debian.php3.txt

(22 KB) Pobierz 
-----BEGIN PGP SIGNED MESSAGE-----

- ----------------------------------------------------------------------------
Debian Security Advisory                                 security@debian.org
http://www.debian.org/security/                            Daniel Jacobowitz
October 14, 2000
- ----------------------------------------------------------------------------

Package: php3
Vulnerability: possible remote exploit
Debian-specific: no
Vulnerable: yes

[Updated version: corrected URLs]

In versions of the PHP 3 packages before version 3.0.17, several format
string bugs could allow properly crafted requests to execute code as the
user running PHP scripts on the web server, particularly if error logging
was enabled.

This problem is fixed in versions 3.0.17-0potato2 and 3.0.17-0potato3 for
Debian 2.2 (potato) and in version 3.0.17-1 for Debian Unstable (woody).
This is a bug fix release and we recommend all users of php3 upgrade to it.

Debian GNU/Linux 2.1 alias slink
- --------------------------------

  Slink contains php3 version 3.0.5, which is believed to be affected by
  this problem.  No security updates for slink are available at this time;
  Slink users who have php3 installed are highly recommended to either
  upgrade to potato or recompile the potato php3 packages from source
  (see the URLs below).

Debian GNU/Linux 2.2 (stable) alias potato
- ------------------------------------------

  Fixes are currently available for the Alpha, ARM, Intel ia32, Motorola 680x0,
  PowerPC and Sun SPARC architectures, and will be included in 2.2r1.

  Source archives:
    http://security.debian.org/dists/potato/updates/main/source/php3_3.0.17-0potato3.diff.gz
      MD5 checksum: 34000f57a678a5613c9ad925c75015c9
    http://security.debian.org/dists/potato/updates/main/source/php3_3.0.17-0potato3.dsc
      MD5 checksum: 5ccde22fa1eb7b5a1211bdf0733ee5fc
    http://security.debian.org/dists/potato/updates/main/source/php3_3.0.17.orig.tar.gz
      MD5 checksum: 82cadd5b244f95f95c0d5b00a9d36419

  Architecture indendent archives:
    http://security.debian.org/dists/potato/updates/main/binary-all/php3-doc_3.0.17-0potato3_all.deb
      MD5 checksum: 786f3d4889251bcd927475a83cab737d

  Alpha architecture:
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-gd_3.0.17-0potato3_alpha.deb
      MD5 checksum: 0c6d6c84970f7298ba8b3ca267b6d436
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-imap_3.0.17-0potato3_alpha.deb
      MD5 checksum: 63ed819bcde8919a1b04bd668b536bb1
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-ldap_3.0.17-0potato3_alpha.deb
      MD5 checksum: 91a7b73e5c53d533cf1b3f9e91477829
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-magick_3.0.17-0potato3_alpha.deb
      MD5 checksum: 69974d87a8ab40de1d80090b56e9e734
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-mhash_3.0.17-0potato3_alpha.deb
      MD5 checksum: 7c4fed2056667347d3a8d8fcfde11d18
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-mysql_3.0.17-0potato3_alpha.deb
      MD5 checksum: 866f79ff9a5e07c2d1dc625f6b039062
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-pgsql_3.0.17-0potato3_alpha.deb
      MD5 checksum: f205dc1d6c3d66465223ec2cb915d378
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-snmp_3.0.17-0potato3_alpha.deb
      MD5 checksum: 4fabcea51de8ad87072b3892eac3db44
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi-xml_3.0.17-0potato3_alpha.deb
      MD5 checksum: 98e60f2ce67b5ac45bbefffee55f4320
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-cgi_3.0.17-0potato3_alpha.deb
      MD5 checksum: 6c356cef858b022706d536bdd2a3bda5
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-dev_3.0.17-0potato3_alpha.deb
      MD5 checksum: f00b99a9fbef8eef95b286b0fd07921c
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-gd_3.0.17-0potato3_alpha.deb
      MD5 checksum: c28f15858f631739a04b585d88537c35
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-imap_3.0.17-0potato3_alpha.deb
      MD5 checksum: f683f8c1095be5fd6004218e006d95ae
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-ldap_3.0.17-0potato3_alpha.deb
      MD5 checksum: 2bea51c4216a7509df35ae93852fe12f
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-magick_3.0.17-0potato3_alpha.deb
      MD5 checksum: cc46953ee5cf0919a20b03174146042f
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-mhash_3.0.17-0potato3_alpha.deb
      MD5 checksum: 08902d8dd7c6da8d551df423479774f3
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-mysql_3.0.17-0potato3_alpha.deb
      MD5 checksum: 50c5fddca3b974040d727571155d810b
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-pgsql_3.0.17-0potato3_alpha.deb
      MD5 checksum: 95ac10b17e9d253516b6c6566070ed8b
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-snmp_3.0.17-0potato3_alpha.deb
      MD5 checksum: ac553c47449d417a2151badda621b0b8
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3-xml_3.0.17-0potato3_alpha.deb
      MD5 checksum: b0cfeaa821d26b1b5c3e0e02a9c97234
    http://security.debian.org/dists/potato/updates/main/binary-alpha/php3_3.0.17-0potato3_alpha.deb
      MD5 checksum: cfcff9174113b296a1c527d4d03ff36f

  ARM architecture:
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-gd_3.0.17-0potato3_arm.deb
      MD5 checksum: dedef18cb5af7321602fdd84e6919a82
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-imap_3.0.17-0potato3_arm.deb
      MD5 checksum: 2e14ffe7d55808964d3b8745ee6f7a68
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-ldap_3.0.17-0potato3_arm.deb
      MD5 checksum: 6bed9079916e0838549f0cbefac3b364
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-magick_3.0.17-0potato3_arm.deb
      MD5 checksum: dcd4141709649316490b6c11074b9892
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-mhash_3.0.17-0potato3_arm.deb
      MD5 checksum: 1f74328177093f92f6b690438314e854
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-mysql_3.0.17-0potato3_arm.deb
      MD5 checksum: 96ca00029282d292261a83c792f70634
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-pgsql_3.0.17-0potato3_arm.deb
      MD5 checksum: 4aeab7f32a5d76cb4122c99c11e6fd74
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-snmp_3.0.17-0potato3_arm.deb
      MD5 checksum: b1de42a0a93bbd56b8d3bf618738ac97
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi-xml_3.0.17-0potato3_arm.deb
      MD5 checksum: 7cef4e5a8df31213e7d4326ca3e4bc78
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-cgi_3.0.17-0potato3_arm.deb
      MD5 checksum: ae70e50b6a97aa87d102887cc90a039d
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-dev_3.0.17-0potato3_arm.deb
      MD5 checksum: 5b8c0c2f755d9573325bbf93ade047a5
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-gd_3.0.17-0potato3_arm.deb
      MD5 checksum: 78c58318841395fb2a4830c3fde2ea35
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-imap_3.0.17-0potato3_arm.deb
      MD5 checksum: ad2d62ae660deb8eb3814725c266f882
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-ldap_3.0.17-0potato3_arm.deb
      MD5 checksum: ab226b1c21bb1bb3e9d2532a307b0a33
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-magick_3.0.17-0potato3_arm.deb
      MD5 checksum: 28dea447bffa0cc2b1d9526a34b04243
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-mhash_3.0.17-0potato3_arm.deb
      MD5 checksum: 6905809e038ed460e007e305e9d6f27d
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-mysql_3.0.17-0potato3_arm.deb
      MD5 checksum: e8931d67b40f57b45d4816efa090869d
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-pgsql_3.0.17-0potato3_arm.deb
      MD5 checksum: c4492365d13b377f8591d1501e4fffbc
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-snmp_3.0.17-0potato3_arm.deb
      MD5 checksum: 794307c984982c144628c165d7fafbdc
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3-xml_3.0.17-0potato3_arm.deb
      MD5 checksum: b14b2aef4d507988133e0936b520f827
    http://security.debian.org/dists/potato/updates/main/binary-arm/php3_3.0.17-0potato3_arm.deb
      MD5 checksum: f08677b2a016498de9ac2ae035fcee02

  Intel ia32 architecture:
    http://security.debian.org/dists/potato/updates/main/binary-i386/php3-cgi-gd_3.0.17-0potato2_i386.deb
      MD5 checksum: abb5c61dcb930484d448809f37ceee89
    http://security.debian.org/dists/potato/updates/main/binary-i386/php3-cgi-imap_3.0.17-0potato2_i386.deb
      MD5 checksum: eaf1a7ce1191479fab1991a0f7628f35
    http://security.debian.org/dists/potato/updates/main/binary-i386/php3-cgi-ldap_3.0.17-0potato2_i386.deb
      MD5 checksum: 78a497ee35f72a0a5335dffbb278b51b
    http://security.debian.org/dists/potato/updates/main/binary-i386/php3-cgi-magick_3.0.17-0potato2_i386.deb
      MD5 checksum: 74ff9c4fdfd1ddff35d229b40389526f
    http://security.debian.org/dists/potato/updates/main/binary-i386/php3-cgi-mhash_3.0.17-0potato2_i386.deb
      MD5 checksum: ce136a323408024afeefd44d71bfa07f
    http://security.debian.org/dists/potato/updates/main/binary-i386/php3-cgi-mysql_3.0.17-0potato2...

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika:

Zgłoś jeśli naruszono regulamin