The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of PHP: several vulnerabilities

Synthesis of the vulnerability 

An attacker can use several vulnerabilities of PHP in order to conduct a denial of service or to execute code.
Impacted systems: Debian, Fedora, HP-UX, NSM Central Manager, NSMXpress, Mandriva Linux, Mandriva NF, NLD, OES, openSUSE, PHP, RHEL, Slackware, SLES, TurboLinux.
Severity of this alert: 3/4.
Number of vulnerabilities in this bulletin: 14.
Creation date: 31/08/2007.
Revisions dates: 06/09/2007, 11/09/2007, 26/10/2007.
Références of this alert: BID-24922, BID-25498, BID-49631, CERTA-2007-AVI-388, CERTA-2008-AVI-002, CERTA-2008-AVI-239, CVE-2007-3378, CVE-2007-3806, CVE-2007-3996, CVE-2007-3997, CVE-2007-3998, CVE-2007-4652, CVE-2007-4657, CVE-2007-4658, CVE-2007-4659, CVE-2007-4660, CVE-2007-4661, CVE-2007-4662, CVE-2007-4663, CVE-2007-4670, CVE-2007-4784, CVE-2008-0145, DSA-1444-2, DSA-1578-1, DSA-1613-1, emr_na-c01345501-1, emr_na-c01438646, FEDORA-2007-2215, FEDORA-2007-709, HPSBUX02308, HPSBUX02332, MDKSA-2007:187, MDVSA-2008:125, MDVSA-2008:126, MDVSA-2008:127, MDVSA-2008:128, MDVSA-2008:129, MDVSA-2008:130, MDVSA-2009:264, PSN-2012-11-767, RHSA-2007:0888-01, RHSA-2007:0889-01, RHSA-2007:0890-02, RHSA-2007:0891-01, RHSA-2007:0917-01, SSA:2007-255-03, SSRT080010, SSRT080056, SUSE-SA:2008:004, TLSA-2008-27, VIGILANCE-VUL-7139.

Description of the vulnerability 

Several vulnerabilities were announced in PHP.

A floating point exception can occur in wordwrap(). [severity:3/4; CVE-2007-3998]

Several integer overflows can occur in the gd extension. [severity:3/4; CERTA-2007-AVI-388, CVE-2007-3996]

A size computation error occurs in chunk_split(). [severity:3/4; CVE-2007-4660, CVE-2007-4661]

An integer overflow occurs in strspn() and strcspn(). [severity:3/4; CVE-2007-4657]

An error occurs in money_format() when several "%n" or "%i" parameters are used. [severity:3/4; CVE-2007-4658]

The zend_alter_ini_entry() function can be used to bypass memory limit. [severity:3/4; CVE-2007-4659]

When MySQL extension is installed, an "INFILE LOCAL" query permits to create a file bypassing open_basedir directive. [severity:3/4; CVE-2007-3997]

An attacker can bypass open_basedir and safe_mode via session.save_path and error_log (VIGILANCE-VUL-6946). [severity:3/4; CERTA-2008-AVI-002, CVE-2007-3378]

An attacker can create a script using glob() in order to generate a denial of service or to execute code (VIGILANCE-VUL-7011). [severity:3/4; BID-24922, CVE-2007-3806]

A buffer overflow can occur in php_openssl_make_REQ() function. [severity:3/4; CVE-2007-4662]

The glob() function permits to bypass open_basedir. [severity:3/4; BID-49631, CVE-2007-4663, CVE-2008-0145]

A symbolic link of the session file permits to bypass open_basedir. [severity:3/4; CVE-2007-4652]

An attacker can use the setlocale() function with a long parameter in order to generate a segmentation error. [severity:3/4; CVE-2007-4784]

An attacker can exploit a vulnerability in PHP session cookie handling in order to stop a user to visit a vulnerable web page if this one visited before a malicious web page. [severity:3/4; CVE-2007-4670]

These vulnerabilities are local or remote depending on context.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness bulletin impacts software or systems such as Debian, Fedora, HP-UX, NSM Central Manager, NSMXpress, Mandriva Linux, Mandriva NF, NLD, OES, openSUSE, PHP, RHEL, Slackware, SLES, TurboLinux.

Our Vigil@nce team determined that the severity of this computer weakness is important.

The trust level is of type confirmed by the editor, with an origin of internet client.

This bulletin is about 14 vulnerabilities.

A proof of concept or an attack tool is available, so your teams have to process this alert. An attacker with a beginner ability can exploit this vulnerability announce.

Solutions for this threat 

PHP: version 5.2.4.
Version 5.2.4 is corrected:
  http://www.php.net/

Debian 4.0: new php5 packages.
New packages are available:
  http://security.debian.org/pool/updates/main/p/php5/php5*_5.2.0-8+etch10_*.deb

Debian: new libgd2 packages.
New packages are available:
  http://security.debian.org/pool/updates/main/libg/libgd2/libgd2*_2.0.33-5.2etch1_*.deb

Debian: new php4 packages.
New packages are available:
  http://security.debian.org/pool/updates/main/p/php4/php4-*_4.4.4-8+etch6_*.deb

Fedora 7: new php packages.
New packages are available:
  php-5.2.4-1.fc7

Fedora Core 6: new php packages.
New packages are available:
    http://download.fedora.redhat.com/pub/fedora/linux/core/updates/6/
40617402ea17756914cc16cff8761708f4c84c8a SRPMS/php-5.1.6-3.7.fc6.src.rpm
40617402ea17756914cc16cff8761708f4c84c8a noarch/php-5.1.6-3.7.fc6.src.rpm
156a661d38364742764006f44e56c9db5a05a99c ppc/php-soap-5.1.6-3.7.fc6.ppc.rpm
c6b3a2282c55e53ce402f389fb9d67ac0803abe4 ppc/php-common-5.1.6-3.7.fc6.ppc.rpm
3b26a05eb9ef1df3144b096957270b93e201c74a ppc/php-mysql-5.1.6-3.7.fc6.ppc.rpm
1f66d45592fc6bbe44c44cd4352e92366d5504d0 ppc/php-xml-5.1.6-3.7.fc6.ppc.rpm
8bfa0fee16749a42cc181ad0c68f66ff5e08974c ppc/php-bcmath-5.1.6-3.7.fc6.ppc.rpm
f6f7f8e99e028fb007cc3566620a00dd68f33731 ppc/php-odbc-5.1.6-3.7.fc6.ppc.rpm
87e606c35c72878af5625e884a57b44d0b731446 ppc/php-imap-5.1.6-3.7.fc6.ppc.rpm
3265cb00d4f29a37e6ea50cc8676fd4e5f75226d ppc/php-mbstring-5.1.6-3.7.fc6.ppc.rpm
2da81f62336b2b3c241bc0fa424caeaa47a2d15a ppc/php-pdo-5.1.6-3.7.fc6.ppc.rpm
4066cee3f7a00a4cd59225210d9e4cfae6d2d1cd ppc/php-ldap-5.1.6-3.7.fc6.ppc.rpm
dcef339b4b7b21e58fbe65c79046e7d1b7c62739 ppc/php-cli-5.1.6-3.7.fc6.ppc.rpm
b8d1be39ee2913152baa65a79c3bb0927a0a91bc ppc/debug/php-debuginfo-5.1.6-3.7.fc6.ppc.rpm
68d3da614e1e0bae323fc0f0a0ec053366f16b44 ppc/php-5.1.6-3.7.fc6.ppc.rpm
e4ed88cee8ca8ba54d10b01a3640e6281475b9ad ppc/php-pgsql-5.1.6-3.7.fc6.ppc.rpm
ea20e1498063bc81abd19a96b8132ca7977b4762 ppc/php-dba-5.1.6-3.7.fc6.ppc.rpm
3869a097c54388ff5141b54a0ce00b8d452b1550 ppc/php-ncurses-5.1.6-3.7.fc6.ppc.rpm
355f42e6b1abbf0305cd9c70717972c25d8c0892 ppc/php-gd-5.1.6-3.7.fc6.ppc.rpm
b7c5c5b4752ca070eb8156d22b62cac5da4861bb ppc/php-xmlrpc-5.1.6-3.7.fc6.ppc.rpm
c8e1a662404d18cd5a13206facc260a6069f2af4 ppc/php-devel-5.1.6-3.7.fc6.ppc.rpm
06cc862f246a47aa7c27a96b7be16244fd5bdde9 ppc/php-snmp-5.1.6-3.7.fc6.ppc.rpm
85d7ec4dfdb1b3beef121e133924aa930cbffda6 x86_64/debug/php-debuginfo-5.1.6-3.7.fc6.x86_64.rpm
c67c441e4e16f650c17b50529c3d55ef6d3cca2b x86_64/php-mbstring-5.1.6-3.7.fc6.x86_64.rpm
c68cac45c3fb12cd4e0df49d92c6f1abea9874a0 x86_64/php-ncurses-5.1.6-3.7.fc6.x86_64.rpm
e42bf18d61e54ef1383072aa0dda6fd2ea9a72a3 x86_64/php-pgsql-5.1.6-3.7.fc6.x86_64.rpm
4e1fabe888a68c928c7f9a621d6a852a31b28e6a x86_64/php-soap-5.1.6-3.7.fc6.x86_64.rpm
7651ee688a52120680ce2c19af23e13c8b9ed71a x86_64/php-common-5.1.6-3.7.fc6.x86_64.rpm
b3ebec5c12f86a139ab64e1dd82e954f1f9ca17f x86_64/php-dba-5.1.6-3.7.fc6.x86_64.rpm
c4e64f31b419370aa3810c78bc48736592f16184 x86_64/php-snmp-5.1.6-3.7.fc6.x86_64.rpm
53f65efacbc81e43f6cef52abf6052a28cd45958 x86_64/php-bcmath-5.1.6-3.7.fc6.x86_64.rpm
7becddfd2c95ad56704b8296c31ffb7d54a38f38 x86_64/php-xmlrpc-5.1.6-3.7.fc6.x86_64.rpm
efc10eebadf9cb94056669bddad2c84b9e9bd011 x86_64/php-devel-5.1.6-3.7.fc6.x86_64.rpm
ec7541ab90abd13e2e864bfa6f20c1571aa9ae55 x86_64/php-mysql-5.1.6-3.7.fc6.x86_64.rpm
9a1992e0ee196ba9533d5a83d15b8b10a18b58ee x86_64/php-pdo-5.1.6-3.7.fc6.x86_64.rpm
1b1e3f81fd29a55021d1e2b5771ce6843d5fdd01 x86_64/php-gd-5.1.6-3.7.fc6.x86_64.rpm
a46df7dc6a38714fbd415574fbd71adc04384045 x86_64/php-ldap-5.1.6-3.7.fc6.x86_64.rpm
670f6464f884e1d54ebd2f5435161bb060912783 x86_64/php-imap-5.1.6-3.7.fc6.x86_64.rpm
476a85431df1f50ee9e1e93e7fb61c6f96c1483a x86_64/php-odbc-5.1.6-3.7.fc6.x86_64.rpm
1f72d6e4b1739c955d6a543aaac4551646339247 x86_64/php-5.1.6-3.7.fc6.x86_64.rpm
b22272c21f4cb2ffbb77c76a1e8179ff287c02cb x86_64/php-xml-5.1.6-3.7.fc6.x86_64.rpm
50d95bc2e0d5f69b14a779e74b69a1359cdbeff8 x86_64/php-cli-5.1.6-3.7.fc6.x86_64.rpm
8082b5f587e1a3b4e4430dbfe03b48da84c203a6 i386/php-snmp-5.1.6-3.7.fc6.i386.rpm
ea4786a52946c06b74100007de098297023e6cf0 i386/php-cli-5.1.6-3.7.fc6.i386.rpm
9096476c1f2c589d05b9d084433687caea0c8f3a i386/php-mysql-5.1.6-3.7.fc6.i386.rpm
c2d4bd9640548aeef84479fb67de178f929905e9 i386/php-ncurses-5.1.6-3.7.fc6.i386.rpm
78a5544aefbb098f415fdd6683cd1780038230d3 i386/php-5.1.6-3.7.fc6.i386.rpm
f820783d03577edfe99b8e978527f2b73facfc3b i386/php-ldap-5.1.6-3.7.fc6.i386.rpm
267039177c0206641343e6e57352687d1a66c897 i386/php-common-5.1.6-3.7.fc6.i386.rpm
3cfc1e8e5d933ecf3cf91a07cde8b30821ed8abb i386/php-gd-5.1.6-3.7.fc6.i386.rpm
a5eca01f44a0bcf2e600527bd3c3edb868c891ba i386/debug/php-debuginfo-5.1.6-3.7.fc6.i386.rpm
abd19d5e783596bea6790b4ccd705257948ca26c i386/php-pdo-5.1.6-3.7.fc6.i386.rpm
e49960b6f3d2298ffb8fc9c70e2d0954771473a3 i386/php-soap-5.1.6-3.7.fc6.i386.rpm
ee4062f0368332b52fcd9a4c6fd64fca294207aa i386/php-odbc-5.1.6-3.7.fc6.i386.rpm
65792f15eaa6a886813eb7c23f5e9a3fc2fc3471 i386/php-xml-5.1.6-3.7.fc6.i386.rpm
b33bcaa6f6ce51ec09985ce72d3ab3818299620e i386/php-imap-5.1.6-3.7.fc6.i386.rpm
3bb5affd1bc6c5986deaa8b48efe6e866d399459 i386/php-bcmath-5.1.6-3.7.fc6.i386.rpm
412ace8bd9bc18b2a8495d70b853c492b086d9e2 i386/php-devel-5.1.6-3.7.fc6.i386.rpm
9f89a7ac45c773d8e34ce0a3dc32316c0ff5d35e i386/php-pgsql-5.1.6-3.7.fc6.i386.rpm
9435ba4ffa9cc8d09554bbd0a58a9cba008f0492 i386/php-xmlrpc-5.1.6-3.7.fc6.i386.rpm
570069b5849458383238d3b96ab74f43e12dd1dc i386/php-mbstring-5.1.6-3.7.fc6.i386.rpm
e5c834f592f44e433a6d444d6489b0c551636a16 i386/php-dba-5.1.6-3.7.fc6.i386.rpm

HP-UX: Apache version B.2.0.59.04.01.
Version B.2.0.59.04.01 is corrected:
  ftp://srt80056:srt80056@hprc.external.hp.com

HP-UX: version Apache.
Following version is corrected:
IPv4:
  HP-UX B.11.11
    version A.2.0.59.00.2
    ftp://srt80010:srt80010@hprc.external.hp.com
IPv6:
  HP-UX B.11.11
  HP-UX B.11.23
  HP-UX B.11.31
    version B.2.0.59.00.2
    ftp://srt80010:srt80010@hprc.external.hp.com

Juniper NSM, NSMXpress: versions 2010.3s7, 2011.4s4, 2012.1.
Versions 2010.3s7, 2011.4s4 and 2012.1 are fixed:
  http://www.juniper.net/support/products/nsm/2012.1/

Mandriva: new gd packages.
New packages are available:
Corporate 3.0:
gd-2.0.15-4.2.C30mdk
Multi Network Firewall 2.0:
gd-2.0.15-4.2.M20mdk

Mandriva: new php packages (04/07/2008).
New packages are available.

Mandriva: new php packages (25/09/2007).
New packages are available:
 
 Mandriva Linux 2007.0:
 57a68f47fd8c691db93b9eadbbf19b40 2007.0/i586/libphp5_common5-5.1.6-1.9mdv2007.0.i586.rpm
 f82d39f70da087f4d7f9470f81211276 2007.0/i586/php-cgi-5.1.6-1.9mdv2007.0.i586.rpm
 a22e66bf85ab53ff1782ce331ffa60a6 2007.0/i586/php-cli-5.1.6-1.9mdv2007.0.i586.rpm
 c3cd07dba2182b4f583794a3b240e84e 2007.0/i586/php-devel-5.1.6-1.9mdv2007.0.i586.rpm
 265ef0003e043ad3013022b1e566fd89 2007.0/i586/php-fcgi-5.1.6-1.9mdv2007.0.i586.rpm
 598e110d6abcc345a0b6ee1676214ee2 2007.0/i586/php-gd-5.1.6-1.3mdv2007.0.i586.rpm
 0f9a486f5ccadd55c81aa61705ae5d81 2007.0/i586/php-mcrypt-5.1.6-1.1mdv2007.0.i586.rpm
 6d7d80d3cdeae2e4ca286b67be659cef 2007.0/i586/php-soap-5.1.6-1.2mdv2007.0.i586.rpm
 06fef845a7f0eb15fbda8e01d2449759 2007.0/SRPMS/php-5.1.6-1.9mdv2007.0.src.rpm
 1c4c5379d367dd0ba8c002d2a60eb8b1 2007.0/SRPMS/php-gd-5.1.6-1.3mdv2007.0.src.rpm
 4b4382448f9be55ea66f8b910a12a97c 2007.0/SRPMS/php-mcrypt-5.1.6-1.1mdv2007.0.src.rpm
 c9e9b415eac3b864ffcece762c6aa6bb 2007.0/SRPMS/php-soap-5.1.6-1.2mdv2007.0.src.rpm
 Mandriva Linux 2007.0/X86_64:
 8ddfb570e663d8b61cbfaf5bc8585d54 2007.0/x86_64/lib64php5_common5-5.1.6-1.9mdv2007.0.x86_64.rpm
 d05d20ad5c5ddd84649aaed661b83c7a 2007.0/x86_64/php-cgi-5.1.6-1.9mdv2007.0.x86_64.rpm
 9ba45cce68ffa043cf1fb23fe765e104 2007.0/x86_64/php-cli-5.1.6-1.9mdv2007.0.x86_64.rpm
 26ead0e8cd3bab9ba64cc39f596d6533 2007.0/x86_64/php-devel-5.1.6-1.9mdv2007.0.x86_64.rpm
 65673d78e3e1af683d64e30ba832be63 2007.0/x86_64/php-fcgi-5.1.6-1.9mdv2007.0.x86_64.rpm
 0d478806da998759a96cdbf8694c0324 2007.0/x86_64/php-gd-5.1.6-1.3mdv2007.0.x86_64.rpm
 99ec9336533a6ff74b93841497a73fe1 2007.0/x86_64/php-mcrypt-5.1.6-1.1mdv2007.0.x86_64.rpm
 1b5bdc02b561134835c729fb404b0931 2007.0/x86_64/php-soap-5.1.6-1.2mdv2007.0.x86_64.rpm
 06fef845a7f0eb15fbda8e01d2449759 2007.0/SRPMS/php-5.1.6-1.9mdv2007.0.src.rpm
 1c4c5379d367dd0ba8c002d2a60eb8b1 2007.0/SRPMS/php-gd-5.1.6-1.3mdv2007.0.src.rpm
 4b4382448f9be55ea66f8b910a12a97c 2007.0/SRPMS/php-mcrypt-5.1.6-1.1mdv2007.0.src.rpm
 c9e9b415eac3b864ffcece762c6aa6bb 2007.0/SRPMS/php-soap-5.1.6-1.2mdv2007.0.src.rpm
 Mandriva Linux 2007.1:
 cfb5ebca225920865fd41b8d7379ec04 2007.1/i586/libphp5_common5-5.2.1-4.3mdv2007.1.i586.rpm
 fd99e8fd1eba60464844111ba0bf658f 2007.1/i586/php-cgi-5.2.1-4.3mdv2007.1.i586.rpm
 d2d5ef2a6eb326c85e5e4e66d5488032 2007.1/i586/php-cli-5.2.1-4.3mdv2007.1.i586.rpm
 f8ff08caf4bf9d4b06c84dabf426ad4f 2007.1/i586/php-devel-5.2.1-4.3mdv2007.1.i586.rpm
 0e362fc96f32b9046df73d01938f4a4f 2007.1/i586/php-fcgi-5.2.1-4.3mdv2007.1.i586.rpm
 3796283e1a18abd35c66e9fdb7cecf84 2007.1/i586/php-gd-5.2.1-1.2mdv2007.1.i586.rpm
 8303fdaff4f40f7025e84b9571db7557 2007.1/i586/php-mcrypt-5.2.1-1.1mdv2007.1.i586.rpm
 765b7cff3e34bf6be0d31d5e11c6d21f 2007.1/i586/php-openssl-5.2.1-4.3mdv2007.1.i586.rpm
 8ed091e407210049489fb70ba4f18e3f 2007.1/i586/php-soap-5.2.1-1.2mdv2007.1.i586.rpm
 649f2efadad45640ca14f5ab644de67f 2007.1/i586/php-zlib-5.2.1-4.3mdv2007.1.i586.rpm
 8779e5a26aecb35eaf93a5c54f35a798 2007.1/SRPMS/php-5.2.1-4.3mdv2007.1.src.rpm
 d16710089832ae31873c0db7e6df87fd 2007.1/SRPMS/php-gd-5.2.1-1.2mdv2007.1.src.rpm
 ec8b2d536f13c35dd2c2f1cca92c5694 2007.1/SRPMS/php-mcrypt-5.2.1-1.1mdv2007.1.src.rpm
 90f9821184ef2fc8cca2a35e54080f44 2007.1/SRPMS/php-soap-5.2.1-1.2mdv2007.1.src.rpm
 Mandriva Linux 2007.1/X86_64:
 4af5b6e98feeeb88b8993768c15497ce 2007.1/x86_64/lib64php5_common5-5.2.1-4.3mdv2007.1.x86_64.rpm
 f5e5fbb413e349ff9ae9e8e82a59dd92 2007.1/x86_64/php-cgi-5.2.1-4.3mdv2007.1.x86_64.rpm
 c93c070b38a3c2602dbfea38e648fea1 2007.1/x86_64/php-cli-5.2.1-4.3mdv2007.1.x86_64.rpm
 5d7fa073092e6599eddaaffab5b4df4f 2007.1/x86_64/php-devel-5.2.1-4.3mdv2007.1.x86_64.rpm
 0d593dad6f79e0331d1a9c7544d6fe42 2007.1/x86_64/php-fcgi-5.2.1-4.3mdv2007.1.x86_64.rpm
 8652914b9aa256724004e12621111ce3 2007.1/x86_64/php-gd-5.2.1-1.2mdv2007.1.x86_64.rpm
 cc2993f0faf2d76eb317162162237049 2007.1/x86_64/php-mcrypt-5.2.1-1.1mdv2007.1.x86_64.rpm
 2becb2e136e605d4b6fcbb80b8b96fdc 2007.1/x86_64/php-openssl-5.2.1-4.3mdv2007.1.x86_64.rpm
 241a453a1007cc84f0f789b2a11bf96f 2007.1/x86_64/php-soap-5.2.1-1.2mdv2007.1.x86_64.rpm
 58a30a4284944ed364d488338c6d4605 2007.1/x86_64/php-zlib-5.2.1-4.3mdv2007.1.x86_64.rpm
 8779e5a26aecb35eaf93a5c54f35a798 2007.1/SRPMS/php-5.2.1-4.3mdv2007.1.src.rpm
 d16710089832ae31873c0db7e6df87fd 2007.1/SRPMS/php-gd-5.2.1-1.2mdv2007.1.src.rpm
 ec8b2d536f13c35dd2c2f1cca92c5694 2007.1/SRPMS/php-mcrypt-5.2.1-1.1mdv2007.1.src.rpm
 90f9821184ef2fc8cca2a35e54080f44 2007.1/SRPMS/php-soap-5.2.1-1.2mdv2007.1.src.rpm
 Corporate 3.0:
 247e24717edaad099d4dfac36d06da11 corporate/3.0/i586/libphp_common432-4.3.4-4.27.C30mdk.i586.rpm
 a2fe1080b8981493b83f6bb6c08a6f83 corporate/3.0/i586/php-cgi-4.3.4-4.27.C30mdk.i586.rpm
 0468aa254c2495b128f4ea776b7100f7 corporate/3.0/i586/php-cli-4.3.4-4.27.C30mdk.i586.rpm
 230476bcb71774884ec17ecbef336e5c corporate/3.0/i586/php-gd-4.3.4-1.7.C30mdk.i586.rpm
 3cac8eecfdee304b0889fbe99958a6ca corporate/3.0/i586/php432-devel-4.3.4-4.27.C30mdk.i586.rpm
 74c8bcac18b502174d270a0e2529d8e8 corporate/3.0/SRPMS/php-4.3.4-4.27.C30mdk.src.rpm
 7db08e02ff0b4d59c58bbef5ff25a89b corporate/3.0/SRPMS/php-gd-4.3.4-1.7.C30mdk.src.rpm
 Corporate 3.0/X86_64:
 54b38db5000d71f5f4cfe0d55ea8839d corporate/3.0/x86_64/lib64php_common432-4.3.4-4.27.C30mdk.x86_64.rpm
 e06d422dedbd7ff39eb86c8afdf23f8c corporate/3.0/x86_64/php-cgi-4.3.4-4.27.C30mdk.x86_64.rpm
 66bea84020ec6231dbc345215b6398d4 corporate/3.0/x86_64/php-cli-4.3.4-4.27.C30mdk.x86_64.rpm
 6e47af7339e7c939133d3bbab0b54c60 corporate/3.0/x86_64/php-gd-4.3.4-1.7.C30mdk.x86_64.rpm
 9aa27728797f8a8b7fe6932237779dc1 corporate/3.0/x86_64/php432-devel-4.3.4-4.27.C30mdk.x86_64.rpm
 74c8bcac18b502174d270a0e2529d8e8 corporate/3.0/SRPMS/php-4.3.4-4.27.C30mdk.src.rpm
 7db08e02ff0b4d59c58bbef5ff25a89b corporate/3.0/SRPMS/php-gd-4.3.4-1.7.C30mdk.src.rpm
 Corporate 4.0:
 6660cfe8b3e883412a9d138cb4776a17 corporate/4.0/i586/libphp4_common4-4.4.4-1.7.20060mlcs4.i586.rpm
 0a43b956bf221f3dc6b534aed4c2c332 corporate/4.0/i586/libphp5_common5-5.1.6-1.8.20060mlcs4.i586.rpm
 d01223da70e8e3c6c17b0bd065cf4747 corporate/4.0/i586/php-cgi-5.1.6-1.8.20060mlcs4.i586.rpm
 9cdf4d6ba4446811b0118126b31dd80b corporate/4.0/i586/php-cli-5.1.6-1.8.20060mlcs4.i586.rpm
 6f486a6a19edef73ac2bc6aba2cf342a corporate/4.0/i586/php-devel-5.1.6-1.8.20060mlcs4.i586.rpm
 a126823de602fb9aecae42f052ab2827 corporate/4.0/i586/php-fcgi-5.1.6-1.8.20060mlcs4.i586.rpm
 9c198b7e8a34c3e4d03f18174b2b1a84 corporate/4.0/i586/php-gd-5.1.6-1.3.20060mlcs4.i586.rpm
 b58d0518a5a44bdb26006df7b3d0b9f4 corporate/4.0/i586/php-mcrypt-5.1.6-1.1.20060mlcs4.i586.rpm
 c306da649d383d2ef0d4e568e8f77bd2 corporate/4.0/i586/php-soap-5.1.6-1.2.20060mlcs4.i586.rpm
 6fbcf94c677317eaa73f2972afbece1c corporate/4.0/i586/php-zip-1.8.10-0.1.20060mlcs4.i586.rpm
 473813677bb2f261182b53f6175908b8 corporate/4.0/i586/php4-cgi-4.4.4-1.7.20060mlcs4.i586.rpm
 5c53c5fd3860246341522a47712b7d18 corporate/4.0/i586/php4-cli-4.4.4-1.7.20060mlcs4.i586.rpm
 079851b5a916b27cb16aa4bde9bcd86e corporate/4.0/i586/php4-devel-4.4.4-1.7.20060mlcs4.i586.rpm
 cf0a080ecd0acb5e01f7e2e41ed3c76d corporate/4.0/i586/php4-gd-4.4.4-1.2.20060mlcs4.i586.rpm
 c2333bbae7d3a20b90a2e174f2caf5da corporate/4.0/i586/php4-mcrypt-4.4.4-1.1.20060mlcs4.i586.rpm
 b406cd54519867c9611c6c6700827457 corporate/4.0/SRPMS/php-5.1.6-1.8.20060mlcs4.src.rpm
 491027bf3182f1f56e93e4d3a053d9e0 corporate/4.0/SRPMS/php-gd-5.1.6-1.3.20060mlcs4.src.rpm
 dd89eef4f40af9dff068c28bd56b4d5b corporate/4.0/SRPMS/php-mcrypt-5.1.6-1.1.20060mlcs4.src.rpm
 d7107b5be0e7768abad9c15cc8584ded corporate/4.0/SRPMS/php-soap-5.1.6-1.2.20060mlcs4.src.rpm
 f39e559d753bc59816d4106cd095d0db corporate/4.0/SRPMS/php-zip-1.8.10-0.1.20060mlcs4.src.rpm
 1f1fd034cfd3d3f911315a34326d553e corporate/4.0/SRPMS/php4-4.4.4-1.7.20060mlcs4.src.rpm
 00447503df74be2f96f4ec4f93de6694 corporate/4.0/SRPMS/php4-gd-4.4.4-1.2.20060mlcs4.src.rpm
 c005bcfb3c95e618ba5a4c928d5b75c7 corporate/4.0/SRPMS/php4-mcrypt-4.4.4-1.1.20060mlcs4.src.rpm
 Corporate 4.0/X86_64:
 d04a06f2a1d4c8d36b1ce3de6448577b corporate/4.0/x86_64/lib64php4_common4-4.4.4-1.7.20060mlcs4.x86_64.rpm
 b22d1122c842de135ddf34d331641da8 corporate/4.0/x86_64/lib64php5_common5-5.1.6-1.8.20060mlcs4.x86_64.rpm
 9866242fb135cca7cf3e35e97f5178af corporate/4.0/x86_64/php-cgi-5.1.6-1.8.20060mlcs4.x86_64.rpm
 c68e05947bec3bb82e9d1d5c572f96d5 corporate/4.0/x86_64/php-cli-5.1.6-1.8.20060mlcs4.x86_64.rpm
 cf53b9aaef91d88655f9d74e3ff2aacb corporate/4.0/x86_64/php-devel-5.1.6-1.8.20060mlcs4.x86_64.rpm
 f8c251520d975a4010def1750fd8346d corporate/4.0/x86_64/php-fcgi-5.1.6-1.8.20060mlcs4.x86_64.rpm
 5b34f8737e26d00f33c0328d763ab213 corporate/4.0/x86_64/php-gd-5.1.6-1.3.20060mlcs4.x86_64.rpm
 758cf65ca6d0a4abebb902e0cba8a340 corporate/4.0/x86_64/php-mcrypt-5.1.6-1.1.20060mlcs4.x86_64.rpm
 13bee1adbfe5e67c01ca731ea81dbdd9 corporate/4.0/x86_64/php-soap-5.1.6-1.2.20060mlcs4.x86_64.rpm
 4c0b39d8927c6cb19e32befb0539680e corporate/4.0/x86_64/php-zip-1.8.10-0.1.20060mlcs4.x86_64.rpm
 5ada3b423910e48a26c77a8cf95cc274 corporate/4.0/x86_64/php4-cgi-4.4.4-1.7.20060mlcs4.x86_64.rpm
 84fae5bb1c27d7c4a6dcb7c29966e2ce corporate/4.0/x86_64/php4-cli-4.4.4-1.7.20060mlcs4.x86_64.rpm
 ccc04f5e1301a856a4d8e24bd36342cb corporate/4.0/x86_64/php4-devel-4.4.4-1.7.20060mlcs4.x86_64.rpm
 0eafa187fc47d54782cba69a73d500f8 corporate/4.0/x86_64/php4-gd-4.4.4-1.2.20060mlcs4.x86_64.rpm
 17f6a6e9ff9cb623ba5538c46571fce5 corporate/4.0/x86_64/php4-mcrypt-4.4.4-1.1.20060mlcs4.x86_64.rpm
 b406cd54519867c9611c6c6700827457 corporate/4.0/SRPMS/php-5.1.6-1.8.20060mlcs4.src.rpm
 491027bf3182f1f56e93e4d3a053d9e0 corporate/4.0/SRPMS/php-gd-5.1.6-1.3.20060mlcs4.src.rpm
 dd89eef4f40af9dff068c28bd56b4d5b corporate/4.0/SRPMS/php-mcrypt-5.1.6-1.1.20060mlcs4.src.rpm
 d7107b5be0e7768abad9c15cc8584ded corporate/4.0/SRPMS/php-soap-5.1.6-1.2.20060mlcs4.src.rpm
 f39e559d753bc59816d4106cd095d0db corporate/4.0/SRPMS/php-zip-1.8.10-0.1.20060mlcs4.src.rpm
 1f1fd034cfd3d3f911315a34326d553e corporate/4.0/SRPMS/php4-4.4.4-1.7.20060mlcs4.src.rpm
 00447503df74be2f96f4ec4f93de6694 corporate/4.0/SRPMS/php4-gd-4.4.4-1.2.20060mlcs4.src.rpm
 c005bcfb3c95e618ba5a4c928d5b75c7 corporate/4.0/SRPMS/php4-mcrypt-4.4.4-1.1.20060mlcs4.src.rpm
 Multi Network Firewall 2.0:
 4a0e9e73f51d6118c3580b9f556c0a2d mnf/2.0/i586/libphp_common432-4.3.4-4.27.C30mdk.i586.rpm
 f4698dd4eb9c4c9e12528c70cf458e7f mnf/2.0/i586/php-cgi-4.3.4-4.27.C30mdk.i586.rpm
 91e6914a490349580511f216a8220c86 mnf/2.0/i586/php-cli-4.3.4-4.27.C30mdk.i586.rpm
 b5655d8d54a14d9f5cdb56246ddad2e3 mnf/2.0/i586/php-gd-4.3.4-1.7.C30mdk.i586.rpm
 752e636b31d84df4b9283fc56b60ef5b mnf/2.0/i586/php432-devel-4.3.4-4.27.C30mdk.i586.rpm
 dba539a2cc542b14898bea508291fb93 mnf/2.0/SRPMS/php-4.3.4-4.27.C30mdk.src.rpm
 86dacced331afeb19a375cdcd5ade744 mnf/2.0/SRPMS/php-gd-4.3.4-1.7.C30mdk.src.rpm

Red Hat Application Stack: new php packages.
New packages are available:
Red Hat Application Stack v1 for Enterprise Linux version 4: php-5.1.6-3.el4s1.8

RHEL 3: new php packages.
New packages are available:
Red Hat Enterprise Linux version 3: php-4.3.2-43.ent

RHEL 4, 5: new php packages.
New packages are available:
Red Hat Enterprise Linux version 4: php-4.3.9-3.22.9
Red Hat Enterprise Linux version 5: php-5.1.6-15.el5

RHEL version 2.1: new php packages.
New packages are available:
Red Hat Enterprise Linux version 2.1 : php-4.1.2-2.19

RHEL version 5: new php packages.
New packages are available:
Red Hat Enterprise Linux version 5: php-5.2.3-3.el5s2

Slackware: new php packages.
New packages are available:
Slackware 10.1:
ftp://ftp.slackware.com/pub/slackware/slackware-10.1/testing/packages/php5/php-5.2.4-i486-1_slack10.1.tgz
Slackware 10.2:
ftp://ftp.slackware.com/pub/slackware/slackware-10.2/testing/packages/php5/php-5.2.4-i486-1_slack10.2.tgz
Slackware 11.0:
ftp://ftp.slackware.com/pub/slackware/slackware-11.0/extra/php5/php-5.2.4-i486-1_slack11.0.tgz
Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/php-5.2.4-i486-1_slack12.0.tgz

SUSE: new php4, php5 packages.
New packages are available:
   openSUSE 10.3:
   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/apache2-mod_php5-5.2.5-8.1.i586.rpm
   http://download.opensuse.org/pub/opensuse/update/10.3/rpm/i586/php5-5.2.5-8.1.i586.rpm
   
   openSUSE 10.2:
   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/apache2-mod_php5-5.2.5-18.1.i586.rpm
   ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/php5-5.2.5-18.1.i586.rpm
   
   SUSE LINUX 10.1:
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/apache2-mod_php5-5.1.2-29.50.i586.rpm
   ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/php5-5.1.2-29.50.i586.rpm
   Open Enterprise Server
     http://support.novell.com/techcenter/psdb/f1255e10262bd8b24adcb137ab61417e.html
   
   Novell Linux POS 9
     http://support.novell.com/techcenter/psdb/f1255e10262bd8b24adcb137ab61417e.html
   
   Novell Linux Desktop 9 SDK
     http://support.novell.com/techcenter/psdb/f1255e10262bd8b24adcb137ab61417e.html
   
   SUSE SLES 9
     http://support.novell.com/techcenter/psdb/f1255e10262bd8b24adcb137ab61417e.html
   
   SUSE Linux Enterprise Server 10 SP1
     http://support.novell.com/techcenter/psdb/c7f522e63d98a69b1dcbd04846e66ae7.html
   
   SLE SDK 10 SP1
     http://support.novell.com/techcenter/psdb/c7f522e63d98a69b1dcbd04846e66ae7.html

Turbolinux: new php packages (17/07/2008).
New packages are available:
Turbolinux Appliance Server 3.0 : php-5.2.4-14
Turbolinux 11 Server : php-5.2.4-14
Turbolinux Appliance Server 2.0 : php4-4.3.11-25
Turbolinux 10 Server x64 Edition : php4-4.3.9-18
Turbolinux Appliance Server 1.0 : php-4.2.3-39
Turbolinux 10 Server : php4-4.3.11-25
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides a computer vulnerability bulletin. The Vigil@nce computer vulnerability tracking service alerts your teams of vulnerabilities or threats impacting your information system.