AnNyung Official Homepage Home > Update [ 1.2 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



php 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1159388307
업데이트 : 2006.09.28


상세내용

* update 5.1.6-1
* security fix

CVE-2006-4020:
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent
attackers to execute arbitrary code via a sscanf PHP function call that performs
argument swapping, which increments an index past the end of an array and triggers
a buffer over-read.

CVE-2006-4482:
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions
in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have
unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.

CVE-2006-4484:
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD
extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via
a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow
when initializing the table array.

CVE-2006-4486:
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on
a 64-bit system, allows context-dependent attackers to bypass the memory_limit
restriction.

* add official patch to 40729
  fixed bug #38687 (sockaddr local storage insufficient for all sock families)
  fixed bug #38112 (not MFH'ed correctly (or reintroduced))

Autoupdates 지원 : 일부 지원
  Autoupdate 대상 :
    . php-binary
    . php-devel

  Autoupdate 비 대상 :

    . 나머지 패키지들
    . pkgadd -F php* 명령으로 업데이트 가능 또는 pkginfo -u 옵션으로 업데이트 대상
      확인


update 패키지

  RPMS :

    + PHP5

    . php-binary-5.1.6-1.i686.rpm
    . php-devel-5.1.6-1.i686.rpm

    . php-5.1.6-1.i686.rpm
    . php-bcmath-5.1.6-1.i686.rpm
    . php-bz2-5.1.6-1.i686.rpm
    . php-calendar-5.1.6-1.i686.rpm
    . php-curl-5.1.6-1.i686.rpm
    . php-dba-5.1.6-1.i686.rpm
    . php-eaccelerator-5.1.6-1.i686.rpm
    . php-exif-5.1.6-1.i686.rpm
    . php-fileinfo-5.1.6-1.i686.rpm
    . php-ftp-5.1.6-1.i686.rpm
    . php-gd-5.1.6-1.i686.rpm
    . php-gettext-5.1.6-1.i686.rpm
    . php-hash-5.1.6-1.i686.rpm
    . php-iconv-5.1.6-1.i686.rpm
    . php-imap-5.1.6-1.i686.rpm
    . php-korean-5.1.6-1.i686.rpm
    . php-mbstring-5.1.6-1.i686.rpm
    . php-mcrypt-5.1.6-1.i686.rpm
    . php-memcache-5.1.6-1.i686.rpm
    . php-mhash-5.1.6-1.i686.rpm
    . php-mssql-5.1.6-1.i686.rpm
    . php-mysql-5.1.6-1.i686.rpm
    . php-mysqli-5.1.6-1.i686.rpm
    . php-openssl-5.1.6-1.i686.rpm
    . php-pdo-5.1.6-1.i686.rpm
    . php-pdo-mysql-5.1.6-1.i686.rpm
    . php-pdo-pgsql-5.1.6-1.i686.rpm
    . php-pgsql-5.1.6-1.i686.rpm
    . php-rrd-5.1.6-1.i686.rpm
    . php-sockets-5.1.6-1.i686.rpm
    . php-sqlite-5.1.6-1.i686.rpm
    . php-zlib-5.1.6-1.i686.rpm


  SRPMS :

    . php-extension-5.1.6-1.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4486


    

 Home > Update [ 1.2 ]
Copyright 2024 OOPS Development Organization 
LAST MODIFIED: 2018/04/10