Mailinglist Archive: opensuse-updates (59 mails)

[opensuse-security@xxxxxxxxxxxx]

   openSUSE Security Update: php5 security update.
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2010:0599-1
Rating:             important
References:         #588975 #604315 #604652 #604654 #604656 #605097 
                    #605100 #609763 #609766 #609768 #609769 #612555 
                    #612556 #616232 #619483 #619486 #619487 #619489 
                    #633932 #633934 #636923 
Cross-References:   CVE-2010-0397 CVE-2010-1860 CVE-2010-1862
                    CVE-2010-1864 CVE-2010-1866 CVE-2010-1914
                    CVE-2010-1915 CVE-2010-1917 CVE-2010-2093
                    CVE-2010-2094 CVE-2010-2097 CVE-2010-2100
                    CVE-2010-2101 CVE-2010-2190 CVE-2010-2191
                    CVE-2010-2225 CVE-2010-2531 CVE-2010-2950
                    CVE-2010-3062 CVE-2010-3063 CVE-2010-3064
                    CVE-2010-3065
Affected Products:
                    openSUSE 11.3
                    openSUSE 11.2
______________________________________________________________________________

   An update that fixes 22 vulnerabilities is now available.
   It includes one version update.

Description:

   PHP was updated to version 5.3.3 to fix serveral security
   issues.

   (CVE-2010-0397, CVE-2010-1860, CVE-2010-1862,
   CVE-2010-1864, CVE-2010-1866, CVE-2010-1914, CVE-2010-1915,
   CVE-2010-1917, CVE-2010-2093, CVE-2010-2094, CVE-2010-2097,
   CVE-2010-2100, CVE-2010-2101, CVE-2010-2190, CVE-2010-2191,
   CVE-2010-2225, CVE-2010-2531, CVE-2010-2950, CVE-2010-3062,
   CVE-2010-3063, CVE-2010-3064, CVE-2010-3065)


Patch Instructions:

   To install this openSUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - openSUSE 11.3:

      zypper in -t patch apache2-mod_php5-2929

   - openSUSE 11.2:

      zypper in -t patch apache2-mod_php5-2929

   To bring your system up-to-date, use "zypper patch".


Package List:

   - openSUSE 11.3 (i586 x86_64) [New Version: 5.3.3]:

      apache2-mod_php5-5.3.3-0.1.2
      php5-5.3.3-0.1.2
      php5-bcmath-5.3.3-0.1.2
      php5-bz2-5.3.3-0.1.2
      php5-calendar-5.3.3-0.1.2
      php5-ctype-5.3.3-0.1.2
      php5-curl-5.3.3-0.1.2
      php5-dba-5.3.3-0.1.2
      php5-devel-5.3.3-0.1.2
      php5-dom-5.3.3-0.1.2
      php5-enchant-5.3.3-0.1.2
      php5-exif-5.3.3-0.1.2
      php5-fastcgi-5.3.3-0.1.2
      php5-fileinfo-5.3.3-0.1.2
      php5-ftp-5.3.3-0.1.2
      php5-gd-5.3.3-0.1.2
      php5-gettext-5.3.3-0.1.2
      php5-gmp-5.3.3-0.1.2
      php5-hash-5.3.3-0.1.2
      php5-iconv-5.3.3-0.1.2
      php5-imap-5.3.3-0.1.2
      php5-intl-5.3.3-0.1.2
      php5-json-5.3.3-0.1.2
      php5-ldap-5.3.3-0.1.2
      php5-mbstring-5.3.3-0.1.2
      php5-mcrypt-5.3.3-0.1.2
      php5-mysql-5.3.3-0.1.2
      php5-odbc-5.3.3-0.1.2
      php5-openssl-5.3.3-0.1.2
      php5-pcntl-5.3.3-0.1.2
      php5-pdo-5.3.3-0.1.2
      php5-pgsql-5.3.3-0.1.2
      php5-phar-5.3.3-0.1.2
      php5-posix-5.3.3-0.1.2
      php5-pspell-5.3.3-0.1.2
      php5-readline-5.3.3-0.1.2
      php5-shmop-5.3.3-0.1.2
      php5-snmp-5.3.3-0.1.2
      php5-soap-5.3.3-0.1.2
      php5-sockets-5.3.3-0.1.2
      php5-sqlite-5.3.3-0.1.2
      php5-suhosin-5.3.3-0.1.2
      php5-sysvmsg-5.3.3-0.1.2
      php5-sysvsem-5.3.3-0.1.2
      php5-sysvshm-5.3.3-0.1.2
      php5-tidy-5.3.3-0.1.2
      php5-tokenizer-5.3.3-0.1.2
      php5-wddx-5.3.3-0.1.2
      php5-xmlreader-5.3.3-0.1.2
      php5-xmlrpc-5.3.3-0.1.2
      php5-xmlwriter-5.3.3-0.1.2
      php5-xsl-5.3.3-0.1.2
      php5-zip-5.3.3-0.1.2
      php5-zlib-5.3.3-0.1.2

   - openSUSE 11.3 (noarch) [New Version: 5.3.3]:

      php5-pear-5.3.3-0.1.2

   - openSUSE 11.2 (i586 x86_64) [New Version: 5.3.3]:

      apache2-mod_php5-5.3.3-0.1.1
      php5-5.3.3-0.1.1
      php5-bcmath-5.3.3-0.1.1
      php5-bz2-5.3.3-0.1.1
      php5-calendar-5.3.3-0.1.1
      php5-ctype-5.3.3-0.1.1
      php5-curl-5.3.3-0.1.1
      php5-dba-5.3.3-0.1.1
      php5-devel-5.3.3-0.1.1
      php5-dom-5.3.3-0.1.1
      php5-enchant-5.3.3-0.1.1
      php5-exif-5.3.3-0.1.1
      php5-fastcgi-5.3.3-0.1.1
      php5-fileinfo-5.3.3-0.1.1
      php5-ftp-5.3.3-0.1.1
      php5-gd-5.3.3-0.1.1
      php5-gettext-5.3.3-0.1.1
      php5-gmp-5.3.3-0.1.1
      php5-hash-5.3.3-0.1.1
      php5-iconv-5.3.3-0.1.1
      php5-imap-5.3.3-0.1.1
      php5-intl-5.3.3-0.1.1
      php5-json-5.3.3-0.1.1
      php5-ldap-5.3.3-0.1.1
      php5-mbstring-5.3.3-0.1.1
      php5-mcrypt-5.3.3-0.1.1
      php5-mysql-5.3.3-0.1.1
      php5-odbc-5.3.3-0.1.1
      php5-openssl-5.3.3-0.1.1
      php5-pcntl-5.3.3-0.1.1
      php5-pdo-5.3.3-0.1.1
      php5-pgsql-5.3.3-0.1.1
      php5-phar-5.3.3-0.1.1
      php5-posix-5.3.3-0.1.1
      php5-pspell-5.3.3-0.1.1
      php5-readline-5.3.3-0.1.1
      php5-shmop-5.3.3-0.1.1
      php5-snmp-5.3.3-0.1.1
      php5-soap-5.3.3-0.1.1
      php5-sockets-5.3.3-0.1.1
      php5-sqlite-5.3.3-0.1.1
      php5-suhosin-5.3.3-0.1.1
      php5-sysvmsg-5.3.3-0.1.1
      php5-sysvsem-5.3.3-0.1.1
      php5-sysvshm-5.3.3-0.1.1
      php5-tidy-5.3.3-0.1.1
      php5-tokenizer-5.3.3-0.1.1
      php5-wddx-5.3.3-0.1.1
      php5-xmlreader-5.3.3-0.1.1
      php5-xmlrpc-5.3.3-0.1.1
      php5-xmlwriter-5.3.3-0.1.1
      php5-xsl-5.3.3-0.1.1
      php5-zip-5.3.3-0.1.1
      php5-zlib-5.3.3-0.1.1

   - openSUSE 11.2 (noarch) [New Version: 5.3.3]:

      php5-pear-5.3.3-0.1.1


References:

   http://support.novell.com/security/cve/CVE-2010-0397.html
   http://support.novell.com/security/cve/CVE-2010-1860.html
   http://support.novell.com/security/cve/CVE-2010-1862.html
   http://support.novell.com/security/cve/CVE-2010-1864.html
   http://support.novell.com/security/cve/CVE-2010-1866.html
   http://support.novell.com/security/cve/CVE-2010-1914.html
   http://support.novell.com/security/cve/CVE-2010-1915.html
   http://support.novell.com/security/cve/CVE-2010-1917.html
   http://support.novell.com/security/cve/CVE-2010-2093.html
   http://support.novell.com/security/cve/CVE-2010-2094.html
   http://support.novell.com/security/cve/CVE-2010-2097.html
   http://support.novell.com/security/cve/CVE-2010-2100.html
   http://support.novell.com/security/cve/CVE-2010-2101.html
   http://support.novell.com/security/cve/CVE-2010-2190.html
   http://support.novell.com/security/cve/CVE-2010-2191.html
   http://support.novell.com/security/cve/CVE-2010-2225.html
   http://support.novell.com/security/cve/CVE-2010-2531.html
   http://support.novell.com/security/cve/CVE-2010-2950.html
   http://support.novell.com/security/cve/CVE-2010-3062.html
   http://support.novell.com/security/cve/CVE-2010-3063.html
   http://support.novell.com/security/cve/CVE-2010-3064.html
   http://support.novell.com/security/cve/CVE-2010-3065.html
   https://bugzilla.novell.com/588975
   https://bugzilla.novell.com/604315
   https://bugzilla.novell.com/604652
   https://bugzilla.novell.com/604654
   https://bugzilla.novell.com/604656
   https://bugzilla.novell.com/605097
   https://bugzilla.novell.com/605100
   https://bugzilla.novell.com/609763
   https://bugzilla.novell.com/609766
   https://bugzilla.novell.com/609768
   https://bugzilla.novell.com/609769
   https://bugzilla.novell.com/612555
   https://bugzilla.novell.com/612556
   https://bugzilla.novell.com/616232
   https://bugzilla.novell.com/619483
   https://bugzilla.novell.com/619486
   https://bugzilla.novell.com/619487
   https://bugzilla.novell.com/619489
   https://bugzilla.novell.com/633932
   https://bugzilla.novell.com/633934
   https://bugzilla.novell.com/636923