AXSA:2011-39:01

リリース日: 
2011/02/15 Tuesday - 15:23
題名: 
php-5.3.2-6.AXS4.1
影響のあるチャネル: 
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity: 
High
Description: 

PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.
The php package contains the module which adds support for the PHP language to Apache HTTP Server.
Security issues fixed with this release:
CVE-2009-5016
Integer overflow in the xml_utf8_decode function in ext/xml/xml.c in PHP before 5.2.11 makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string that uses overlong UTF-8 encoding, a different vulnerability than CVE-2010-3870.
CVE-2010-3709
The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted ZIP archive.
CVE-2010-3870
The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encoding and ill-formed subsequences in UTF-8 data, which makes it easier for remote attackers to bypass cross-site scripting (XSS) and SQL injection protection mechanisms via a crafted string.
CVE-2010-4645
strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and other products, allows context-dependent attackers to cause a denial of service (infinite loop) via a certain floating-point value in scientific notation, which is not properly handled in x87 FPU registers.

解決策: 

Update packages.

追加情報: 

N/A

ダウンロード: 

SRPMS
  1. php-5.3.2-6.AXS4.1.src.rpm
    MD5: af73b3dd0f0172b5c55fc1f47362f30f
    SHA-256: e5fe03091e723c82ca4017e2de93cb348745d45b14482e4e4d68800c56866ac2
    Size: 10.05 MB

Asianux Server 4 for x86
  1. php-5.3.2-6.AXS4.1.i686.rpm
    MD5: 19562d92ad699b11b50ce481ec4c511a
    SHA-256: b0ec6fe54db8eb663aa6e66170d36c689983f6404374c43899303c0c04becb8e
    Size: 1.10 MB
  2. php-cli-5.3.2-6.AXS4.1.i686.rpm
    MD5: 734087519461ba4d9c7ad9f7b6d035e2
    SHA-256: 33ee63d9e48f68da07408110bfdbf241ba59d2d1e35cc22b1e3d618b524af4e5
    Size: 2.20 MB
  3. php-common-5.3.2-6.AXS4.1.i686.rpm
    MD5: 6a45d72593a343ed700048ba0471bcae
    SHA-256: 86b7a83fbfb253f99ba63b263b0de9a1857771d21ec8746ef98242a755b7940a
    Size: 515.32 kB
  4. php-gd-5.3.2-6.AXS4.1.i686.rpm
    MD5: b0fd6a1f37f9a378e387c520f1312794
    SHA-256: 6a17871715bf19bc50e8c42c1d01822527657353b670993d9e195a97501e54a3
    Size: 100.65 kB
  5. php-ldap-5.3.2-6.AXS4.1.i686.rpm
    MD5: 576e4bd870978f41abe7c3d6eccd0058
    SHA-256: 2ed8627f2714d9ff3392f3c20672e9d6b6463873ffc069a17932cdbf746e8f71
    Size: 33.60 kB
  6. php-mysql-5.3.2-6.AXS4.1.i686.rpm
    MD5: fb39503d0e3a5ab4900b234f2a7fb8d3
    SHA-256: f595e53be489a31307cfd7a6caa71d7f02bc54db7cc4d58b1872931ed8e3ac36
    Size: 72.74 kB
  7. php-odbc-5.3.2-6.AXS4.1.i686.rpm
    MD5: 5c37571dd9c4dd93458f351ba01dd04c
    SHA-256: 0b0c86f073d3a64f60dff0c58964ef28d8cbd9d6453badf8ffc56b0e09b59fe1
    Size: 46.11 kB
  8. php-pdo-5.3.2-6.AXS4.1.i686.rpm
    MD5: f00705ffe2c39bf1af62c9f2658cc5ac
    SHA-256: ba57181daaabfd7bfddcf52421ee8a68acffa93d182a274635459f7a1841bc58
    Size: 70.04 kB
  9. php-pgsql-5.3.2-6.AXS4.1.i686.rpm
    MD5: 005a4204aee9ac55806d3d8912a56453
    SHA-256: 7f463931cf5cc8b0344cf53a67f6581314c6e32286792b7f38b185b049b5f893
    Size: 63.07 kB
  10. php-soap-5.3.2-6.AXS4.1.i686.rpm
    MD5: 353dce8b2d56c03715ab0f78ef93a433
    SHA-256: 2a266fec023fd4ad44cdf8cbbeab649a43c7681b95ad47a593c0541cbe7ee9d1
    Size: 137.29 kB
  11. php-xml-5.3.2-6.AXS4.1.i686.rpm
    MD5: b3809656ba66b5a05e0ee48aaf47e3ba
    SHA-256: 87c05ca097acb760670810aa9c996b9783eacd13dcf1127306226a72d30e3604
    Size: 96.53 kB
  12. php-xmlrpc-5.3.2-6.AXS4.1.i686.rpm
    MD5: 20185f1d62c3bed593881e4231e2ceb2
    SHA-256: 37caa02b59f2e59395ff8aaa25f08fd2d8a2df3ae0f1474e9f4f860316c1195c
    Size: 49.29 kB

Asianux Server 4 for x86_64
  1. php-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 9dbd99696636fd2cfd10760ef155a574
    SHA-256: 644d9c13ad931f80667165ba408577f5011ebd5e3be9cba7432fd13d1b4f80ca
    Size: 1.11 MB
  2. php-cli-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 4b9914d33742a671b40cf8c384b7aa08
    SHA-256: 12a37b2177b08b5590118dd59e23121e459b3a9b4f1ab94ea9cae45b9287a3ea
    Size: 2.16 MB
  3. php-common-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: a69d6f121324fa20553f8e438c8c5a6d
    SHA-256: 1905041b404c0937b948862b012457522083c8179fdd1864ddb9719a2342e622
    Size: 514.59 kB
  4. php-gd-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 7cb95041bdfc129755762c951fda6d91
    SHA-256: 373b7285e1e376eb51e6e89187cba28797f6aaa7fdd7b8a88b2eb015751465bf
    Size: 102.02 kB
  5. php-ldap-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 5d15927f5b67685832995eef302c9e60
    SHA-256: b6606bdf094fde46505de7dc3c885df4093e762a201f569c340721f3ce7f52ae
    Size: 33.99 kB
  6. php-mysql-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 6d44b7ed7c7f3df1edc4bb4fb9c30985
    SHA-256: 1cfb8b595ea678aa7f41e5b1108ccd741bcd4d97d0b3bc9b7d8228e282c78347
    Size: 74.59 kB
  7. php-odbc-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 747b08e4da7c70d79cd85f382bc67243
    SHA-256: 857c7f9877d322f036a17bc5da9d46d631efe29ae3382e32682667389357bcea
    Size: 46.46 kB
  8. php-pdo-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 8add436ceb813e44cb60edd0b40c6b33
    SHA-256: 360ee4f772de7d7a3bb0643a8c12a64b9018d04e85d1eaaeac5bc899d08532d0
    Size: 70.77 kB
  9. php-pgsql-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 296c675bf28377435af3125b2508c9c4
    SHA-256: de68f92c83d02c381de934a97db098533b78b3f743f6ac928ea57ba11fc3b48e
    Size: 64.00 kB
  10. php-soap-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 48879c070bb0db14a5dd3354464ac93a
    SHA-256: 01855cce223315ae78cb2a39afe9d8c43c7b64d896a6b8db44087536f3456a14
    Size: 135.98 kB
  11. php-xml-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 369d701b5cdb6a328fc590d1678cdcc3
    SHA-256: 3b4db8a418e73d792e29306f7ad127b6c07ec9eef1f00f96fddb2f9c243a7e18
    Size: 98.61 kB
  12. php-xmlrpc-5.3.2-6.AXS4.1.x86_64.rpm
    MD5: 668bf0a3ca1975f9d103299f3819db0f
    SHA-256: 87e90646f23bb50b06a0aa099f14f91b1cdc9ca1c0a610c61ad8d794bd5b82ce
    Size: 48.40 kB
Copyright© 2007-2015 Asianux. All rights reserved.