PDA

View Full Version : [SOLVED] [SOLVED] [USN-320-2] php4 regression



Martin Pitt
July 28th, 2006, 05:02 PM
================================================== =========
Ubuntu Security Notice USN-320-2 July 26, 2006
php4 regression
https://launchpad.net/bugs/53581
================================================== =========

A security issue affects the following Ubuntu releases:

Ubuntu 5.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 5.04:
libapache2-mod-php4 4:4.3.10-10ubuntu4.6
php4-cgi 4:4.3.10-10ubuntu4.6
php4-cli 4:4.3.10-10ubuntu4.6

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

USN-320-2 fixed several vulnerabilities in PHP. James Manning
discovered that the Ubuntu 5.04 update introduced a regression, the
function tempnam() caused a crash of the PHP interpreter in some
circumstances. The updated packages fix this.

We apologize for the inconvenience.


Updated packages for Ubuntu 5.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu4.6.diff.gz
Size/MD5: 281956 1c914659e6f61602a9f71b8d37b3392b
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu4.6.dsc
Size/MD5: 1469 17a8050464f1dbbb1fabb99343a5c6cf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10.orig.tar.gz
Size/MD5: 4892209 73f5d1f42e34efa534a09c6091b5a21e

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.10-10ubuntu4.6_all.deb
Size/MD5: 1126 a05b26a1ea93b28d73b94422da467918

amd64 architecture (Athlon64, Opteron, EM64T Xeon)

http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 1657558 9d8d66e9cb31cb87294b6233fa927e33
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 3275316 4423f48ce31f2f3334506b23f02fedb8
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 1647604 e79fed2516655fc81564e8fe0f488bea
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 168258 5252917d283455beea87dcfcd80d3bbf
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ubuntu4.6_amd64.deb
Size/MD5: 348252 d38144e70507eeeaccd0f0eb88201332

i386 architecture (x86 compatible Intel/AMD)

http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 1592844 ab4f524bf3b203661ca083fc6cbefb00
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 3169886 0b56067b59dd1612562dc82fc6eede43
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 1592924 86addeffabaa817733857dfed3e37b29
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 168254 f0ed0ff02813d768a8e600f3646382ba
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ubuntu4.6_i386.deb
Size/MD5: 348266 70238b0ae0790cd79c645720e66eae19

powerpc architecture (Apple Macintosh G3/G4/G5)

http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 1658990 5769a9d9690042900e70f98432ed7d7a
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 3278826 9a2287a0bf8e587ee651230d8e40b797
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cli_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 1646196 a001bf1a15d25ae4354190d8c722e846
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-common_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 168268 37293b3c08d1593bb55b73bce39cf6c3
http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.10-10ubuntu4.6_powerpc.deb
Size/MD5: 348282 257afdf00afb930d1fb294d12454ae3a

--
ubuntu-security-announce mailing list
ubuntu-security-announce (AT) lists (DOT) ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEx0vcDecnbV4Fd/IRAkALAKCrBh5WSMZFmHBg3+POwBG8H1h4hQCfWbaQ
c5M2/fjo/d+ly1XrNnv2sZ0=
=+wmv
-----END PGP SIGNATURE-----