porn - javhd - hentai

Ubuntu issues big PHP update

By   |  July 24, 2008

The Ubuntu development team yesterday released a series of security fixes for PHP running on Ubuntu 6.06 LTS, 7.04, 7.10 and Ubuntu 8.04 LTS.

The updates fix a number of security risks in PHP, including a problem with PHP not properly checking the length of the string parameter to the fnmatch function. An attacker could cause a denial of service in the PHP interpreter if a script passed untrusted input to the fnmatch function.

The fix also fixes a flaw in the cURL library that allowed safe_mode and open_basedir restrictions to be bypassed. If a
PHP application were tricked into processing a bad file:// request, an attacker could read arbitrary files.

Problems with the htmlentities and htmlspecialchars functions that did not correctly stop when handling partial multibyte
sequences was also fixed. This error could be used by an attacker to read certain areas of memory, possibly gaining access to sensitive information.

These, and other security risks, can be fixed by updating systems to the following package versions:

Ubuntu 6.06 LTS:
libapache2-mod-php5 5.1.2-1ubuntu3.12
php5-cgi 5.1.2-1ubuntu3.12
php5-cli 5.1.2-1ubuntu3.12
php5-curl 5.1.2-1ubuntu3.12

Ubuntu 7.04:
libapache2-mod-php5 5.2.1-0ubuntu1.6
php5-cgi 5.2.1-0ubuntu1.6
php5-cli 5.2.1-0ubuntu1.6
php5-curl 5.2.1-0ubuntu1.6

Ubuntu 7.10:
libapache2-mod-php5 5.2.3-1ubuntu6.4
php5-cgi 5.2.3-1ubuntu6.4
php5-cli 5.2.3-1ubuntu6.4
php5-curl 5.2.3-1ubuntu6.4

Ubuntu 8.04 LTS:
libapache2-mod-php5 5.2.4-2ubuntu5.3
php5-cgi 5.2.4-2ubuntu5.3
php5-cli 5.2.4-2ubuntu5.3
php5-curl 5.2.4-2ubuntu5.3

Full details of the flaws fixed by this release can be found here.

Tags:

Comments

One Response to “Ubuntu issues big PHP update”

  1. Ubuntu’s Shuttleworth wants Linux to “out-pretty” Apple desktop - CNET News | Ubuntu Today
    July 28th, 2008 @ 2:07 am

    […] Ubuntu issues big PHP update – TectonicIf you’re new here you may want to subscribe to our RSS feed or our weekly email newsletter . Thanks for visiting! The Ubuntu development team yesterday released a series of security fixes for PHP running on Ubuntu 6.06 LTS, 7.04, 7.10 and Ubuntu 8 […]

Comments are closed