Forum: >>> Magnum BBS <<<

[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities (

From Thijs Kinkhorst@1:229/2 to All on Mon May 4 23:00:16 2009

From: [email protected]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- ------------------------------------------------------------------------ Debian Security Advisory DSA-1789-1 [email protected] http://www.debian.org/security/ Thijs Kinkhorst
May 04, 2009 http://www.debian.org/security/faq
- ------------------------------------------------------------------------

Package : php5
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-2107 CVE-2008-2108 CVE-2008-5557 CVE-2008-5624
CVE-2008-5658 CVE-2008-5814 CVE-2009-0754 CVE-2009-1271
Debian Bugs : 507101 507857 508021 511493 523028 523049

Several remote vulnerabilities have been discovered in the PHP 5
hypertext preprocessor. The Common Vulnerabilities and Exposures
project identifies the following problems.

The following four vulnerabilities have already been fixed in the stable (lenny) version of php5 prior to the release of lenny. This update now addresses them for etch (oldstable) aswell:

CVE-2008-2107 / CVE-2008-2108

The GENERATE_SEED macro has several problems that make predicting
generated random numbers easier, facilitating attacks against measures
that use rand() or mt_rand() as part of a protection.

CVE-2008-5557

A buffer overflow in the mbstring extension allows attackers to execute
arbitrary code via a crafted string containing an HTML entity.

CVE-2008-5624

The page_uid and page_gid variables are not correctly set, allowing
use of some functionality intended to be restricted to root.

CVE-2008-5658

Directory traversal vulnerability in the ZipArchive::extractTo function
allows attackers to write arbitrary files via a ZIP file with a file
whose name contains .. (dot dot) sequences.

This update also addresses the following three vulnerabilities for both oldstable (etch) and stable (lenny):

CVE-2008-5814

Cross-site scripting (XSS) vulnerability, when display_errors is enabled,
allows remote attackers to inject arbitrary web script or HTML.

CVE-2009-0754

When running on Apache, PHP allows local users to modify behavior of
other sites hosted on the same web server by modifying the
mbstring.func_overload setting within .htaccess, which causes this
setting to be applied to other virtual hosts on the same server.

CVE-2009-1271

The JSON_parser function allows a denial of service (segmentation fault)
via a malformed string to the json_decode API function.

Furthermore, two updates originally scheduled for the next point update for oldstable are included in the etch package:

* Let PHP use the system timezone database instead of the embedded
timezone database which is out of date.

* From the source tarball, the unused 'dbase' module has been removed
which contained licensing problems.

For the old stable distribution (etch), these problems have been fixed in version 5.2.0+dfsg-8+etch15.

For the stable distribution (lenny), these problems have been fixed in
version 5.2.6.dfsg.1-1+lenny3.

For the unstable distribution (sid), these problems have been fixed in
version 5.2.9.dfsg.1-1.

We recommend that you upgrade your php5 package.

Upgrade instructions
- --------------------

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 4.0 alias etch
- -------------------------------

Source archives:

http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch15.diff.gz
Size/MD5 checksum: 130902 27d7683a1388c69479b06ac1162e27a2
http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch15.dsc
Size/MD5 checksum: 1993 68d631a7860f0fc34516cc8bbf2938a5
http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg.orig.tar.gz
Size/MD5 checksum: 8431973 956486a588c577616a5008d185e84968

Architecture independent packages:

http://security.debian.org/pool/updates/main/p/php5/php5_5.2.0+dfsg-8+etch15_all.deb
Size/MD5 checksum: 1044 a6e0b8f0547c74c498749d28dac8b92f
http://security.debian.org/pool/updates/main/p/php5/php-pear_5.2.0+dfsg-8+etch15_all.deb
Size/MD5 checksum: 312534 c5fb5dc9ccfe7dfaabce6c5f6f289549

alpha architecture (DEC Alpha)

http://security.debian.org/pool/updates/main/p/php5/php5-mhash_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 5312 f2543060aaf1a8cb00a142d77c7d727f
http://security.debian.org/pool/updates/main/p/php5/php5-pgsql_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 55670 96ebda392780698ae80441a9021c8b4a
http://security.debian.org/pool/updates/main/p/php5/php5-common_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 221226 9af42f2646efbe5c43482e9333e17bff
http://security.debian.org/pool/updates/main/p/php5/php5-sqlite_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 38922 8a9111577f3ea3021ea6e5d6b2021306
http://security.debian.org/pool/updates/main/p/php5/libapache2-mod-php5_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 2487846 c371adc12b1ff1297a3b1dde1294eca3
http://security.debian.org/pool/updates/main/p/php5/php5-mysql_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 70954 9f948ebf6a836d954a713f194703db84
http://security.debian.org/pool/updates/main/p/php5/php5-cgi_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 4789370 31123ee20c392c73aeb5927077457e5c
http://security.debian.org/pool/updates/main/p/php5/libapache-mod-php5_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 2487508 7cf62cb8552389fc0fbb8197b7de3808
http://security.debian.org/pool/updates/main/p/php5/php5-ldap_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 18612 a9322e7cbf565373df7bb13ede5b140e
http://security.debian.org/pool/updates/main/p/php5/php5-cli_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 2412536 a61c4e23f2b41757d8cd98f2c25e8f3a
http://security.debian.org/pool/updates/main/p/php5/php5-xmlrpc_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 40296 a7dc0d924077f01cc7341d5ab5592151
http://security.debian.org/pool/updates/main/p/php5/php5-gd_5.2.0+dfsg-8+etch15_alpha.deb
Size/MD5 checksum: 36648 4c4fac1064c51938b08d8ce444317503

[continued in next message]

--- SoupGate-Win32 v1.05
* Origin: you cannot sedate... all the things you hate (1:229/2)

Who's Online
Recent Visitors
- Krenn
  Sun Jun 7 01:30:12 2026
  from Sydney, Nsw via Telnet
- Centurion
  Sat Jun 6 23:27:30 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Sat Jun 6 15:42:53 2026
  from Sheboygan, Wi via Telnet
- Centurion
  Sat Jun 6 15:32:28 2026
  from Berea, Ohio via Telnet
- Krenn
  Sat Jun 6 11:38:56 2026
  from Sydney, Nsw via Telnet
- Furryboy
  Sat Jun 6 10:56:29 2026
  from Romania, Galati via SSH
- Centurion
  Fri Jun 5 22:28:01 2026
  from Berea, Ohio via Telnet
- Ab Cadd
  Fri Jun 5 17:52:51 2026
  from Sheboygan, Wi via Telnet

System Info

Sysop:	Keyop
Location:	Huddersfield, West Yorkshire, UK
Users:	715
Nodes:	16 (2 / 14)
Uptime:	156:59:08
Calls:	12,093
Calls today:	1
Files:	15,000
Messages:	6,517,746

[SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities (

Who's Online

Recent Visitors

System Info