Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 74600 - new version of PHP that fixes secuity issues
Summary: new version of PHP that fixes secuity issues
Status: RESOLVED DUPLICATE of bug 74547
Alias: None
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All All
: High normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2004-12-16 01:26 UTC by Christian Korff
Modified: 2011-10-30 22:38 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Korff 2004-12-16 01:26:27 UTC
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

PHP Development Team would like to announce the immediate release of PHP
4.3.10 and 5.0.3. These are maintenance releases that in addition to
non-critical bug fixes address several very serious security issues.

These include the following:

CAN-2004-1018 - shmop_write() out of bounds memory write access.
CAN-2004-1018 - integer overflow/underflow in pack() and unpack() functions.
CAN-2004-1019 - possible information disclosure, double free and
negative reference index array underflow in deserialization code.
CAN-2004-1020 - addslashes not escaping \0 correctly.
CAN-2004-1063 - safe_mode execution directory bypass.
CAN-2004-1064 - arbitrary file access through path truncation.
CAN-2004-1065 - exif_read_data() overflow on long sectionname.
magic_quotes_gpc could lead to one level directory traversal with file
uploads.

All Users of PHP are strongly encouraged to upgrade to this release as
soon as possible.

Aside from the above mentioned issues this release includes the
following important fixes:

* Possible crash inside ftp_get().
* get_current_user() crashes on Windows.
* Possible crash in ctype_digit on large numbers.
* Crash when parsing ?getvariable[][.
* Possible crash in the curl_getinfo() function.
* Double free when openssl_csr_new fails.
* Crash when using unknown/unsupported session.save_handler and/or
session.serialize_handler.
* Prevent infinite recursion in url redirection.
* Ensure that temporary files created by GD are removed.
* Crash in fgetcsv() with negative length. (PHP 4 only)
* Improved performance of the foreach() construct. (PHP 4 only)
* Improved number handling on non-English locales.

PHP Development Team would like to thank all the people who have
identified the security faults in PHP and helped us to address them.


PHP Development Team
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)

iD8DBQFBwKX6LKekh381/CERAvGXAJ0Z4bSEh1tb4uI5zW+XGmrvWLG+MACdG9yP
wqZ9fG0shu14u1bRshswk18=
=y2xQ
-----END PGP SIGNATURE-----

-- 
PHP Announcements Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
Comment 1 Sune Kloppenborg Jeppesen gentoo-dev 2004-12-16 01:28:41 UTC
Christian thx for the report. However we already have an open bug for it.

*** This bug has been marked as a duplicate of 74547 ***