announce August 2005

announce@lists.centos.org

6 participants
112 discussions

CESA-2005:0831-001 Important CentOS 4 x86_64 php - security update (CENTOSPLUS only)
by Johnny Hughes 01 Sep '05

01 Sep '05

CentOS Errata and Security Advisory 2005:0831-001 Important CentOS 4 x86_64 php - security update This CESA is for the version of php is that is included in the centosplus repo for CentOS-4 ... this is not an update to the main CentOS-4 repo. ---------------- Name : php Relocations: (not relocatable) Version : 5.0.4 Vendor: CentOS Release : 3.centos4 Build Date: 31 Aug 2005 12:15:26 AM UTC Install Date: (not installed) Build Host: x8664-build Group : Development/Languages Source RPM: php-5.0.4-3.centos4.src.rpm License: The PHP License Packager : Johnny Hughes <johnny(a)centos.org> URL : http://www.php.net/ Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. ---------------- Update Information: This update is considered important by the CentOS Development Team. A bug was discovered in the PEAR XML-RPC Server package included in PHP. If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2498 to this issue. All Users of PHP-5 from the CentOSPlus Repo should upgrade to these updated packages. More info is available at: http://rhn.redhat.com/errata/RHSA-2005-748.html https://www.redhat.com/archives/fedora-announce-list/2005-August/msg00118.h… ------------------------ The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: php-5.0.4-3.centos4.x86_64.rpm php-bcmath-5.0.4-3.centos4.x86_64.rpm php-dba-5.0.4-3.centos4.x86_64.rpm php-devel-5.0.4-3.centos4.x86_64.rpm php-gd-5.0.4-3.centos4.x86_64.rpm php-imap-5.0.4-3.centos4.x86_64.rpm php-ldap-5.0.4-3.centos4.x86_64.rpm php-mbstring-5.0.4-3.centos4.x86_64.rpm php-mysql-5.0.4-3.centos4.x86_64.rpm php-ncurses-5.0.4-3.centos4.x86_64.rpm php-odbc-5.0.4-3.centos4.x86_64.rpm php-pear-5.0.4-3.centos4.x86_64.rpm php-pgsql-5.0.4-3.centos4.x86_64.rpm php-snmp-5.0.4-3.centos4.x86_64.rpm php-soap-5.0.4-3.centos4.x86_64.rpm php-xml-5.0.4-3.centos4.x86_64.rpm php-xmlrpc-5.0.4-3.centos4.x86_64.rpm src: php-5.0.4-3.centos4.src.rpm

1 0

CESA-2005:0831-001 Important CentOS 4 i386 php - security update (CENTOSPLUS only)
by Johnny Hughes 01 Sep '05

01 Sep '05

CentOS Errata and Security Advisory 2005:0831-001 Important CentOS 4 i386 php - security update This CESA is for the version of php is that is included in the centosplus repo for CentOS-4 ... this is not an update to the main CentOS-4 repo. ---------------- Name : php Relocations: (not relocatable) Version : 5.0.4 Vendor: CentOS Release : 3.centos4 Build Date: 31 Aug 2005 12:15:26 AM UTC Install Date: (not installed) Build Host: C4i386-build Group : Development/Languages Source RPM: php-5.0.4-3.centos4.src.rpm License: The PHP License Packager : Johnny Hughes <johnny(a)centos.org> URL : http://www.php.net/ Summary : The PHP HTML-embedded scripting language. (PHP: Hypertext Preprocessor) Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated webpages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The mod_php module enables the Apache Web server to understand and process the embedded PHP language in Web pages. ---------------- Update Information: This update is considered important by the CentOS Development Team. A bug was discovered in the PEAR XML-RPC Server package included in PHP. If a PHP script is used which implements an XML-RPC Server using the PEAR XML-RPC package, then it is possible for a remote attacker to construct an XML-RPC request which can cause PHP to execute arbitrary PHP commands as the 'apache' user. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-2498 to this issue. All Users of PHP-5 from the CentOSPlus Repo should upgrade to these updated packages. More info is available at: http://rhn.redhat.com/errata/RHSA-2005-748.html https://www.redhat.com/archives/fedora-announce-list/2005-August/msg00118.h… ------------------------ The following updated files have been uploaded and are currently syncing to the mirrors: i386: php-5.0.4-3.centos4.i386.rpm php-bcmath-5.0.4-3.centos4.i386.rpm php-dba-5.0.4-3.centos4.i386.rpm php-devel-5.0.4-3.centos4.i386.rpm php-gd-5.0.4-3.centos4.i386.rpm php-imap-5.0.4-3.centos4.i386.rpm php-ldap-5.0.4-3.centos4.i386.rpm php-mbstring-5.0.4-3.centos4.i386.rpm php-mysql-5.0.4-3.centos4.i386.rpm php-ncurses-5.0.4-3.centos4.i386.rpm php-odbc-5.0.4-3.centos4.i386.rpm php-pear-5.0.4-3.centos4.i386.rpm php-pgsql-5.0.4-3.centos4.i386.rpm php-snmp-5.0.4-3.centos4.i386.rpm php-soap-5.0.4-3.centos4.i386.rpm php-xml-5.0.4-3.centos4.i386.rpm php-xmlrpc-5.0.4-3.centos4.i386.rpm src: php-5.0.4-3.centos4.src.rpm

1 0

CESA-2005:267 Important CentOS 3 i386 Evolution - security update
by seth vidal 31 Aug '05

31 Aug '05

1 0

CESA-2005:267 Important CentOS 3 x86_64 Evolution - security update
by seth vidal 31 Aug '05

31 Aug '05

CentOS Errata and Security Advisory 2005:267 https://rhn.redhat.com/errata/RHSA-2005-267.html The following updated files have been uploaded and are currently syncing to the mirrors: x86_64: updates/x86_64/RPMS/evolution-1.4.5-16.x86_64.rpm updates/x86_64/RPMS/evolution-devel-1.4.5-16.x86_64.rpm apply these updates by running: yum update evolution\* I'm sorry about this update taking a full day to come out. I encountered some problems getting the x86_64 build to complete correctly. They were worked out. Again, my apologies. Thanks, -sv

1 0

CESA-2005:267 Important CentOS 4 s390(x) Evolution - security update
by Pasi Pirhonen 30 Aug '05

30 Aug '05

CentOS Errata and Security Advisory 2005:267 https://rhn.redhat.com/errata/RHSA-2005-267.html The following updated files have been uploaded and are currently syncing to the mirrors: s390: updates/s390/RPMS/evolution-2.0.2-16.3.s390.rpm updates/s390/RPMS/evolution-devel-2.0.2-16.3.s390.rpm s390x: updates/s390x/RPMS/evolution-2.0.2-16.3.s390x.rpm updates/s390x/RPMS/evolution-devel-2.0.2-16.3.s390x.rpm -- Pasi Pirhonen - upi(a)iki.fi - http://iki.fi/upi/

1 0

CESA-2005:267 Important CentOS 3 s390(x) Evolution - security update
by Pasi Pirhonen 30 Aug '05

30 Aug '05

CentOS Errata and Security Advisory 2005:267 https://rhn.redhat.com/errata/RHSA-2005-267.html The following updated files have been uploaded and are currently syncing to the mirrors: s390: updates/s390/RPMS/evolution-1.4.5-16.s390.rpm updates/s390/RPMS/evolution-devel-1.4.5-16.s390.rpm s390x: updates/s390x/RPMS/evolution-1.4.5-16.s390x.rpm updates/s390x/RPMS/evolution-devel-1.4.5-16.s390x.rpm -- Pasi Pirhonen - upi(a)iki.fi - http://iki.fi/upi/

1 0

CESA-2005:267 Important CentOS 4 x86_64 Evolution - security update
by Johnny Hughes 30 Aug '05

30 Aug '05

2 1

CESA-2005:267 Important CentOS 4 i386 Evolution - security update
by Johnny Hughes 30 Aug '05

30 Aug '05

1 0

CESA-2005:267 Important CentOS 3 ia64 Evolution - security update
by Pasi Pirhonen 29 Aug '05

29 Aug '05

1 0

CESA-2005:267 Important CentOS 4 ia64 Evolution - security update
by Pasi Pirhonen 29 Aug '05

29 Aug '05

1 0

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

announce August 2005