TITLE: Mandriva update for php SECUNIA ADVISORY ID: SA19775 VERIFY ADVISORY: http://secunia.com/advisories/19775/ CRITICAL: Not critical IMPACT: Security Bypass, Cross Site Scripting WHERE: >From remote OPERATING SYSTEM: Mandriva Linux 2006 http://secunia.com/product/9020/ DESCRIPTION: Mandriva has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to conduct cross-site scripting attacks. For more information: SA19599 SOLUTION: Apply updated packages. -- Mandrivalinux 2006 -- f9f92f293c9a66facd9df8d387aff8a4 2006.0/RPMS/libphp5_common5-5.0.4-9.7.20060mdk.i586.rpm 7e9966dbcae985dc1a96d504a0f62608 2006.0/RPMS/php-cgi-5.0.4-9.7.20060mdk.i586.rpm 5986088bc45b33a07cfa9040728eda4b 2006.0/RPMS/php-cli-5.0.4-9.7.20060mdk.i586.rpm cb71d5ed6ce66a8cb8bb6eb606f41c18 2006.0/RPMS/php-devel-5.0.4-9.7.20060mdk.i586.rpm 35a8f28a1bf837da8c4cd4c7ccfbabf0 2006.0/RPMS/php-fcgi-5.0.4-9.7.20060mdk.i586.rpm 4ed1817971b580bf5158ba8c7849942a 2006.0/SRPMS/php-5.0.4-9.7.20060mdk.src.rpm -- Mandrivalinux 2006/X86_64 -- 12034267cfa851d3cd1790147fe33a33 x86_64/2006.0/RPMS/lib64php5_common5-5.0.4-9.7.20060mdk.x86_64.rpm 71fa67fd6f623cca6bef276f8698966c x86_64/2006.0/RPMS/php-cgi-5.0.4-9.7.20060mdk.x86_64.rpm a5ae41e39b78f723e5c008f42cd94713 x86_64/2006.0/RPMS/php-cli-5.0.4-9.7.20060mdk.x86_64.rpm 26d888c996a63a6f30f1158f1f262ac5 x86_64/2006.0/RPMS/php-devel-5.0.4-9.7.20060mdk.x86_64.rpm 7bffe3e550178279eb0cf86a63135ed8 x86_64/2006.0/RPMS/php-fcgi-5.0.4-9.7.20060mdk.x86_64.rpm 4ed1817971b580bf5158ba8c7849942a x86_64/2006.0/SRPMS/php-5.0.4-9.7.20060mdk.src.rpm ORIGINAL ADVISORY: http://wwwnew.mandriva.com/security/advisories?name=MDKSA-2006:074 OTHER REFERENCES: SA19599: http://secunia.com/advisories/19599/ ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------