[USN-105-1] PHP4 vulnerabilities

Martin Pitt martin.pitt at canonical.com
Tue Apr 5 09:02:24 UTC 2005


===========================================================
Ubuntu Security Notice USN-105-1	     April 05, 2005
php4 vulnerabilities
CAN-2005-0524, CAN-2005-0525
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)

The following packages are affected:

libapache2-mod-php4
php4-cgi

The problem can be corrected by upgrading the affected package to
version 4:4.3.8-3ubuntu7.7.  In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Two Denial of Service vulnerabilities have been discovered in the
getimagesize() function. getimagesize() uses format specific internal
functions php_handle_iff() and php_handle_jpeg() which get stuck in
infinite loops when certain (invalid) size parameters are read from
the image. In web applications that allow users to upload arbitrary
image files, a remote attacker could render the server unavailable by
uploading specially crafted images.


  Source archives:

    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.7.diff.gz
      Size/MD5:   614584 e1e4658c0bae269863b66a49bb1789cc
    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8-3ubuntu7.7.dsc
      Size/MD5:     1624 53c60faf1cf695e843a9fed0aab32c77
    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4_4.3.8.orig.tar.gz
      Size/MD5:  4832570 dd69f8c89281f088eadf4ade3dbd39ee

  Architecture independent packages:

    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-dev_4.3.8-3ubuntu7.7_all.deb
      Size/MD5:   332096 d29a70597ebf8701dbb770a5a2df99c6
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-pear_4.3.8-3ubuntu7.7_all.deb
      Size/MD5:   333216 214989078c962bdd8e3c68efdea24e79

  amd64 architecture (Athlon64, Opteron, EM64T Xeon)

    http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:  1688788 282c770eeceb3b622bff45dbb1f3697f
    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:  3197760 688aaee04cfbedbf28f444ff78643275
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    17270 d5b8ca553be39d5c7dc5433662b829a9
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    40426 a222fd13d29d2ac9e8a6f3ca2332f075
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    33490 850faabd6c74a780fc5dac1e04e77305
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    21226 6adc5a2fec65a578637fb2c8d4d61287
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    18402 8c830761ed1cf819bfb716cd062f2d99
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:     7990 dd174278067bea68130997ebbf8a3f36
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    23104 acc54ef8616addca8b13bd7705715469
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    28320 06043332850b57bec6689d08e525e77a
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:     7616 e30ee5ae5a87fe517852fa99c5541a8f
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    12976 5e08d2d6eef94a91c6dc83e1ec4a3ad1
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    21504 3392a02bebfb734e56624fa8f6e05c9f
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:    17246 94f0b4443e8df88bf8adc06ec113225b
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.7_amd64.deb
      Size/MD5:  1704842 dac6b7d637b559a8ac6f53d6c2cd4e4c

  i386 architecture (x86 compatible Intel/AMD)

    http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:  1630616 84cb8a55df23a51feaecf303154d3829
    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:  3044204 015a09b97c147de9a747f060c068ea13
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    16852 cee9e1885827277cb1a16bb7deec639e
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    35554 dac653d1fe82fd71419a0e6bace784b2
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    31068 b51bd380ad14556b0ccaeb5599cfd7c1
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    19474 e05e15801bd839f5f9ea94cda102267d
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    17054 d40c6352b3283626d210437f733251ae
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:     7736 eee3b5f201d4cd174732b4cef81b1479
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    20900 63ce98c0ce7aeda7201c47eb346cbebe
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    26064 6cbaa547ab716198142a569bd38c823c
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:     7372 5ed54eb594586ae56f202bf678451ec0
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    12320 449d214d5a3df63b798432793b837711
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    20008 7df58c1a5dc6bf1f391ead2ce51da017
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:    15880 25572c6d71cc59b64847dde954a24412
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.7_i386.deb
      Size/MD5:  1645276 b6bc44c59dd99f01bbaae144abe7c828

  powerpc architecture (Apple Macintosh G3/G4/G5)

    http://security.ubuntu.com/ubuntu/pool/main/p/php4/libapache2-mod-php4_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:  1690610 3857d24f10f0a950b76e03c8b1e1d663
    http://security.ubuntu.com/ubuntu/pool/main/p/php4/php4-cgi_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:  3203548 ac2e9c91f5fd9d80f97c4e5f44256d57
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-curl_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    19076 560c45fd8cc01d6ed85bb4124a9878a7
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-domxml_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    38278 e780094260109fb3127647e9f33357d2
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-gd_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    34000 1222155b9a80cbdacabf345810a64848
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-ldap_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    21474 e7b955ecd7c36d079af80c31a05ffc30
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mcal_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    19300 02d564e04e540773720eaceb42ad07e5
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mhash_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:     9312 4ddb42c6ad8bab5f901eca499d085c25
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-mysql_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    22680 65c22c805385f10129b1594e57dc66f1
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-odbc_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    28398 21c858449fa712269b2fd16db5657d00
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-recode_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:     9004 8284d0b18f6951c5d06693c4932d1985
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-snmp_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    14322 46838ddd2207c1ced82d39df732497fd
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-sybase_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    22194 f680fec5a3f461bbf31874cb1d8d7136
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4-xslt_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:    18052 ab288cf61f4d35627ef0113438227997
    http://security.ubuntu.com/ubuntu/pool/universe/p/php4/php4_4.3.8-3ubuntu7.7_powerpc.deb
      Size/MD5:  1708412 f2d8a566456a811453039f722d2e779f
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/ubuntu-security-announce/attachments/20050405/43db80b6/attachment.pgp>


More information about the ubuntu-security-announce mailing list