl:1/4.3.11-15.15-1
php-mysql=conary.rpath.com@rpl:1/4.3.11-15.15-1
php-pgsql=conary.rpath.com@rpl:1/4.3.11-15.15-1
rPath Issue Tracking System:
https://issues.rpath.com/browse/RPL-1693
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1864
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2872
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3378
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3799
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3997
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3998
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4657
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4658
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4659
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4662
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4663
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4670
Description:
Previous versions of the php package are vulnerable to many attacks,
the worst of which enable various remote attackers to run arbitrary
code as the "apache" user. These vulnerabilities are exposed by a
wide variety of applications written in the PHP language.
http://wiki.rpath.com/Advisories:rPSA-2007-0221
Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html
Powered by blists - more mailing lists