AnNyung Official Homepage Home > Update [ 1.2 ]  

HOME
What is AnNyung
Documents
Packages System
White Paper
Download
Update
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]
FAQ
Hardware
RoadMap
Gallery

  Go oops.org
  AnNyung banner 88x31

  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15



php 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다.

문서번호 : 1159388307
업데이트 : 2006.09.28


상세내용

* update 5.1.6-1
* security fix

CVE-2006-4020:
scanf.c in PHP 5.1.4 and earlier, and 4.4.3 and earlier, allows context-dependent
attackers to execute arbitrary code via a sscanf PHP function call that performs
argument swapping, which increments an index past the end of an array and triggers
a buffer over-read.

CVE-2006-4482:
Multiple heap-based buffer overflows in the (1) str_repeat and (2) wordwrap functions
in ext/standard/string.c in PHP before 5.1.5, when used on a 64-bit system, have
unspecified impact and attack vectors, a different vulnerability than CVE-2006-1990.

CVE-2006-4484:
Buffer overflow in the LWZReadByte_ function in ext/gd/libgd/gd_gif_in.c in the GD
extension in PHP before 5.1.5 allows remote attackers to have an unknown impact via
a GIF file with input_code_size greater than MAX_LWZ_BITS, which triggers an overflow
when initializing the table array.

CVE-2006-4486:
Integer overflow in memory allocation routines in PHP before 5.1.6, when running on
a 64-bit system, allows context-dependent attackers to bypass the memory_limit
restriction.

* add official patch to 40729
  fixed bug #38687 (sockaddr local storage insufficient for all sock families)
  fixed bug #38112 (not MFH'ed correctly (or reintroduced))

Autoupdates 지원 : 일부 지원
  Autoupdate 대상 :
    . php-binary
    . php-devel

  Autoupdate 비 대상 :

    . 나머지 패키지들
    . pkgadd -F php* 명령으로 업데이트 가능 또는 pkginfo -u 옵션으로 업데이트 대상
      확인


update 패키지

  RPMS :

    + PHP5

    . php-binary-5.1.6-1.i686.rpm
    . php-devel-5.1.6-1.i686.rpm

    . php-5.1.6-1.i686.rpm
    . php-bcmath-5.1.6-1.i686.rpm
    . php-bz2-5.1.6-1.i686.rpm
    . php-calendar-5.1.6-1.i686.rpm
    . php-curl-5.1.6-1.i686.rpm
    . php-dba-5.1.6-1.i686.rpm
    . php-eaccelerator-5.1.6-1.i686.rpm
    . php-exif-5.1.6-1.i686.rpm
    . php-fileinfo-5.1.6-1.i686.rpm
    . php-ftp-5.1.6-1.i686.rpm
    . php-gd-5.1.6-1.i686.rpm
    . php-gettext-5.1.6-1.i686.rpm
    . php-hash-5.1.6-1.i686.rpm
    . php-iconv-5.1.6-1.i686.rpm
    . php-imap-5.1.6-1.i686.rpm
    . php-korean-5.1.6-1.i686.rpm
    . php-mbstring-5.1.6-1.i686.rpm
    . php-mcrypt-5.1.6-1.i686.rpm
    . php-memcache-5.1.6-1.i686.rpm
    . php-mhash-5.1.6-1.i686.rpm
    . php-mssql-5.1.6-1.i686.rpm
    . php-mysql-5.1.6-1.i686.rpm
    . php-mysqli-5.1.6-1.i686.rpm
    . php-openssl-5.1.6-1.i686.rpm
    . php-pdo-5.1.6-1.i686.rpm
    . php-pdo-mysql-5.1.6-1.i686.rpm
    . php-pdo-pgsql-5.1.6-1.i686.rpm
    . php-pgsql-5.1.6-1.i686.rpm
    . php-rrd-5.1.6-1.i686.rpm
    . php-sockets-5.1.6-1.i686.rpm
    . php-sqlite-5.1.6-1.i686.rpm
    . php-zlib-5.1.6-1.i686.rpm


  SRPMS :

    . php-extension-5.1.6-1.src.rpm


참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4020
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4482
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4484
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-4486


    

 Home > Update [ 1.2 ]
Copyright 2013 OOPS Development Organization 
LAST MODIFIED: 2013/02/16