|
PHP Group Exif Module IFD Tag Integer Overflow Vulnerability
Solution: Avaya has released an advisory (ASA-2005-136) that acknowledges this vulnerability for Avaya products. Please see the referenced Avaya advisory for further details. Conectiva has released an advisory (CLSA-2005:955) and fixes to address this and other issues. Please see the referenced advisory for further information regarding obtaining and applying appropriate updates. Turbolinux has released advisory TLSA-2005-50 along with fixes dealing with this and other issues. Please see the referenced advisory for more information. Peachtree Linux has released an advisory (PLSN-0001) including updated packages to address this issue. Please see the referenced advisory for more information. Ubuntu has released advisory USN-112-1 to provide fixes for this issue. Please see the attached advisory for further information on obtaining and applying fixes. This issue has been addressed in PHP 4.3.11. Gentoo Linux has released advisory GLSA 200504-15 dealing with this issue. Gentoo advises that all users upgrade their packages by executing the following commands with superuser privileges: emerge --sync emerge --ask --oneshot --verbose ">=dev-php/php-4.3.11" All mod_php users should upgrade to the latest version: emerge --sync emerge --ask --oneshot --verbose ">=dev-php/mod_php-4.3.11" All php-cgi users should upgrade to the latest version: emerge --sync emerge --ask --oneshot --verbose ">=dev-php/php-cgi-4.3.11" For more information, please see the referenced Gentoo Linux advisory. RedHat Fedora has released advisory FEDORA-2005-315 for their Core 3 product. Please see the referenced advisory for more information. Mandriva has released advisory MDKSA-2005:072 to address these issues. Please see the attached advisory for details on obtaining and applying fixes. Red Hat released advisory RHSA-2005:405-06 as well as fixes to address this and other issues on Red Hat Linux Enterprise platforms. Customers who are affected by this issue are advised to apply the appropriate updates. Customers subscribed to the Red Hat Network may apply the appropriate fixes using the Red Hat Update Agent (up2date). Please see referenced advisories for additional information. SuSE has released advisory SUSE-SR:2005:012 and fixes for this issue. Fixes can be obtained through the SuSE FTP server or by using the YaST Online Update. SGI has released an advisory 20050501-01-U including updated SGI ProPack 3 Service Pack 5 packages to address this BID and other issues. Please see the referenced advisory for more information. Apple has released security advisory APPLE-SA-2005-06-08 along with fixes dealing with this issue for Mac OS X 10.4.1 and Mac OS X 10.3.9. Please see the referenced advisory for more information. RedHat Fedora has released Fedora Legacy security advisory FLSA:155505 addressing this issue. Please see the referenced advisory for further information. Apple Mac OS X Server 10.3.9
Apple Mac OS X 10.3.9
Apple Mac OS X Server 10.4.1
Apple Mac OS X 10.4.1
PHP PHP 4.3
PHP PHP 4.3.1
PHP PHP 4.3.10
PHP PHP 4.3.2
PHP PHP 4.3.3
PHP PHP 4.3.4
PHP PHP 4.3.5
PHP PHP 4.3.6
PHP PHP 4.3.7
PHP PHP 4.3.8
PHP PHP 4.3.9
|
|
 Privacy Statement |
