openSUSE-SU-2010:0255-1 (low): php5 security update

17 May 2010

      openSUSE Security Update: php5 security update
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0255-1
Rating:             low
References:         #588975 
Cross-References:   CVE-2010-0397
Affected Products:
                    openSUSE 11.2
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:

   Incomplete XML RPC requests could crash the php interpreter
   (CVE-2010-0397).

   PHP was updated to version 5.3.2 to fix the problem.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.2:

      zypper in -t patch apache2-mod_php5-2409

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 11.2 (i586 src x86_64) [New Version: 5.3.2]:

      php5-5.3.2-1.1.1

   - openSUSE 11.2 (i586 x86_64) [New Version: 5.3.2]:

      apache2-mod_php5-5.3.2-1.1.1
      php5-bcmath-5.3.2-1.1.1
      php5-bz2-5.3.2-1.1.1
      php5-calendar-5.3.2-1.1.1
      php5-ctype-5.3.2-1.1.1
      php5-curl-5.3.2-1.1.1
      php5-dba-5.3.2-1.1.1
      php5-devel-5.3.2-1.1.1
      php5-dom-5.3.2-1.1.1
      php5-enchant-5.3.2-1.1.1
      php5-exif-5.3.2-1.1.1
      php5-fastcgi-5.3.2-1.1.1
      php5-fileinfo-5.3.2-1.1.1
      php5-ftp-5.3.2-1.1.1
      php5-gd-5.3.2-1.1.1
      php5-gettext-5.3.2-1.1.1
      php5-gmp-5.3.2-1.1.1
      php5-hash-5.3.2-1.1.1
      php5-iconv-5.3.2-1.1.1
      php5-imap-5.3.2-1.1.1
      php5-intl-5.3.2-1.1.1
      php5-json-5.3.2-1.1.1
      php5-ldap-5.3.2-1.1.1
      php5-mbstring-5.3.2-1.1.1
      php5-mcrypt-5.3.2-1.1.1
      php5-mysql-5.3.2-1.1.1
      php5-odbc-5.3.2-1.1.1
      php5-openssl-5.3.2-1.1.1
      php5-pcntl-5.3.2-1.1.1
      php5-pdo-5.3.2-1.1.1
      php5-pgsql-5.3.2-1.1.1
      php5-phar-5.3.2-1.1.1
      php5-posix-5.3.2-1.1.1
      php5-pspell-5.3.2-1.1.1
      php5-readline-5.3.2-1.1.1
      php5-shmop-5.3.2-1.1.1
      php5-snmp-5.3.2-1.1.1
      php5-soap-5.3.2-1.1.1
      php5-sockets-5.3.2-1.1.1
      php5-sqlite-5.3.2-1.1.1
      php5-suhosin-5.3.2-1.1.1
      php5-sysvmsg-5.3.2-1.1.1
      php5-sysvsem-5.3.2-1.1.1
      php5-sysvshm-5.3.2-1.1.1
      php5-tidy-5.3.2-1.1.1
      php5-tokenizer-5.3.2-1.1.1
      php5-wddx-5.3.2-1.1.1
      php5-xmlreader-5.3.2-1.1.1
      php5-xmlrpc-5.3.2-1.1.1
      php5-xmlwriter-5.3.2-1.1.1
      php5-xsl-5.3.2-1.1.1
      php5-zip-5.3.2-1.1.1
      php5-zlib-5.3.2-1.1.1

   - openSUSE 11.2 (noarch) [New Version: 5.3.2]:

      php5-pear-5.3.2-1.1.1

References:

   http://support.novell.com/security/cve/CVE-2010-0397.html
   https://bugzilla.novell.com/588975

openSUSE-SU-2010:0255-1 (low): php5 security update

opensuse-security＠opensuse.org