Oval Definition:oval:com.redhat.rhsa:def:20060730
Revision Date:2006-11-06Version:639
Title:RHSA-2006:0730: php security update (Important)
Description:PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server.

The Hardened-PHP Project discovered an overflow in the PHP htmlentities() and htmlspecialchars() routines. If a PHP script used the vulnerable functions to parse UTF-8 data, a remote attacker sending a carefully crafted request could trigger the overflow and potentially execute arbitrary code as the 'apache' user. (CVE-2006-5465)

Users of PHP should upgrade to these updated packages which contain a backported patch to correct this issue.
Family:unixClass:patch
Status:Reference(s):CVE-2006-5465
RHSA-2006:0730
RHSA-2006:0730-01
RHSA-2006:0730-01
Platform(s):Red Hat Enterprise Linux 3
Red Hat Enterprise Linux 4
Product(s):
Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 3 is installed
  • AND
  • php is earlier than 0:4.3.2-37.ent
  • AND php is signed with Red Hat master key
  • php-pgsql is earlier than 0:4.3.2-37.ent
  • AND php-pgsql is signed with Red Hat master key
  • php-mysql is earlier than 0:4.3.2-37.ent
  • AND php-mysql is signed with Red Hat master key
  • php-devel is earlier than 0:4.3.2-37.ent
  • AND php-devel is signed with Red Hat master key
  • php-ldap is earlier than 0:4.3.2-37.ent
  • AND php-ldap is signed with Red Hat master key
  • php-odbc is earlier than 0:4.3.2-37.ent
  • AND php-odbc is signed with Red Hat master key
  • php-imap is earlier than 0:4.3.2-37.ent
  • AND php-imap is signed with Red Hat master key
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • php-ldap is earlier than 0:4.3.9-3.22
  • AND php-ldap is signed with Red Hat master key
  • php-devel is earlier than 0:4.3.9-3.22
  • AND php-devel is signed with Red Hat master key
  • php-imap is earlier than 0:4.3.9-3.22
  • AND php-imap is signed with Red Hat master key
  • php-gd is earlier than 0:4.3.9-3.22
  • AND php-gd is signed with Red Hat master key
  • php-pgsql is earlier than 0:4.3.9-3.22
  • AND php-pgsql is signed with Red Hat master key
  • php-xmlrpc is earlier than 0:4.3.9-3.22
  • AND php-xmlrpc is signed with Red Hat master key
  • php-odbc is earlier than 0:4.3.9-3.22
  • AND php-odbc is signed with Red Hat master key
  • php-mysql is earlier than 0:4.3.9-3.22
  • AND php-mysql is signed with Red Hat master key
  • php is earlier than 0:4.3.9-3.22
  • AND php is signed with Red Hat master key
  • php-snmp is earlier than 0:4.3.9-3.22
  • AND php-snmp is signed with Red Hat master key
  • php-ncurses is earlier than 0:4.3.9-3.22
  • AND php-ncurses is signed with Red Hat master key
  • php-domxml is earlier than 0:4.3.9-3.22
  • AND php-domxml is signed with Red Hat master key
  • php-mbstring is earlier than 0:4.3.9-3.22
  • AND php-mbstring is signed with Red Hat master key
  • php-pear is earlier than 0:4.3.9-3.22
  • AND php-pear is signed with Red Hat master key
    • Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 4 is installed
  • AND
  • php is earlier than 0:4.3.9-3.22
  • AND php is signed with Red Hat redhatrelease2 key
  • php-devel is earlier than 0:4.3.9-3.22
  • AND php-devel is signed with Red Hat redhatrelease2 key
  • php-domxml is earlier than 0:4.3.9-3.22
  • AND php-domxml is signed with Red Hat redhatrelease2 key
  • php-gd is earlier than 0:4.3.9-3.22
  • AND php-gd is signed with Red Hat redhatrelease2 key
  • php-imap is earlier than 0:4.3.9-3.22
  • AND php-imap is signed with Red Hat redhatrelease2 key
  • php-ldap is earlier than 0:4.3.9-3.22
  • AND php-ldap is signed with Red Hat redhatrelease2 key
  • php-mbstring is earlier than 0:4.3.9-3.22
  • AND php-mbstring is signed with Red Hat redhatrelease2 key
  • php-mysql is earlier than 0:4.3.9-3.22
  • AND php-mysql is signed with Red Hat redhatrelease2 key
  • php-ncurses is earlier than 0:4.3.9-3.22
  • AND php-ncurses is signed with Red Hat redhatrelease2 key
  • php-odbc is earlier than 0:4.3.9-3.22
  • AND php-odbc is signed with Red Hat redhatrelease2 key
  • php-pear is earlier than 0:4.3.9-3.22
  • AND php-pear is signed with Red Hat redhatrelease2 key
  • php-pgsql is earlier than 0:4.3.9-3.22
  • AND php-pgsql is signed with Red Hat redhatrelease2 key
  • php-snmp is earlier than 0:4.3.9-3.22
  • AND php-snmp is signed with Red Hat redhatrelease2 key
  • php-xmlrpc is earlier than 0:4.3.9-3.22
  • AND php-xmlrpc is signed with Red Hat redhatrelease2 key
    • BACK