OpenPKG CVS Repository
http://cvs.openpkg.org/
____________________________________________________________________________
Server: cvs.openpkg.org Name: Thomas Lotterer
Root: /e/openpkg/cvs Email: [EMAIL PROTECTED]
Module: openpkg-web Date: 22-Jul-2004 16:34:46
Branch: HEAD Handle: 2004072215344401
Added files:
openpkg-web/security OpenPKG-SA-2004.034-php.txt
Modified files:
openpkg-web security.txt security.wml
Log:
SA-2004.034-php; CAN-2004-0594, CAN-2004-0595
Summary:
Revision Changes Path
1.88 +2 -0 openpkg-web/security.txt
1.109 +2 -0 openpkg-web/security.wml
1.1 +85 -0 openpkg-web/security/OpenPKG-SA-2004.034-php.txt
____________________________________________________________________________
patch -p0 <<'@@ .'
Index: openpkg-web/security.txt
============================================================================
$ cvs diff -u -r1.87 -r1.88 security.txt
--- openpkg-web/security.txt 20 Jul 2004 07:59:49 -0000 1.87
+++ openpkg-web/security.txt 22 Jul 2004 14:34:44 -0000 1.88
@@ -1,3 +1,5 @@
+22-Jul-2004: Security Advisory: S<OpenPKG-SA-2004.034-php>
+22-Jul-2004: Security Advisory: S<OpenPKG-SA-2004.033-samba>
16-Jul-2004: Security Advisory: S<OpenPKG-SA-2004.032-apache>
08-Jul-2004: Security Advisory: S<OpenPKG-SA-2004.031-dhcpd>
06-Jul-2004: Security Advisory: S<OpenPKG-SA-2004.030-png>
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/security.wml
============================================================================
$ cvs diff -u -r1.108 -r1.109 security.wml
--- openpkg-web/security.wml 20 Jul 2004 07:59:49 -0000 1.108
+++ openpkg-web/security.wml 22 Jul 2004 14:34:44 -0000 1.109
@@ -76,6 +76,8 @@
</define-tag>
<box bdwidth=1 bdcolor="#a5a095" bdspace=10 bgcolor="#e5e0d5">
<table cellspacing=0 cellpadding=0 border=0>
+ <sa 2004.034 php>
+ <sa 2004.033 samba>
<sa 2004.032 apache>
<sa 2004.031 dhcpd>
<sa 2004.030 png>
@@ .
patch -p0 <<'@@ .'
Index: openpkg-web/security/OpenPKG-SA-2004.034-php.txt
============================================================================
$ cvs diff -u -r0 -r1.1 OpenPKG-SA-2004.034-php.txt
--- /dev/null 2004-07-22 16:34:45 +0200
+++ OpenPKG-SA-2004.034-php.txt 2004-07-22 16:34:45 +0200
@@ -0,0 +1,85 @@
+#FIXME, this is a template
+#FIXME, the first three lines are just dummies
+#FIXME, to help comparing this against sibling signed documents
+________________________________________________________________________
+
+OpenPKG Security Advisory The OpenPKG Project
+http://www.openpkg.org/security.html http://www.openpkg.org
[EMAIL PROTECTED] [EMAIL PROTECTED]
+OpenPKG-SA-2004.034 22-Jul-2004
+________________________________________________________________________
+
+Package: php, apache (option "with_mod_php" only)
+Vulnerability: XSS; remote code execution
+OpenPKG Specific: no
+
+Affected Releases: Affected Packages: Corrected Packages:
+OpenPKG CURRENT <= php-4.3.7-20040611 >= php-4.3.8-20040714
+ <= apache-1.3.31-20040713 >= apache-1.3.31-20040714
+OpenPKG 2.1 none N.A.
+OpenPKG 2.0 <= php-4.3.4-2.0.0 >= php-4.3.4-2.0.1
+ <= apache-1.3.29-2.0.4 >= apache-1.3.29-2.0.5
+
+Dependent Packages: none
+
+Description:
+ According to a PHP [0] security advisory [1] from Stefan Esser the
+ commonly used memory_limit functionality in PHP 4.x up to 4.3.7 under
+ certain conditions allows remote attackers to execute arbitrary
+ code by triggering a memory_limit abort during execution of the
+ zend_hash_init function. The Common Vulnerabilities and Exposures
+ (CVE) project assigned the id CAN-2004-0594 [2] to the problem.
+
+ According to another security advisory [3] from Stefan Esser the
+ strip_tags function in PHP 4.x up to 4.3.7 does not filter NUL
+ characters within tag names, allowing dangerous tags to be processed
+ by certain web browsers and facilitate the exploitation of cross-site
+ scripting (XSS) vulnerabilities. The Common Vulnerabilities and
+ Exposures (CVE) project assigned the id CAN-2004-0595 [4] to the
+ problem.
+
+ Please check whether you are affected by running "<prefix>/bin/rpm
+ -q php". If you have the "php" package installed and its version is
+ affected (see above), we recommend that you immediately upgrade it
+ (see Solution) [5][6].
+
+Solution:
+ Select the updated source RPM appropriate for your OpenPKG release
+ [7], fetch it from the OpenPKG FTP service [8] or a mirror location,
+ verify its integrity [9], build a corresponding binary RPM from it [5]
+ and update your OpenPKG installation by applying the binary RPM [6].
+ For the affected release OpenPKG 2.0, perform the following operations
+ to permanently fix the security problem (for other releases adjust
+ accordingly).
+
+ $ ftp ftp.openpkg.org
+ ftp> bin
+ ftp> cd release/2.1/UPD
+ ftp> get php-4.3.4-2.0.1.src.rpm
+ ftp> bye
+ $ <prefix>/bin/openpkg rpm -v --checksig php-4.3.4-2.0.1.src.rpm
+ $ <prefix>/bin/openpkg rpm --rebuild php-4.3.4-2.0.1.src.rpm
+ $ su -
+ # <prefix>/bin/openpkg rpm -Fvh <prefix>/RPM/PKG/php-4.3.4-2.0.1.*.rpm
+________________________________________________________________________
+
+References:
+ [0] http://www.php.net/
+ [1] http://security.e-matters.de/advisories/112004.html
+ [2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0594
+ [3] http://security.e-matters.de/advisories/122004.html
+ [4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-0595
+ [5] http://www.openpkg.org/tutorial.html#regular-source
+ [6] http://www.openpkg.org/tutorial.html#regular-binary
+ [7] ftp://ftp.openpkg.org/release/2.0/UPD/php-4.3.4-2.0.1.src.rpm
+ [8] ftp://ftp.openpkg.org/release/2.0/UPD/
+ [9] http://www.openpkg.org/security.html#signature
+________________________________________________________________________
+
+For security reasons, this advisory was digitally signed with the
+OpenPGP public key "OpenPKG <[EMAIL PROTECTED]>" (ID 63C4CB9F) of the
+OpenPKG project which you can retrieve from http://pgp.openpkg.org and
+hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org/
+for details on how to verify the integrity of this advisory.
+________________________________________________________________________
+
@@ .
______________________________________________________________________
The OpenPKG Project www.openpkg.org
CVS Repository Commit List [EMAIL PROTECTED]
