TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA18763 VERIFY ADVISORY: http://secunia.com/advisories/18763/ CRITICAL: Moderately critical IMPACT: Security Bypass WHERE: >From remote OPERATING SYSTEM: Mandrakelinux 10.1 http://secunia.com/product/4198/ DESCRIPTION: Mandriva has issued an update for php. This fixes a vulnerability, which can be exploited by malicious people to bypass certain security restrictions. For more information, see #5 in: SA17371 SOLUTION: Apply updated packages. Mandrakelinux 10.1: 73fb60b80de60eac15425466e59dca39 10.1/RPMS/libphp_common432-4.3.8-3.8.101mdk.i586.rpm b28919e0310bf29bf5866dae1ee16d98 10.1/RPMS/php432-devel-4.3.8-3.8.101mdk.i586.rpm d83eaac3668f09924156f177cd15f201 10.1/RPMS/php-cgi-4.3.8-3.8.101mdk.i586.rpm 143fc214304a1c289fca9706a2a1c3a8 10.1/RPMS/php-cli-4.3.8-3.8.101mdk.i586.rpm 78c983eccc5b8423c97ef382438b2e65 10.1/RPMS/php-gd-4.3.8-2.1.101mdk.i586.rpm 677522c6ed558432f3dbf15616083610 10.1/SRPMS/php-4.3.8-3.8.101mdk.src.rpm aac1a54955e947f6c15c8b8059ae4181 10.1/SRPMS/php-gd-4.3.8-2.1.101mdk.src.rpm Mandrakelinux 10.1/X86_64: 106d6d5ca6b8f39c392bd13ec1dc42d4 x86_64/10.1/RPMS/lib64php_common432-4.3.8-3.8.101mdk.x86_64.rpm b4c808eec06082b85642bb130f8415dc x86_64/10.1/RPMS/php432-devel-4.3.8-3.8.101mdk.x86_64.rpm 471cb69b308907e438d462c99980dea0 x86_64/10.1/RPMS/php-cgi-4.3.8-3.8.101mdk.x86_64.rpm 553db3e91f87e7a515ac135e8d7f15f0 x86_64/10.1/RPMS/php-cli-4.3.8-3.8.101mdk.x86_64.rpm ec747cf48a3dad42141f27e44325033e x86_64/10.1/RPMS/php-gd-4.3.8-2.1.101mdk.x86_64.rpm 677522c6ed558432f3dbf15616083610 x86_64/10.1/SRPMS/php-4.3.8-3.8.101mdk.src.rpm aac1a54955e947f6c15c8b8059ae4181 x86_64/10.1/SRPMS/php-gd-4.3.8-2.1.101mdk.src.rpm ORIGINAL ADVISORY: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:035 OTHER REFERENCES: SA17371: http://secunia.com/advisories/17371/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------