On Fri, Mar 01, 2002 at 11:36:54AM -0500, enrique wrote: > > On Friday, March 1, 2002, at 07:53 AM, [EMAIL PROTECTED] wrote: > > >Anyhow, rh has also issued 7.1 rpms that has been upgraded to 4.0.6, > >this it is possible to use 7.1 together with midgard. > > > > Just thought the midgard crew may be interested in this CERT advisory. > How is this going to affect the latest midgard version? Have a great day. Though I'm very quiet these days (and highly overloaded with business hours' work), let me step in and add some description to this problem. I have been working on this problem past ten days as a part of ALT Linux security updates service. As other Linux vendors, we had the information before CERT advisory was published.
There are bunch of security issues lately (I'm speaking only about already published ones). There are: - buffer overflow in mod_ssl < 2.8.7 which allows to create certificate with mailcious code in it and then execute it on user's side when s/he accepts the certificate (even signed by CA). - huge number of bugs in mod_proxy in Apache 1.3.23 which render it fully non-functional (they are part of very experimental HTTP/1.1 support code). - PHP buffer overflow and remote shell exploits which are not fixed yet in public releases (even 4.1.2) and vendor security updates to 4.0.6 (yes, RH's updates are still having problems with buffer overflow). Hopefully, items 1) and 3) are fixed by both mod_ssl and PHP teams: use mod_ssl 2.8.7 and use PHP4 from CVS branch PHP_4_0_7 (this is 4.1.2 with additional patch which closes remaining problems). Problem 2) is still there, I had to forward port mod_proxy from 1.3.22 to allow it working correctly and patch was 1.5 times greater than the code size itself :(. You can find patch for PHP 4.0.6 attached, it is different from one from PHP's site (that is incomplete). Back to Midgard. We are vulnerable currently unless your are running PHP from PHP_4_0_7 branch checked out yesterday evening or PHP 4.2.0 (cvs). This is inherited problem, not our fault. -- / Alexander Bokovoy Software architect and analyst // SaM-Solutions Ltd. --- I'm successful because I'm lucky. The harder I work, the luckier I get.
PHP_4.0.6_rfc1867.patch.bz2
Description: BZip2 compressed data
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
