php-5.1.6-43.0.1.AXS3
エラータID: AXSA:2014-315:01
PHP is an HTML-embedded scripting language that allows developers to write dynamically generated web pages. PHP is ideal for writing database-enabled websites, with built-in integration for several commercial and non-commercial database management systems. PHP is often used as a replacement for CGI scripts.
The php package contains a module that adds support for the PHP language to the Apache HTTP Server.
Security issues fixed with this release:
• CVE-2011-1398
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.
• CVE-2012-2688
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
• CVE-2013-1643
The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.
• CVE-2013-6420
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
Update packages.
The sapi_header_op function in main/SAPI.c in PHP before 5.3.11 and 5.4.x before 5.4.0RC2 does not check for %0D sequences (aka carriage return characters), which allows remote attackers to bypass an HTTP response-splitting protection mechanism via a crafted URL, related to improper interaction between the PHP header function and certain browsers, as demonstrated by Internet Explorer and Google Chrome.
Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."
The SOAP parser in PHP before 5.3.23 and 5.4.x before 5.4.13 allows remote attackers to read arbitrary files via a SOAP WSDL file containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue in the soap_xmlParseFile and soap_xmlParseMemory functions. NOTE: this vulnerability exists because of an incorrect fix for CVE-2013-1824.
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
N/A
SRPMS
- php-5.1.6-43.0.1.AXS3.src.rpm
MD5: 86ff16269ea159d3ce2a1f8c099230e6
SHA-256: b8d94acf09cca442f0772d4fd8242435797112318cb5fdba183a49781539b281
Size: 8.10 MB
Asianux Server 3 for x86
- php-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 59e62865780c47bff4314cf1d603b427
SHA-256: b2d939d42781f9ac927e19303b8429ba5c409df37acb02b80632b8ca7dc36a45
Size: 2.33 MB - php-bcmath-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 77de839ba4e0389cc809ae0589865d59
SHA-256: 0bb589e77f44acb317be005b27f68c6d1be8ba40ed0d27e52e3924d81ecd32e4
Size: 37.09 kB - php-cli-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 53aa7014832e7002e205e0cd143f93a1
SHA-256: c6c0ac5ef4592189db997e16ea3b34cd950e6fbb513b4ec0b114caf519bb5ad1
Size: 2.11 MB - php-common-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 9e91e2882989ba15f1e803ebd0b0468b
SHA-256: 84ae5c95575564b2e1d5e0b34c870c4b125ce4bead12d59406ba6f4383f33a18
Size: 155.33 kB - php-dba-5.1.6-43.0.1.AXS3.i386.rpm
MD5: bfe25aa18529f4345a2ed9449280f996
SHA-256: fb5e98a8909c273ab283eedad16a4db5b0a1e9ba9a26fec1c5af3009b6c76166
Size: 44.09 kB - php-devel-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 33b4c84727e9f50f36245c9640e7f46b
SHA-256: 0d26c8159d83cdf5b8b350f03011568ac9d64353c87e02c97ea8cc025b6db6b6
Size: 506.02 kB - php-gd-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 4dd91e900ee0e9bd5a1668d6b035192b
SHA-256: a33643e75b8b7e2edb4c3cb86e71d7496ccacb3737a4d255ddd657e5b9f5407a
Size: 119.96 kB - php-imap-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 358a66ef9ccda28d80157bcf66ee9d5f
SHA-256: 060cae27790b80f5f55087b13e07ea8c52bef4a08fcac6601f98a58723bffcd1
Size: 57.30 kB - php-ldap-5.1.6-43.0.1.AXS3.i386.rpm
MD5: e9d5956c9dbcfecf440fb8fa04ddf044
SHA-256: 33bbbf3635c6ac339388c874b81a00cd7053bb60fa599daa464ccf2ae120c23d
Size: 39.46 kB - php-mbstring-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 3782ba68d8037df43829de4972a65fea
SHA-256: 388b46eac59fe036ca73249e3b3a72406c171eb32d11d6b0c17bfafd38b393aa
Size: 1.06 MB - php-mysql-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 8fe222252ee4ac9be962ff8d66cf8992
SHA-256: 5422221de722ce37dbb67d5bf1be623ea331fba7b806a9d45abfa908a88a0b74
Size: 88.57 kB - php-ncurses-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 846794ebb1887f3e5626c4300519d7ef
SHA-256: 6008a4520e04ed89acac39c84a426ead466d0ea1b2630ff2442bbee26b80f62a
Size: 44.42 kB - php-oci8-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 3468dacfc2b474c3a60a54b68fea11f0
SHA-256: 9a1e77a0e384cb19ec6d9ec37127cdafe5fb258dd25bb4eddbb64e519644f96f
Size: 78.53 kB - php-odbc-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 15b2291c6746f63e35ddeefb28f33e70
SHA-256: 40ee929e9c7b2217be56df0b8bae50dae73e3dd6f7ea5672723a59ee5816bf6d
Size: 55.94 kB - php-pdo-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 5fe2935f6a8bd51b120e7a470c28bffb
SHA-256: ec8432a11190f4d0549f035274f48c9e19dcab61a3db8a928c69f1d8aa7583e2
Size: 67.49 kB - php-pgsql-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 966c700b8d64110fd016c29fe112763a
SHA-256: 943a793f6baa432bf17371094ee1f9633a32331573550dba3b15cf6acb8ded49
Size: 70.67 kB - php-snmp-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 0dbefdf3b17c2b07157c24bdccc54037
SHA-256: 427d9a0dfd83dbddfb8f9a6a16bf1cd39962cd7c9dca4bf3fccfa56b172c876f
Size: 32.56 kB - php-soap-5.1.6-43.0.1.AXS3.i386.rpm
MD5: f18a3eab11259eecd71e38f08f90d8a0
SHA-256: 1210b1b25d4e3e05df467613cbcad8858bb9d7e45f5de35af70d9224a43be086
Size: 139.34 kB - php-xml-5.1.6-43.0.1.AXS3.i386.rpm
MD5: e8f9a46073eb654d5706ea8ecbbe9020
SHA-256: 205d6a52ac3ba8eb29a5dba08236a32753696483eff789ed16264ef5074c746d
Size: 100.03 kB - php-xmlrpc-5.1.6-43.0.1.AXS3.i386.rpm
MD5: 84de221b05864cc5e80c321d1193a9b4
SHA-256: 25e82af2bb198d9a7f7cc461d27029360a6ea4e48d52bb2cf657371cc3688459
Size: 60.11 kB
Asianux Server 3 for x86_64
- php-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: f68e1548cb43d50284b53ace8b26b73b
SHA-256: 8d41279d88e08bd02fbc76d2026ed0a1aeef85af8000a97c68325996b95d1b93
Size: 2.37 MB - php-bcmath-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 97cbd343189e042c229000aa777b9e01
SHA-256: b8b87fec6eff6861cabfac6931f67f89fc18793cb78715cd78d08c01bcaab021
Size: 37.40 kB - php-cli-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: c3e1d9fb841747095f9a069c0089b815
SHA-256: 5aab4db2d177f4b6b4a83cd4cff14c41d96599e50bb012743f636236ba117b54
Size: 2.18 MB - php-common-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 645d3bd6f5965968ec330af5ef86ed53
SHA-256: e2a7ef89d179346701f3d93e79bdac008c3b1591e34e4dc2af975b0d8d430279
Size: 155.70 kB - php-dba-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 767e996a6c703efafb458e35e8396112
SHA-256: 070ae4daa6e4d61b0ee6d6b55fc817dda79db66d8136689ebbe80d590d40c1af
Size: 44.00 kB - php-devel-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: d144fbea732e894f58f67a276d9698bf
SHA-256: 01b2187b2e2c16e518132ddcbc4107335e1cef1292072e286d72e1d97a464cc8
Size: 505.96 kB - php-gd-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 7df24155ac378b16bc5a3857d012f377
SHA-256: 9a94ffd92e9c8b62ae1604181a530646888e98be0f0c6d1afba42a3afd6849c4
Size: 120.15 kB - php-imap-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: edc5d83c27b5674dff792287e88571a7
SHA-256: d8182444856c4c8664d84574e893f749e5d9c949aa369e1f89856f59fcb55552
Size: 57.77 kB - php-ldap-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 50409d60991daf0fd872970f909a0503
SHA-256: d93806d9b6ef906bbe9789dc78b38de17ac67e9955ca9076c202769bbdf6aafe
Size: 40.44 kB - php-mbstring-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 098aca302e74988d341a49277d6f9238
SHA-256: d7e6bde7aa4865a877ab0ddcd32068994fbdf7f2936879558e99c4ccdbcc438f
Size: 1.07 MB - php-mysql-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 8ee62871fcdf190c7c0345dcc89ad804
SHA-256: 8e8ac82c8a1bdfd06af7842b05cb95d1163a1bdf066c21f731dc3b9d606db910
Size: 92.04 kB - php-ncurses-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 85f647cb3b5704af5fafb2c8ab6a7e59
SHA-256: 3a45e7e24dcf0263ac50f6f9697694abf31e9d0b26ae105fe1e9be82b43ce3b5
Size: 45.65 kB - php-oci8-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: c10ce5afa79f8ecc4af7598921978ba4
SHA-256: 0ebe640c1f31a7c202fd74156efa9315c1c1c765878ff8c4e087e6d336da8c04
Size: 81.06 kB - php-odbc-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: e1a48c5d10e192735034bfc839f39584
SHA-256: 746acae04bc760f2caddc86d8353d49fe04454bd1c62f64a67bba66f019fea02
Size: 56.89 kB - php-pdo-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 8ded4225c5a80ef00d4048c76f2f2831
SHA-256: d98b6c67a382529bcb1fac016c0e218acba6c26c50090bd1fa98e1ccba1ef293
Size: 68.46 kB - php-pgsql-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 9418f2dc4807a88f6423a229ba4aa954
SHA-256: f1490ce154cb2a8d9171d3deb7cc2a0799846ae5c106d5484efa2f5d2c3a76e5
Size: 72.62 kB - php-snmp-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: e4afa0875f2b48cb58392c99a3ea41fd
SHA-256: e48841ad0e512473668454ce501c0b985ba53653a79e57f61668d402948d1de6
Size: 32.90 kB - php-soap-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: aef0812a064c330f3e44c4f8d3c7ac34
SHA-256: 18fca6cc4ad7105d37de36361b38946bdd0bf77321562c36bbc2dbbd9e9471ae
Size: 139.16 kB - php-xml-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: 0e4fdd9962835bd8923c97fb6e472efc
SHA-256: 68fffe79a9e71162a6366fe679a456195396a7c1e9108d4664088dee61c1f955
Size: 104.89 kB - php-xmlrpc-5.1.6-43.0.1.AXS3.x86_64.rpm
MD5: aec8fbce88607dc5ee4e0d6580cd7829
SHA-256: 871d2da060d9d196d9bfcf3d1207fbccd918cd275e45afe161926895e3f54c4e
Size: 59.97 kB