[Slackit.org] [slackware-security] PHP local security issue (SSA:2004-15

slackit-ml

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Slackit.org] [slackware-security] PHP local security issue (SSA:2004-15

From:	Andrea Guarnaccia
Subject:	[Slackit.org] [slackware-security] PHP local security issue (SSA:2004-154-02)
Date:	Tue, 08 Jun 2004 16:41:13 +0200

[slackware-security]  PHP local security issue (SSA:2004-154-02)

New PHP packages are available for Slackware 8.1, 9.0, 9.1, and -current
to fix a security issue.  These fix a problem in previous Slackware php
packages where linking PHP against a static library in an insecure path
(under /tmp) could allow a local attacker to place shared libraries at
this location causing PHP to crash, or to execute arbitrary code as the
PHP user (which is by default, "nobody").

Thanks to Bryce Nichols for researching and reporting this issue.


Here are the details from the Slackware 9.1 ChangeLog:
+--------------------------+
Wed Jun  2 11:28:17 PDT 2004
patches/packages/php-4.3.6-i486-1.tgz:  Upgraded to php-4.3.6.  This is
  compiled with c-client.a in /usr/local/lib/c-client/ to fix a problem in
  previous php packages where linking against the library in a path under
  /tmp caused an ELF rpath to this location to be built into the PHP binaries.
  A local attacker could (by placing shared libraries in this location) either
  crash PHP or cause arbitrary code to be executed as the PHP user (typically
  "nobody").  Thanks to Bryce Nichols for discovering this issue and bringing
  it to my attention.
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Updated package for Slackware 8.1:
ftp://ftp.slackware.com/pub/slackware/slackware-8.1/patches/packages/php-4.3.6-i386-1.tgz

Updated package for Slackware 9.0:
ftp://ftp.slackware.com/pub/slackware/slackware-9.0/patches/packages/php-4.3.6-i386-1.tgz

Updated package for Slackware 9.1:
ftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/php-4.3.6-i486-1.tgz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/php-4.3.6-i486-4.tgz


MD5 signatures:
+-------------+

Slackware 8.1 package:
cee32e839211a37b0081615b4112b87f  php-4.3.6-i386-1.tgz

Slackware 9.0 package:
eaa0c69981f0aa8cc6b2d4ef0269481c  php-4.3.6-i386-1.tgz

Slackware 9.1 package:
007c48e42d292819b6cdc66e2e8334e0  php-4.3.6-i486-1.tgz

Slackware -current package:
07bcba5e37538f16941141c43006cec1  php-4.3.6-i486-4.tgz


Installation instructions:
+------------------------+

First, stop apache:

# apachectl stop

Next, upgrade the PHP package as root:

# upgradepkg php-4.3.6-i486-1.tgz

Finally, restart apache:

# apachectl start

Or, if you're running a secure server with mod_ssl:

# apachectl startssl


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
address@hidden

signature.asc
Description: Questa parte del messaggio è firmata

[Prev in Thread]

Current Thread

[Next in Thread]

[Slackit.org] [slackware-security] PHP local security issue (SSA:2004-154-02), Andrea Guarnaccia <=

Prev by Date: Re: [Slackit.org] di che pacchetto fa parte
Next by Date: [Slackit.org] [slackware-security] mod_ssl (SSA:2004-154-01)
Previous by thread: [Slackit.org] SCLog - Slackware ChangeLog monitor
Next by thread: [Slackit.org] [slackware-security] mod_ssl (SSA:2004-154-01)
Index(es):
- Date
- Thread