Bug 152885 - PHP multiple vulnerabilities -- CAN-2004-1018 & CAN-2004-1019 & others
PHP multiple vulnerabilities -- CAN-2004-1018 & CAN-2004-1019 & others
Status: CLOSED ERRATA
Product: Fedora Legacy
Classification: Retired
Component: php (Show other bugs)
unspecified
All Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
http://www.hardened-php.net/advisorie...
LEGACY, rh73
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-01-23 02:17 EST by David Lawrence
Modified: 2007-04-18 13:22 EDT (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-04-20 17:17:39 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description David Lawrence 2005-03-30 18:30:57 EST
integer overflow in pack() (CAN-2004-1018)
possible double free in unserializer (CAN-2004-1019)



------- Additional Comments From leonard@den.ottolander.nl 2005-01-23 02:24:33 ----

Created an attachment (id=971)
SPEC file and patches (taken from RHEL 2.1's php-4.1.2-2.2)

Tar contains a drop in SPEC file for the previous release (4.1.2-7.3.10.legacy)
and two patches for CAN-2004-1018 and CAN-2004-1019 taken from RHEL 2.1's
php-4.1.2-2.2.

SPEC file needs to be renamed.

I can upload the signed (S)RPMs if you wish.




------- Additional Comments From deisenst@gtw.net 2005-02-01 22:00:32 ----

It looks like Dominic Hargreaves gave his nod for continuing
work on the RHL 7.3 updates for PHP to be continued here -- See Bug 2344#c58
(http://bugzilla.fedora.us/show_bug.cgi?id=2344#c58) and following comments.

There seems to be some lack of concensus in Bug 2344 about the approach for
a RHL 7.3 fix, but one fellow commented (in Bug 2344 comment 60) that the 
better approach might be to just take the RHEL 21 patch, which it looks like
you have worked with, Leonard, though others seem to be continuing to work
with fixing problems with patches in .src.rpm's already submitted.

I would vote -- especially if you already have them available -- for you to 
go ahead and submit signed (S)RPMS in a PHP-signed message here.  To that end, 
I am going to suggest (and make setting changes) that RHL 7.3 work continue in 
this bugzilla issue, and hope I don't get yelled at!  :-)

    - David



------- Additional Comments From deisenst@gtw.net 2005-02-01 22:05:54 ----

Heh,
s/PHP-signed/PGP-signed/



------- Additional Comments From jpdalbec@ysu.edu 2005-02-02 03:17:27 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

New RHL 7.3 RPMs are available from
http://www.fedoralegacy.org/contrib/php/

sha1sums:
56aff65e3e4bd96f7d67841c568bb5cb00440b42  php-4.1.2-7.3.13.legacy.i386.rpm
1ca92dd658e52bd20dfa32af0679e2801fa614ee  php-4.1.2-7.3.13.legacy.src.rpm
9705bf428bf9f623a2e9ad9db3810f276f09b82f  php-devel-4.1.2-7.3.13.legacy.i386.rpm
91935e46c95cae8e428716cfb708c3c920f30e8b  php-imap-4.1.2-7.3.13.legacy.i386.rpm
508a2d92d3be043cf4db71673a683916b8686a41  php-ldap-4.1.2-7.3.13.legacy.i386.rpm
0edc9411f29863f027d560ee56fe16b3b4dd317c  
php-manual-4.1.2-7.3.13.legacy.i386.rpm
46ad83228a7c7d52d931cda63a8de99bc2c1d0f7  php-mysql-4.1.2-7.3.13.legacy.i386.rpm
4a925b0cf8cc343f132c8f2faded04eac6139a25  php-odbc-4.1.2-7.3.13.legacy.i386.rpm
b7a4672d4dce582b538b13b5805cc5c86a624636  php-pgsql-4.1.2-7.3.13.legacy.i386.rpm
8086ca9603a49cef80a3168b8aad07ae60c58bd7  php-snmp-4.1.2-7.3.13.legacy.i386.rpm

I removed the CAN-2004-1018 patch from the OpenPKG backport patch file since
there's a separate patch file for it.  I've applied the rest of the OpenPKG
backport patch in these RPMs since it seems to work now that the "filename"
typo is fixed.

I installed php, php-imap, php-ldap, php-pgsql.  I tested file uploads, SMTP,
IMAP, LDAP, PostgreSQL, and FTP using Horde.  No problems other than a pre-
existing timeout issue with FTP connections.  If anyone knows how to fix that
I'd love to hear about it.  It's been an issue since I installed vsftpd.
(I could revert to wu-ftpd, I guess, but I'd prefer not to.)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQFCANHqJL4A+ldA7asRAhWUAJ9siW8qBApbYCg6YoZLwpqgAsp4pgCgw5rR
bcBhJxuNVjsn/tJuuNisNdg=
=XN1A
-----END PGP SIGNATURE-----




------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-11 16:52:55 ----

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I did QA on John's packages:

1ca92dd658e52bd20dfa32af0679e2801fa614ee  php-4.1.2-7.3.13.legacy.src.rpm

- - Source files identical to previous release
- - Patches are from RHEL and openpkg backport
- - Spec file changes are good
- - Builds installs and runs.

+PUBLISH

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCDW/cLMAs/0C4zNoRAgnQAJ0XMH+Nk0fhlEHs7FElQ9jxaVhR+QCgvcI4
gjUpqECyXkxoeVeudeDsUiE=
=fTsd
-----END PGP SIGNATURE-----




------- Additional Comments From deisenst@gtw.net 2005-02-18 14:54:44 ----

Pushed to updates-testing.  Pekka has put in a VERIFY vote in for
php-4.1.2-7.3.13.legacy (see Bug 2344 comment 67).



------- Additional Comments From marcdeslauriers@videotron.ca 2005-02-28 15:42:57 ----

New packages were pushed to updates-testing. Please add comments to bug 2344.



------- Additional Comments From dom@earth.li 2005-03-07 07:47:25 ----

These updates introduced a problem described in bug 2444.



------- Bug moved to this database by dkl@redhat.com 2005-03-30 18:30 -------

This bug previously known as bug 2394 at https://bugzilla.fedora.us/
https://bugzilla.fedora.us/show_bug.cgi?id=2394
Originally filed under the Fedora Legacy product and Package request component.
Bug blocks bug(s) 2444.

Attachments:
SPEC file and patches for RHL 7.3 (taken from RHEL 2.1's php-4.1.2-2.2)
https://bugzilla.fedora.us/attachment.cgi?action=view&id=971

Unknown priority P2. Setting to default priority "normal".
The original reporter of this bug does not have
   an account here. Reassigning to the person who moved
   it here, dkl@redhat.com.
   Previous reporter was leonard@den.ottolander.nl.
Setting qa contact to the default for this product.
   This bug either had no qa contact or an invalid one.

Comment 1 Marc Deslauriers 2005-04-20 17:17:39 EDT
These packages were officially released.

Note You need to log in before you can comment on or make changes to this bug.