openSUSE-SU-2010:0678-1 (important): php5 security update.

openSUSE Security Update: php5 security update. ______________________________________________________________________________ Announcement ID: openSUSE-SU-2010:0678-1 Rating: important References: #604315 #604652 #604654 #605097 #605100 #609763 #609766 #609768 #609769 #612555 #612556 #616232 #619469 #619483 #619486 #619487 #619489 #633932 #636923 Cross-References: CVE-2010-1860 CVE-2010-1862 CVE-2010-1864 CVE-2010-1914 CVE-2010-1915 CVE-2010-1917 CVE-2010-2093 CVE-2010-2094 CVE-2010-2097 CVE-2010-2100 CVE-2010-2101 CVE-2010-2190 CVE-2010-2191 CVE-2010-2225 CVE-2010-2484 CVE-2010-2531 CVE-2010-3062 CVE-2010-3063 CVE-2010-3064 CVE-2010-3065 Affected Products: openSUSE 11.1 ______________________________________________________________________________ An update that fixes 20 vulnerabilities is now available. It includes one version update. Description: PHP was updated to version 5.2.14 to fix several security issues: - [CVE-2010-1860](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1860) - [CVE-2010-1862](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1862) - [CVE-2010-1864](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1864) - [CVE-2010-1914](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1914) - [CVE-2010-1915](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1915) - [CVE-2010-1917](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-1917) - [CVE-2010-2093](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2093) - [CVE-2010-2094](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2094) - [CVE-2010-2097](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2097) - [CVE-2010-2100](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2100) - [CVE-2010-2101](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2101) - [CVE-2010-2190](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2190) - [CVE-2010-2191](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2191) - [CVE-2010-2225](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2225) - [CVE-2010-2484](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2484) - [CVE-2010-2531](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-2531) - [CVE-2010-3062](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3062) - [CVE-2010-3063](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3063) - [CVE-2010-3064](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3064) - [CVE-2010-3065](http://cve.mitre.org/cgi-bin/cvename.cgi?nam e=CVE-2010-3065) Patch Instructions: To install this openSUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - openSUSE 11.1: zypper in -t patch apache2-mod_php5-3213 To bring your system up-to-date, use "zypper patch". Package List: - openSUSE 11.1 (i586 ppc x86_64) [New Version: 5.2.14]: apache2-mod_php5-5.2.14-0.1.1 php5-5.2.14-0.1.1 php5-bcmath-5.2.14-0.1.1 php5-bz2-5.2.14-0.1.1 php5-calendar-5.2.14-0.1.1 php5-ctype-5.2.14-0.1.1 php5-curl-5.2.14-0.1.1 php5-dba-5.2.14-0.1.1 php5-dbase-5.2.14-0.1.1 php5-devel-5.2.14-0.1.1 php5-dom-5.2.14-0.1.1 php5-exif-5.2.14-0.1.1 php5-fastcgi-5.2.14-0.1.1 php5-ftp-5.2.14-0.1.1 php5-gd-5.2.14-0.1.1 php5-gettext-5.2.14-0.1.1 php5-gmp-5.2.14-0.1.1 php5-hash-5.2.14-0.1.1 php5-iconv-5.2.14-0.1.1 php5-imap-5.2.14-0.1.1 php5-json-5.2.14-0.1.1 php5-ldap-5.2.14-0.1.1 php5-mbstring-5.2.14-0.1.1 php5-mcrypt-5.2.14-0.1.1 php5-mysql-5.2.14-0.1.1 php5-ncurses-5.2.14-0.1.1 php5-odbc-5.2.14-0.1.1 php5-openssl-5.2.14-0.1.1 php5-pcntl-5.2.14-0.1.1 php5-pdo-5.2.14-0.1.1 php5-pear-5.2.14-0.1.1 php5-pgsql-5.2.14-0.1.1 php5-posix-5.2.14-0.1.1 php5-pspell-5.2.14-0.1.1 php5-readline-5.2.14-0.1.1 php5-shmop-5.2.14-0.1.1 php5-snmp-5.2.14-0.1.1 php5-soap-5.2.14-0.1.1 php5-sockets-5.2.14-0.1.1 php5-sqlite-5.2.14-0.1.1 php5-suhosin-5.2.14-0.1.1 php5-sysvmsg-5.2.14-0.1.1 php5-sysvsem-5.2.14-0.1.1 php5-sysvshm-5.2.14-0.1.1 php5-tidy-5.2.14-0.1.1 php5-tokenizer-5.2.14-0.1.1 php5-wddx-5.2.14-0.1.1 php5-xmlreader-5.2.14-0.1.1 php5-xmlrpc-5.2.14-0.1.1 php5-xmlwriter-5.2.14-0.1.1 php5-xsl-5.2.14-0.1.1 php5-zip-5.2.14-0.1.1 php5-zlib-5.2.14-0.1.1 References: http://support.novell.com/security/cve/CVE-2010-1860.html http://support.novell.com/security/cve/CVE-2010-1862.html http://support.novell.com/security/cve/CVE-2010-1864.html http://support.novell.com/security/cve/CVE-2010-1914.html http://support.novell.com/security/cve/CVE-2010-1915.html http://support.novell.com/security/cve/CVE-2010-1917.html http://support.novell.com/security/cve/CVE-2010-2093.html http://support.novell.com/security/cve/CVE-2010-2094.html http://support.novell.com/security/cve/CVE-2010-2097.html http://support.novell.com/security/cve/CVE-2010-2100.html http://support.novell.com/security/cve/CVE-2010-2101.html http://support.novell.com/security/cve/CVE-2010-2190.html http://support.novell.com/security/cve/CVE-2010-2191.html http://support.novell.com/security/cve/CVE-2010-2225.html http://support.novell.com/security/cve/CVE-2010-2484.html http://support.novell.com/security/cve/CVE-2010-2531.html http://support.novell.com/security/cve/CVE-2010-3062.html http://support.novell.com/security/cve/CVE-2010-3063.html http://support.novell.com/security/cve/CVE-2010-3064.html http://support.novell.com/security/cve/CVE-2010-3065.html https://bugzilla.novell.com/604315 https://bugzilla.novell.com/604652 https://bugzilla.novell.com/604654 https://bugzilla.novell.com/605097 https://bugzilla.novell.com/605100 https://bugzilla.novell.com/609763 https://bugzilla.novell.com/609766 https://bugzilla.novell.com/609768 https://bugzilla.novell.com/609769 https://bugzilla.novell.com/612555 https://bugzilla.novell.com/612556 https://bugzilla.novell.com/616232 https://bugzilla.novell.com/619469 https://bugzilla.novell.com/619483 https://bugzilla.novell.com/619486 https://bugzilla.novell.com/619487 https://bugzilla.novell.com/619489 https://bugzilla.novell.com/633932 https://bugzilla.novell.com/636923