php 5.x 보안 업데이트
Web Browser 로는 FTP 접속이 불가능 합니다.
문서번호 : 1244992581
업데이트 : 2009.06.15
상세내용
* 보안 버그 fix
. CVE-2008-5498
Array index error in the imageRotate function in PHP 5.2.8 and earlier allows
context-dependent attackers to read the contents of arbitrary memory locations
via a crafted value of the third argument (aka the bgd_color or clrBack
argument) for an indexed image.
. CVE-2008-5557
Heap-based buffer overflow in ext/mbstring/libmbfl/filters/mbfilter_htmlent.c
in the mbstring extension in PHP 4.3.0 through 5.2.6 allows context-dependent
attackers to execute arbitrary code via a crafted string containing an HTML
entity, which is not properly handled during Unicode conversion, related to the
(1) mb_convert_encoding, (2) mb_check_encoding, (3) mb_convert_variables, and
(4) mb_parse_str functions.
* memcache 3.0.4 update
Autoupdates 지원 : 일부 지원
pkgsysupdate -v
pkgadd -F "php*"
update 패키지
RPMS :
+ PHP5
. php-binary-5.2.6-5.i686.rpm
. php-5.2.6-5.i686.rpm
. php-fcgi-5.2.6-5.i686.rpm
. php-devel-5.2.6-5.i686.rpm
. php-gd-5.2.6-5.i686.rpm
. php-mssql-5.2.6-5.i686.rpm
. php-bcmath-5.2.6-5.i686.rpm
. php-geoip-5.2.6-5.i686.rpm
. php-mysql-5.2.6-5.i686.rpm
. php-gettext-5.2.6-5.i686.rpm
. php-mysqli-5.2.6-5.i686.rpm
. php-bz2-5.2.6-5.i686.rpm
. php-hash-5.2.6-5.i686.rpm
. php-openssl-5.2.6-5.i686.rpm
. php-calendar-5.2.6-5.i686.rpm
. php-iconv-5.2.6-5.i686.rpm
. php-pdo-5.2.6-5.i686.rpm
. php-curl-5.2.6-5.i686.rpm
. php-imap-5.2.6-5.i686.rpm
. php-pdo-mysql-5.2.6-5.i686.rpm
. php-dba-5.2.6-5.i686.rpm
. php-korean-5.2.6-5.i686.rpm
. php-pdo-pgsql-5.2.6-5.i686.rpm
. php-krisp-5.2.6-5.i686.rpm
. php-pgsql-5.2.6-5.i686.rpm
. php-eaccelerator-5.2.6-5.i686.rpm
. php-rrd-5.2.6-5.i686.rpm
. php-exif-5.2.6-5.i686.rpm
. php-mcrypt-5.2.6-5.i686.rpm
. php-sockets-5.2.6-5.i686.rpm
. php-fileinfo-5.2.6-5.i686.rpm
. php-memcache-5.2.6-5.i686.rpm
. php-sqlite-5.2.6-5.i686.rpm
. php-ftp-5.2.6-5.i686.rpm
. php-mhash-5.2.6-5.i686.rpm
. php-yp-5.2.6-5.i686.rpm
. php-nis-5.2.6-5.i686.rpm
. php-json-5.2.6-5.i686.rpm
SRPMS :
. php-extension-5.2.6-5.src.rpm
참고 :
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5498
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5557
|