Note: This is a beta release of Red Hat Bugzilla 5.0. The data contained within is a snapshot of the live data so any changes you make will not be reflected in the production Bugzilla. Also email is disabled so feel free to test any aspect of the site that you want. File any problems you find or give feedback here.
Bug 152885 - PHP multiple vulnerabilities -- CAN-2004-1018 & CAN-2004-1019 & others
Summary: PHP multiple vulnerabilities -- CAN-2004-1018 & CAN-2004-1019 & others
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora Legacy
Classification: Retired
Component: php
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Fedora Legacy Bugs
QA Contact:
URL: http://www.hardened-php.net/advisorie...
Whiteboard: LEGACY, rh73
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-01-23 07:17 UTC by David Lawrence
Modified: 2007-04-18 17:22 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-04-20 21:17:39 UTC


Attachments (Terms of Use)

Description David Lawrence 2005-03-30 23:30:57 UTC
integer overflow in pack() (CAN-2004-1018)
possible double free in unserializer (CAN-2004-1019)



------- Additional Comments From leonard@den.ottolander.nl 2005-01-23 02:24:33 ----

Created an attachment (id=971)
SPEC file and patches (taken from RHEL 2.1's php-4.1.2-2.2)

Tar contains a drop in SPEC file for the previous release (4.1.2-7.3.10.legacy)
and two patches for CAN-2004-1018 and CAN-2004-1019 taken from RHEL 2.1's
php-4.1.2-2.2.

SPEC file needs to be renamed.

I can upload the signed (S)RPMs if you wish.




------- Additional Comments From deisenst@gtw.net 2005-02-01 22:00:32 ----

It looks like Dominic Hargreaves gave his nod for continuing
work on the RHL 7.3 updates for PHP to be continued here -- See Bug 2344#c58
(http://bugzilla.fedora.us/show_bug.cgi?id=2344#c58) and following comments.

There seems to be some lack of concensus in Bug 2344 about the approach for
a RHL 7.3 fix, but one fellow commented (in Bug 2344 comment 60) that the 
better approach might be to just take the RHEL 21 patch, which it looks like
you have worked with, Leonard, though others seem to be continuing to work
with fixing problems with patches in .src.rpm's already submitted.

I would vote -- especially if you already have them available -- for you to 
go ahead and submit signed (S)RPMS in a PHP-signed message here.  To that end, 
I am going to suggest (and make setting changes) that RHL 7.3 work continue in 
this bugzilla issue, and hope I don't get yelled at!  :-)

    - David



------- Additional Comments From deisenst@gtw.net 2005-02-01 22:05:54 ----

Heh,
s/PHP-signed/PGP-signed/



------- Additional Comments From jpdalbec@ysu.edu 2005-02-02 03:17:27 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New RHL 7.3 RPMs are available from
http://www.fedoralegacy.org/contrib/php/

sha1sums:
56aff65e3e4bd96f7d67841c568bb5cb00440b42  php-4.1.2-7.3.13.legacy.i386.rpm
1ca92dd658e52bd20dfa32af0679e2801fa614ee  php-4.1.2-7.3.13.legacy.src.rpm
9705bf428bf9f623a2e9ad9db3810f276f09b82f  php-devel-4.1.2-7.3.13.legacy.i386.rpm
91935e46c95cae8e428716cfb708c3c920f30e8b  php-imap-4.1.2-7.3.13.legacy.i386.rpm
508a2d92d3be043cf4db71673a683916b8686a41  php-ldap-4.1.2-7.3.13.legacy.i386.rpm
0edc9411f29863f027d560ee56fe16b3b4dd317c  
php-manual-4.1.2-7.3.13.legacy.i386.rpm
46ad83228a7c7d52d931cda63a8de99bc2c1d0f7  php-mysql-4.1.2-7.3.13.legacy.i386.rpm
4a925b0cf8cc343f132c8f2faded04eac6139a25  php-odbc-4.1.2-7.3.13.legacy.i386.rpm
b7a4672d4dce582b538b13b5805cc5c86a624636  php-pgsql-4.1.2-7.3.13.legacy.i386.rpm
8086ca9603a49cef80a3168b8aad07ae60c58bd7  php-snmp-4.1.2-7.3.13.legacy.i386.rpm

I removed the CAN-2004-1018 patch from the OpenPKG backport patch file since
there's a separate patch file for it.  I've applied the rest of the OpenPKG
backport patch in these RPMs since it seems to work now that the "filename"
typo is fixed.

I installed php, php-imap, php-ldap, php-pgsql.  I tested file uploads, SMTP,
IMAP, LDAP, PostgreSQL, and FTP using Horde.  No problems other than a pre-
existing timeout issue with FTP connections.  If anyone knows how to fix that
I'd love to hear about it.  It's been an issue since I installed vsftpd.
(I could revert to wu-ftpd, I guess, but I'd prefer not to.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCANHqJL4A+ldA7asRAhWUAJ9siW8qBApbYCg6YoZLwpqgAsp4pgCgw5rR
bcBhJxuNVjsn/tJuuNisNdg=
=XN1A
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-11 16:52:55 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did QA on John's packages:

1ca92dd658e52bd20dfa32af0679e2801fa614ee  php-4.1.2-7.3.13.legacy.src.rpm

- - Source files identical to previous release
- - Patches are from RHEL and openpkg backport
- - Spec file changes are good
- - Builds installs and runs.

+PUBLISH

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCDW/cLMAs/0C4zNoRAgnQAJ0XMH+Nk0fhlEHs7FElQ9jxaVhR+QCgvcI4
gjUpqECyXkxoeVeudeDsUiE=
=fTsd
-----END PGP SIGNATURE-----




------- Additional Comments From deisenst@gtw.net 2005-02-18 14:54:44 ----

Pushed to updates-testing.  Pekka has put in a VERIFY vote in for
php-4.1.2-7.3.13.legacy (see Bug 2344 comment 67).



------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-28 15:42:57 ----

New packages were pushed to updates-testing. Please add comments to bug 2344.



------- Additional Comments From dom@earth.li 2005-03-07 07:47:25 ----

These updates introduced a problem described in bug 2444.



------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:30 -------

This bug previously known as bug 2394 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2394
Originally filed under the Fedora Legacy product and Package request component.
Bug blocks bug(s) 2444.

Attachments:
SPEC file and patches for RHL 7.3 (taken from RHEL 2.1's php-4.1.2-2.2)
https://bugzilla.fedora.us/attachment.cgi?action=view&id=971

Unknown priority P2. Setting to default priority "normal".
The original reporter of this bug does not have
   an account here. Reassigning to the person who moved
   it here, dkl@redhat.com.
   Previous reporter was leonard@den.ottolander.nl.
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.



Comment 1 Marc Deslauriers 2005-04-20 21:17:39 UTC
These packages were officially released.


Note You need to log in before you can comment on or make changes to this bug.