php-5.3.3-22.AXS4
エラータID: AXSA:2013-117:01
PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.
The php package contains the module which adds support for the PHP language to Apache HTTP Server.
Security issues fixed with this release:
• CVE-2011-1398
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.
• CVE-2012-0831
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
• CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
Update packages.
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.
N/A
SRPMS
- php-5.3.3-22.AXS4.src.rpm
MD5: 4e376b5e3abbba9b2eaee8ec4f852455
SHA-256: 868d810c3a4689b7dd44903bd5c897f49cf51542764d1a4377f52ddd05794562
Size: 10.34 MB
Asianux Server 4 for x86
- php-5.3.3-22.AXS4.i686.rpm
MD5: 3ea5dd070b5afcf1437d5986b586eaf9
SHA-256: 114a8f040f0cdf2a903c0135c529a1a7cd5ffe5861d541a0d0410d70dea04bff
Size: 1.11 MB - php-bcmath-5.3.3-22.AXS4.i686.rpm
MD5: cdeef18d35130625f5ca89bdb2d1a3d1
SHA-256: ecfd83e4d775526d00517c1bf4e495b6436f00a6a2f5d9bd5b2f7813a807c9ba
Size: 33.41 kB - php-cli-5.3.3-22.AXS4.i686.rpm
MD5: d8b761cfff94f9e2c3d5421d8e50c95e
SHA-256: 81f725ead0503f2d509a145519691fe29010643acab71056f76e388cdec8b9d3
Size: 2.22 MB - php-common-5.3.3-22.AXS4.i686.rpm
MD5: ca57a22a49000510366cd171b23a9232
SHA-256: d48c3ab8ac2a3860820ab8a9d5e92b925b64449d51f4488e7ca56da6bb40138d
Size: 524.23 kB - php-gd-5.3.3-22.AXS4.i686.rpm
MD5: 036790a224802e450fe519090c36cd4e
SHA-256: 92875f4917282dbf26d65c7b454c525915e03783ea592f12d1ab216f64f72d3f
Size: 103.55 kB - php-ldap-5.3.3-22.AXS4.i686.rpm
MD5: e1456bc99e0b2f13b6002845bcb8898a
SHA-256: dc827f32762372446db40103db9a24c9ebe47fc06c203e64c7083d57bce0f7db
Size: 36.43 kB - php-mbstring-5.3.3-22.AXS4.i686.rpm
MD5: 3c6f374c08dac1108cdd6a6ecf4259ce
SHA-256: c57d40e5f949f547176a55ce2362b567ab5be0615b3f8ba66c54a98151ec3117
Size: 453.81 kB - php-mysql-5.3.3-22.AXS4.i686.rpm
MD5: 75961060d38f5cd3cb8cbecf20df8b27
SHA-256: df12870f45ae7df7b07a7dc07a834655c5b6c4d2f1e441120e9f3bba1083fd49
Size: 77.57 kB - php-odbc-5.3.3-22.AXS4.i686.rpm
MD5: 15c32217bb07b6aeb68d4b047e3a2ebd
SHA-256: 9d3a439c053d4703cadc0e4ce5f0a0ecf69f6de7016e76941135a2ff4e3a1f46
Size: 49.02 kB - php-pdo-5.3.3-22.AXS4.i686.rpm
MD5: e1d1c80c2752296a921844e3d84e5fd0
SHA-256: 3d3910a3991bdc4617bfe8b56a43df06dd561bf6c28a94021a2e277cc8bdd416
Size: 73.11 kB - php-pgsql-5.3.3-22.AXS4.i686.rpm
MD5: 427c158fbc6e05d27fcc0faed369b5ac
SHA-256: 1f96f074f17a282335d83742d8592924f65a07d3231808ac258c1b15d20a48d8
Size: 68.02 kB - php-soap-5.3.3-22.AXS4.i686.rpm
MD5: d809bfb2fb418f78643c2e007d46791a
SHA-256: 35d53d2c5d94907b2839ba19f457abdbe735a5fcfd9cf6e75f305927d74e6122
Size: 140.10 kB - php-xml-5.3.3-22.AXS4.i686.rpm
MD5: 7b8e4bb3038304a764752c8f1ef0792e
SHA-256: 950c136868853a1732330e62db801d21b26ec89693024c8d47212e636e3bf912
Size: 100.14 kB - php-xmlrpc-5.3.3-22.AXS4.i686.rpm
MD5: 87898c92f597ec3cf9b8ad4ddd8e16db
SHA-256: dd634c638278eec56b69467279027b3332179f2e837793326e7e67a71583d1b0
Size: 52.17 kB
Asianux Server 4 for x86_64
- php-5.3.3-22.AXS4.x86_64.rpm
MD5: 2aa62ba5e4b8fd2f44b80aca1295b4bc
SHA-256: d61cd833d792ed4e50bf3c69d6563be6559b34cabb61044d47bf84e593d44848
Size: 1.12 MB - php-bcmath-5.3.3-22.AXS4.x86_64.rpm
MD5: 318e7bde46c94073cf719a47c618c368
SHA-256: 5c8bf650371152b29e5d4c35aee96010c2e7c4631da9cdef15353067f372d309
Size: 33.17 kB - php-cli-5.3.3-22.AXS4.x86_64.rpm
MD5: 02aae612504c0d3d6c862f618a72ed96
SHA-256: 48fc6384d7240f4a5366893bd47b4278bafd646165282265ceadb668ccbfb10e
Size: 2.17 MB - php-common-5.3.3-22.AXS4.x86_64.rpm
MD5: dc2b5d90a196334ab7c28337d8bd3baa
SHA-256: 56d9a425b7b200c4986c67b4f525bcaefc70d8b6e4717d302672edfdd2f0d26b
Size: 522.99 kB - php-gd-5.3.3-22.AXS4.x86_64.rpm
MD5: d0144da3f5b734e01705e41ecd1087cd
SHA-256: c1e277294097990cc9497b1b9fcddc7260a88dd512f6a049003e139e6b04c4c4
Size: 104.71 kB - php-ldap-5.3.3-22.AXS4.x86_64.rpm
MD5: af171f89686bba80d35d63a0e102ae7b
SHA-256: 23d9f79c2f386b83a5277ab210533e78bdd882cbc67ceb99d5ae68fe9e284f76
Size: 36.80 kB - php-mbstring-5.3.3-22.AXS4.x86_64.rpm
MD5: 5bcbeb1ec682cdfc636a5d8f0bb0153c
SHA-256: 92c2211964e6511759818098a0c589aa7b7b0c51b16b96a90ed1fbd1474e62e4
Size: 453.74 kB - php-mysql-5.3.3-22.AXS4.x86_64.rpm
MD5: 26cb0506046778f02924601c69338c6a
SHA-256: 53cb5dd77a058f9b5849be795204bb0649fdddc9c2542c959c13931ed968930f
Size: 79.74 kB - php-odbc-5.3.3-22.AXS4.x86_64.rpm
MD5: 098ba0518fe91e2e7ff606b6a51f19a5
SHA-256: 0055c7e0cac9a71e7839f9a8d51695c0480e2c067d21e7ecfa5d9f2fa3a4bea3
Size: 49.30 kB - php-pdo-5.3.3-22.AXS4.x86_64.rpm
MD5: e83e793f8e8caa6812afcfb62c60e68b
SHA-256: 1385f5c938e719b26f2ac1bdbd5f1a2ecc102a5c62d1ecd4684be1c78fcd1b82
Size: 73.73 kB - php-pgsql-5.3.3-22.AXS4.x86_64.rpm
MD5: ad14c322fb1e379cb8f0713ee95af0d1
SHA-256: 56e3295e4f6b6fae357205859e6ab80d63ce9dc4d74531a9c2c424e81506f515
Size: 68.75 kB - php-soap-5.3.3-22.AXS4.x86_64.rpm
MD5: cec4758d321ab86b38d429f17c34a2c7
SHA-256: 5b5c3b39aade13b14727784c33218e812137f3e190aa4e3bbfbe721e0ef092bd
Size: 138.61 kB - php-xml-5.3.3-22.AXS4.x86_64.rpm
MD5: 05fd5b852997a4f2210d4cf36450df47
SHA-256: c72d58d00eb4ac27cbf6076a147fbec64de9ddc49f14052253f1bfffe7497d80
Size: 101.75 kB - php-xmlrpc-5.3.3-22.AXS4.x86_64.rpm
MD5: ee29a547f6bc09999d192a4f23fcbcee
SHA-256: c6c08267505a1ebd74881b88f8016e0dd147bc83bc57908018e7507d075c1ded
Size: 51.06 kB