Bug 155505 - php CAN-2005-0524,0525,1042,1043 vulnerabilities
php CAN-2005-0524,0525,1042,1043 vulnerabilities
Status: CLOSED ERRATA
Product: Fedora Legacy
Classification: Retired
Component: php (Show other bugs)
unspecified
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Fedora Legacy Bugs
LEGACY, 1, rh90, rh73, 2
: Security
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-04-20 18:13 EDT by Marc Deslauriers
Modified: 2007-04-18 13:24 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-07-10 17:26:26 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marc Deslauriers 2005-04-20 18:13:22 EDT
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.6) Gecko/20050323 Firefox/1.0.2 Fedora/1.0.2-1.3.1

Description of problem:
Multiple PHP problems:

Two Denial of Service vulnerabilities were found in the getimagesize()
function which uses the format-specific internal functions
php_handle_iff() and php_handle_jpeg() which would get stuck in
infinite loops when certain (invalid) size parameters are read from
the image (CAN-2005-0524 and CAN-2005-0525).

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0524
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0525
http://www.gentoo.org/security/en/glsa/glsa-200504-15.xml
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=153141
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=153140

A bug in the readfile() function of php4 could be used to
to crash the httpd running the php4 code when accessing files
with a multiple of the architectures page size leading to a denial
of service. (CAN-2005-0596)

This probably affects only rh9...

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0596
http://www.securityfocus.com/bid/12665
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=150216

An integer overflow was discovered in the exif_process_IFD_TAG()
function in PHP's EXIF module.  EXIF tags with a specially crafted
"Image File Directory" (IFD) tag would cause a buffer overflow which
could be exploited to execute arbitrary code with the privileges of
the PHP server (CAN-2005-1042).

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1042
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154021
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154023
 
Another vulnerability in the EXIF module was also discovered where
headers with a large IFD nesting level would cause an unbound
recursion which would eventually overflow the stack and cause the
executed program to crash (CAN-2005-1043).

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1043
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154026
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=154025



Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
x1.
2.
3.
  

Actual Results:  x

Expected Results:  x

Additional info:

x
Comment 1 Marc Deslauriers 2005-04-22 22:36:49 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated php packages for FC2.
Others to follow soon...

I updated to 4.3.11 as there was a bad
unserializer slowdown bug in 4.3.10.

Selected patches were taken from FC3.

* Fri Apr 22 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
4.3.11-1.fc2.1.legacy
- - update to 4.3.11 to fix security issues and extreme
  unserializer slowdown caused by update to 4.3.10
  (CAN-2005-0524, CAN-2005-0525, CAN-2005-1042, CAN-2005-1043)
- - snmp: disable MSHUTDOWN function to prevent error_log noise
- - revert default php.ini changes since 4.3.10
- - restore from PEAR: HTTP, Mail, XML_Parser, Net_Socket, Net_SMTP
- - remove bundled PEAR packages HTML_Template_IT, Net_UserAgent_Detect
- - don't configure with --enable-safe-mode (RH #148969)
- - install gd headers (RH #145891)
- - bundle PEAR DB-1.7.5 (omitted from 4.3.11 tarball)

a37b1228255e9f562b80a1e48b2862d9e1b034d8  php-4.3.11-1.fc2.1.legacy.i386.rpm
a37fcfedf64f9034d62367b91a07a5d924d28a66  php-4.3.11-1.fc2.1.legacy.src.rpm
d3574954ac84cc59d2928cb1e617ffc4881dbc58  php-devel-4.3.11-1.fc2.1.legacy.i386.rpm
776a8b79a57008cbd0c1f35b855267cd75466736  php-domxml-4.3.11-1.fc2.1.legacy.i386.rpm
046eb92fbb6ca4f817d9d8b680b2a15f638aec67  php-imap-4.3.11-1.fc2.1.legacy.i386.rpm
7503fbbcca040febabe135e2dd6552805796804e  php-ldap-4.3.11-1.fc2.1.legacy.i386.rpm
235eabe3f2d7548681a4375abcddfefdc07e8385 
php-mbstring-4.3.11-1.fc2.1.legacy.i386.rpm
80d21babb3fc739c318893882d590d86ac2bec5d  php-mysql-4.3.11-1.fc2.1.legacy.i386.rpm
5cc3378d4def8b99575320dd310f75dd4bfe776c  php-odbc-4.3.11-1.fc2.1.legacy.i386.rpm
41b920d1c0bcdfc125c6a03bcb4250b7239a7074  php-pear-4.3.11-1.fc2.1.legacy.i386.rpm
dd59ce11b9561001926fe5de69c55d5ad784340b  php-pgsql-4.3.11-1.fc2.1.legacy.i386.rpm
e12b033a9b0c8bbd11588a26add7f05ff6912c10  php-snmp-4.3.11-1.fc2.1.legacy.i386.rpm
107170f7dcd6a24d5d36ff6ef0508102e3a99a38  php-xmlrpc-4.3.11-1.fc2.1.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/2/php-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-4.3.11-1.fc2.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-devel-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-domxml-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-imap-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-ldap-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-mbstring-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-mysql-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-odbc-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-pear-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-pgsql-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-snmp-4.3.11-1.fc2.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/2/php-xmlrpc-4.3.11-1.fc2.1.legacy.i386.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCabSmLMAs/0C4zNoRAomTAJ9YbXBy3d34ku1rOCXrJ8/RAuZ1GgCfViYd
4f0zhroRdYou8X43XBrUM+Q=
=mll0
-----END PGP SIGNATURE-----
Comment 2 Marc Deslauriers 2005-04-22 22:50:52 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated php packages to QA for FC1.

* Fri Apr 22 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
4.3.11-1.fc1.1.legacy
- - update to 4.3.11 to fix security issues and extreme
  unserializer slowdown caused by update to 4.3.10
  (CAN-2005-0524, CAN-2005-0525, CAN-2005-1042, CAN-2005-1043)
- - snmp: disable MSHUTDOWN function to prevent error_log noise
- - revert default php.ini changes since 4.3.10
- - restore from PEAR: HTTP, Mail, XML_Parser, Net_Socket, Net_SMTP
- - remove bundled PEAR packages HTML_Template_IT, Net_UserAgent_Detect
- - don't configure with --enable-safe-mode (RH #148969)
- - install gd headers (RH #145891)
- - bundle PEAR DB-1.7.5 (omitted from 4.3.11 tarball)
- - Removed LDAP patch which is now included in 4.3.11

c124332b3f40f4d7dc0b5f339daa150d39cc319b  php-4.3.11-1.fc1.1.legacy.i386.rpm
8ed8cc327e487349ab5de9999b482ec403475839  php-4.3.11-1.fc1.1.legacy.src.rpm
551e0c60436af2ec060a89d00855ad0dfc322648  php-devel-4.3.11-1.fc1.1.legacy.i386.rpm
953beb5150fe5d9775bd31936b94c6e7698e7b68  php-domxml-4.3.11-1.fc1.1.legacy.i386.rpm
1bc0d9900732a388e418cb329cdcc1554312c8a3  php-imap-4.3.11-1.fc1.1.legacy.i386.rpm
d90e31feb9303b28e38c5998e55b52a310e6d21a  php-ldap-4.3.11-1.fc1.1.legacy.i386.rpm
83c7a85dfcf4cc66ae617a3ef4c7623688be5752 
php-mbstring-4.3.11-1.fc1.1.legacy.i386.rpm
646e0eccbc8bf55b94418a93a4d17bcded707c62  php-mysql-4.3.11-1.fc1.1.legacy.i386.rpm
f8afc74ae97dffd48946c9a70e2685628ca2d016  php-odbc-4.3.11-1.fc1.1.legacy.i386.rpm
5432b4b8610a7e53d48517361fbfec74f2c507ce  php-pgsql-4.3.11-1.fc1.1.legacy.i386.rpm
c14f9ec1778ce259108c68a04a2d18ced39430f6  php-snmp-4.3.11-1.fc1.1.legacy.i386.rpm
ddaa26e5f48fac10cea01e850a4c6d97e5071c88  php-xmlrpc-4.3.11-1.fc1.1.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/1/php-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-4.3.11-1.fc1.1.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-devel-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-domxml-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-imap-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-ldap-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-mbstring-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-mysql-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-odbc-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-pgsql-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-snmp-4.3.11-1.fc1.1.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/1/php-xmlrpc-4.3.11-1.fc1.1.legacy.i386.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCabgDLMAs/0C4zNoRAjgQAKC0ipfhdS5DR4YW4bod4kFGvKJfhACeIxBU
Hkv2rc5U3c2YqodmtdWpR54=
=5XQa
-----END PGP SIGNATURE-----
Comment 3 Marc Deslauriers 2005-04-24 09:11:51 EDT
CAN-2005-0596 doesn't affect us after all.
Comment 4 Marc Deslauriers 2005-04-24 09:14:47 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated php packages to QA for rh9.

* Sat Apr 23 2005 Marc Deslauriers <marcdeslauriers@videotron.ca> 4.2.2-17.14.legacy
- - Updated CAN-2004-1019 security patch to backported unserializer
  from 4.3.11 to fix performance regressions

* Sat Apr 23 2005 Marc Deslauriers <marcdeslauriers@videotron.ca> 4.2.2-17.13.legacy
- - Added security patches for CAN-2005-0524, CAN-2005-0525,
  CAN-2005-1042 and CAN-2005-1043

0734d2ce599cc3d12af3c6634f1466751c020ebe  php-4.2.2-17.14.legacy.i386.rpm
a89d6426c4ea5decbf2f817ab74846ac87631729  php-4.2.2-17.14.legacy.src.rpm
1081a8f7018288ce2edb92e4f9569cfb7c06a95a  php-devel-4.2.2-17.14.legacy.i386.rpm
716ca42347f76a649f078c910e6322d3a4499a9c  php-imap-4.2.2-17.14.legacy.i386.rpm
5eb7ad76e9d92f1bc5ec939d1b54349585927283  php-ldap-4.2.2-17.14.legacy.i386.rpm
c5889601093588fa9d8696dd34e4e2a7ecd2baa0  php-manual-4.2.2-17.14.legacy.i386.rpm
1a6b8234b8b9ee580ba80e0f56ca8c970dbec1ea  php-mysql-4.2.2-17.14.legacy.i386.rpm
580e5bc9047e2daf399ac611e1dcdaa27202ef9e  php-odbc-4.2.2-17.14.legacy.i386.rpm
6f9b4642a04bb3237c7746574046254ff6e3891c  php-pgsql-4.2.2-17.14.legacy.i386.rpm
1200196ca7fea18e35f7ebb60f51d817dc871713  php-snmp-4.2.2-17.14.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/9/php-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-4.2.2-17.14.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-devel-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-imap-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-ldap-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-manual-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-mysql-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-odbc-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-pgsql-4.2.2-17.14.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/9/php-snmp-4.2.2-17.14.legacy.i386.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCa5uyLMAs/0C4zNoRAjfLAKCm5biEO9NmJpSAmn4pm53yBH+/OQCfRMO8
g0jAlNLnH98pGlWvEf76H4Y=
=MX/v
-----END PGP SIGNATURE-----
Comment 5 Marc Deslauriers 2005-04-24 10:52:16 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here are updated php packages to QA for rh7.3.

* Sun Apr 24 2005 Marc Deslauriers <marcdeslauriers@videotron.ca>
4.1.2-7.3.17.legacy
- - Added security patch for CAN-2005-0524 and CAN-2005-0525

f356681d4000f039c041387637e53fb0e9df86ff  php-4.1.2-7.3.17.legacy.i386.rpm
2cb1a68b6b9618aa81e352bf9b8c27660ff28e95  php-4.1.2-7.3.17.legacy.src.rpm
c866ddfff868c5aeba7ceac9b2436820501a2082  php-devel-4.1.2-7.3.17.legacy.i386.rpm
9dde5b8cd46e6166404fbe5009d0832ce71ae40b  php-imap-4.1.2-7.3.17.legacy.i386.rpm
5e1645a096c81efe4236e542e049fb81c5c10850  php-ldap-4.1.2-7.3.17.legacy.i386.rpm
7695d6dcd4bae3c5740d0bcc9be98f7a9a508b26  php-manual-4.1.2-7.3.17.legacy.i386.rpm
b388423364a4a655b0eb451b7758e484ea7b97aa  php-mysql-4.1.2-7.3.17.legacy.i386.rpm
7283ade5e67fa3207928fea35631c9c22d19eb1c  php-odbc-4.1.2-7.3.17.legacy.i386.rpm
42fdfbe41edfda1c8b14dabb273176959f45c45e  php-pgsql-4.1.2-7.3.17.legacy.i386.rpm
27e1e830d72cb1dda4f5c017c35731a1926590d9  php-snmp-4.1.2-7.3.17.legacy.i386.rpm

http://www.infostrategique.com/linuxrpms/legacy/7.3/php-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-4.1.2-7.3.17.legacy.src.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-devel-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-imap-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-ldap-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-manual-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-mysql-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-odbc-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-pgsql-4.1.2-7.3.17.legacy.i386.rpm
http://www.infostrategique.com/linuxrpms/legacy/7.3/php-snmp-4.1.2-7.3.17.legacy.i386.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCa7KXLMAs/0C4zNoRAlSFAJ91QrbXVMRRF36n/HkHk8Jr8i759wCeNUhl
4kRbBA5IW8lO0qIiw6J/IWE=
=Z7Ch
-----END PGP SIGNATURE-----
Comment 6 Pekka Savola 2005-05-01 04:56:15 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

QA w/ rpm-build-compare.sh:
 - source file integrity verified
 - spec file changes look good, but took a while to compare
 - patches have been verified; a bit more below.  Notes:

  * CAN-2005-0596 does not seem to apply
  * It was not 100% clear that 1042 and 1043 do not apply to RHL73,
    but at least it isn't obvious if they do; as this is just a DoS in any
    case, I suggest we move on and revisit RHL73 later if it turns
    out these need fixing as well.
  * RHEL3 had more extensive patch for 1042 & 1043 than we do in RHL9;
    they also backported miscellaneous fixes from CVS.  I'd also have liked
    to see a second vendor do the patch like Mandriva did, but I guess
    it's good enough.  The patch also had 'return' instead of 'return
    FALSE', but this doesn't matter as the function's return type (in this
    version) is void.
  * the var_unserializer enhancements were OK, but there has been one
    additional fix ("fixes severe bugs") in CVS since 4.3.11.  If the
    package needs to be respun for some other reasons, I'd suggest updating to
    include that as well: http://cvs.php.net/diff.php/php-src/ext/standard/
    var_unserializer.c?r1=1.18.4.23&r2=1.18.4.24&ty=u

+PUBLISH RHL73,RHL9,FC1,FC2

2cb1a68b6b9618aa81e352bf9b8c27660ff28e95  php-4.1.2-7.3.17.legacy.src.rpm
a89d6426c4ea5decbf2f817ab74846ac87631729  php-4.2.2-17.14.legacy.src.rpm
8ed8cc327e487349ab5de9999b482ec403475839  php-4.3.11-1.fc1.1.legacy.src.rpm
a37fcfedf64f9034d62367b91a07a5d924d28a66  php-4.3.11-1.fc2.1.legacy.src.rpm

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQFCdJmJGHbTkzxSL7QRAu8KAJoD7VmLPA1LKmHQsz1Nno2cyez7EACgs6rn
iUzWdZsULrgTy2BuA9XzAJw=
=jfYn
-----END PGP SIGNATURE-----
Comment 7 Marc Deslauriers 2005-05-02 08:03:59 EDT
Packages were pushed to updates-testing.
Comment 8 Tom Yates 2005-05-02 10:48:30 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

bd793f717cca20745ab9c67cb6a7b4bcebe46d93 php-4.2.2-17.14.legacy.i386.rpm

installs OK.  squirrelmail, which is fairly php-intensive, runs fine after
apache restart (send mail, read mail, edit preferences).  phpinfo reports
build date of May 1 2005 13:20:13, so i'm fairly sure it's the new one.

+VERIFY RH9

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)

iD8DBQFCdj2iePtvKV31zw4RAjZQAJwMapAzVRp2LQjj4T8WGJFz2ovinwCgq4ja
BpzC8T9SDIE3lAsf0r41GNs=
=jKRQ
-----END PGP SIGNATURE-----
Comment 9 Eric Jon Rostetter 2005-05-02 11:35:04 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
 
++VERIFY for RHL9
 
Packages: php-4.2.2-17.14.legacy.i386.rpm
        php-devel-4.2.2-17.14.legacy.i386.rpm
        php-imap-4.2.2-17.14.legacy.i386.rpm
        php-ldap-4.2.2-17.14.legacy.i386.rpm
        php-manual-4.2.2-17.14.legacy.i386.rpm
        php-mysql-4.2.2-17.14.legacy.i386.rpm
        php-odbc-4.2.2-17.14.legacy.i386.rpm
        php-pgsql-4.2.2-17.14.legacy.i386.rpm
        php-snmp-4.2.2-17.14.legacy.i386.rpm
           
Signatures and checksums all okay.
 
Installed on RHL 9 without problem/error. Mirror of the FL web site
worked both before and after restarting web server.  Ran command line
version in lint mode and regular mode without any problems.
Vote for release.
 
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
 
iD8DBQFCdkex4jZRbknHoPIRAkbjAJ0dLODjEmCABYn82rtcLeDn+DKUAgCgnhgo
5rheV0cJMP49ZADG2KxOcAg=
=EcoH
-----END PGP SIGNATURE-----
Comment 10 Pekka Savola 2005-05-03 06:20:10 EDT
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
                                                                               
                                             
QA on RHL73:
                                                                               
                                             
Installed php, php-mysql, php-ldap and php-imap.  Basic stuff seemed to work
OK, and webmail/horde also worked fine.
                                                                               
                                             
VERIFY RHL73
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
                                                                               
                                             
iD8DBQFCd0lNGHbTkzxSL7QRAi/kAJ9WJghI0zG4iAz9UTu90lSQKrdWCwCgjYAs
S3FDOasvF29fp8HHI4s59T4=
=C4ww
-----END PGP SIGNATURE-----
Comment 11 Pekka Savola 2005-06-16 08:42:49 EDT
Two verifies, timeout in 2 weeks.
Comment 12 Pekka Savola 2005-07-01 14:40:22 EDT
Timeout over, to be released.
Comment 13 Marc Deslauriers 2005-07-10 17:26:26 EDT
Packages were released to updates.

Note You need to log in before you can comment on or make changes to this bug.