[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20060726110252.GK5161@piware.de>
Date: Wed, 26 Jul 2006 13:02:52 +0200
From: Martin Pitt <martin.pitt@...onical.com>
To: ubuntu-security-announce@...ts.ubuntu.com
Cc: full-disclosure@...ts.grok.org.uk, bugtraq@...urityfocus.com
Subject: [USN-320-2] php4 regression
===========================================================
Ubuntu Security Notice USN-320-2 July 26, 2006
php4 regression
https://launchpad.net/bugs/53581
===========================================================
A security issue affects the following Ubuntu releases:
Ubuntu 5.04
This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.
The problem can be corrected by upgrading your system to the
following package versions:
Ubuntu 5.04:
libapache2-mod-php4 4:4.3.10-10ubuntu4.6
php4-cgi 4:4.3.10-10ubuntu4.6
php4-cli 4:4.3.10-10ubuntu4.6
In general, a standard system upgrade is sufficient to effect the
necessary changes.
Details follow:
USN-320-2 fixed several vulnerabilities in PHP. James Manning
discovered that the Ubuntu 5.04 update introduced a regression, the
function tempnam() caused a crash of the PHP interpreter in some
circumstances. The updated packages fix this.
We apologize for the inconvenience.
Updated packages for Ubuntu 5.04:
Source archives:
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu4.6.diff.gz
Size/MD5: 281956 1c914659e6f61602a9f71b8d37b3392b
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu4.6.dsc
Size/MD5: 1469 17a8050464f1dbbb1fabb99343a5c6cf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10.orig.tar.gz
Size/MD5: 4892209 73f5d1f42e34efa534a09c6091b5a21e
Architecture independent packages:
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu4.6_all.deb
Size/MD5: 1126 a05b26a1ea93b28d73b94422da467918
amd64 architecture (Athlon64, Opteron, EM64T Xeon)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 1657558 9d8d66e9cb31cb87294b6233fa927e33
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 3275316 4423f48ce31f2f3334506b23f02fedb8
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 1647604 e79fed2516655fc81564e8fe0f488bea
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 168258 5252917d283455beea87dcfcd80d3bbf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 348252 d38144e70507eeeaccd0f0eb88201332
i386 architecture (x86 compatible Intel/AMD)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 1592844 ab4f524bf3b203661ca083fc6cbefb00
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 3169886 0b56067b59dd1612562dc82fc6eede43
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 1592924 86addeffabaa817733857dfed3e37b29
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 168254 f0ed0ff02813d768a8e600f3646382ba
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 348266 70238b0ae0790cd79c645720e66eae19
powerpc architecture (Apple Macintosh G3/G4/G5)
http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 1658990 5769a9d9690042900e70f98432ed7d7a
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 3278826 9a2287a0bf8e587ee651230d8e40b797
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 1646196 a001bf1a15d25ae4354190d8c722e846
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 168268 37293b3c08d1593bb55b73bce39cf6c3
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 348282 257afdf00afb930d1fb294d12454ae3a
Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists