openSUSE-SU-2010:0255-2 (low): php5 security update.

17 May 2010

      openSUSE Security Update: php5 security update.
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0255-2
Rating:             low
References:         #588975 
Cross-References:   CVE-2010-0397
Affected Products:
                    openSUSE 11.1
______________________________________________________________________________

   An update that fixes one vulnerability is now available. It
   includes one version update.

Description:

   Incomplete XML RPC requests could crash the php interpreter
   (CVE-2010-0397).

   PHP was updated to version 5.2.12 to fix the problem.

Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.1:

      zypper in -t patch apache2-mod_php5-2410

   To bring your system up-to-date, use "zypper patch".

Package List:

   - openSUSE 11.1 (i586 ppc src x86_64) [New Version: 5.2.13]:

      php5-5.2.13-0.1.1

   - openSUSE 11.1 (i586 ppc x86_64) [New Version: 5.2.13]:

      apache2-mod_php5-5.2.13-0.1.1
      php5-bcmath-5.2.13-0.1.1
      php5-bz2-5.2.13-0.1.1
      php5-calendar-5.2.13-0.1.1
      php5-ctype-5.2.13-0.1.1
      php5-curl-5.2.13-0.1.1
      php5-dba-5.2.13-0.1.1
      php5-dbase-5.2.13-0.1.1
      php5-devel-5.2.13-0.1.1
      php5-dom-5.2.13-0.1.1
      php5-exif-5.2.13-0.1.1
      php5-fastcgi-5.2.13-0.1.1
      php5-ftp-5.2.13-0.1.1
      php5-gd-5.2.13-0.1.1
      php5-gettext-5.2.13-0.1.1
      php5-gmp-5.2.13-0.1.1
      php5-hash-5.2.13-0.1.1
      php5-iconv-5.2.13-0.1.1
      php5-imap-5.2.13-0.1.1
      php5-json-5.2.13-0.1.1
      php5-ldap-5.2.13-0.1.1
      php5-mbstring-5.2.13-0.1.1
      php5-mcrypt-5.2.13-0.1.1
      php5-mysql-5.2.13-0.1.1
      php5-ncurses-5.2.13-0.1.1
      php5-odbc-5.2.13-0.1.1
      php5-openssl-5.2.13-0.1.1
      php5-pcntl-5.2.13-0.1.1
      php5-pdo-5.2.13-0.1.1
      php5-pear-5.2.13-0.1.1
      php5-pgsql-5.2.13-0.1.1
      php5-posix-5.2.13-0.1.1
      php5-pspell-5.2.13-0.1.1
      php5-readline-5.2.13-0.1.1
      php5-shmop-5.2.13-0.1.1
      php5-snmp-5.2.13-0.1.1
      php5-soap-5.2.13-0.1.1
      php5-sockets-5.2.13-0.1.1
      php5-sqlite-5.2.13-0.1.1
      php5-suhosin-5.2.13-0.1.1
      php5-sysvmsg-5.2.13-0.1.1
      php5-sysvsem-5.2.13-0.1.1
      php5-sysvshm-5.2.13-0.1.1
      php5-tidy-5.2.13-0.1.1
      php5-tokenizer-5.2.13-0.1.1
      php5-wddx-5.2.13-0.1.1
      php5-xmlreader-5.2.13-0.1.1
      php5-xmlrpc-5.2.13-0.1.1
      php5-xmlwriter-5.2.13-0.1.1
      php5-xsl-5.2.13-0.1.1
      php5-zip-5.2.13-0.1.1
      php5-zlib-5.2.13-0.1.1

References:

   http://support.novell.com/security/cve/CVE-2010-0397.html
   https://bugzilla.novell.com/588975

opensuse-security＠opensuse.org

tags

participants (1)