Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2009-276-02
HistoryOct 04, 2009 - 12:01 a.m.

php

2009-10-0400:01:56
Slackware Linux Project
www.slackware.com
31

0.018 Low

EPSS

Percentile

86.8%

JSON

New php packages are available for Slackware 12.0, 12.1, 12.2, 13.0,
and -current to fix security issues.

More details about this issue may be found in the Common
Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293

Here are the details from the Slackware 13.0 ChangeLog:

patches/packages/php-5.2.11-i486-1_slack13.0.txz:
This release fixes some possible security issues, all of which have
"unknown impact and attack vectors".
For more information, see:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3291
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3292
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3293
(* Security fix *)

Where to find the new packages:

HINT: Getting slow download speeds from ftp.slackware.com?
Give slackware.osuosl.org a try. This is another primary FTP site
for Slackware that can be considerably faster than downloading
directly from ftp.slackware.com.

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating additional FTP and rsync hosting
to the Slackware project! :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 12.0:
ftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/php-5.2.11-i486-1_slack12.0.tgz

Updated package for Slackware 12.1:
ftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/php-5.2.11-i486-1_slack12.1.tgz

Updated package for Slackware 12.2:
ftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/php-5.2.11-i486-1_slack12.2.tgz

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/php-5.2.11-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/php-5.2.11-x86_64-1_slack13.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.2.11-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.2.11-x86_64-1.txz

MD5 signatures:

Slackware 12.0 package:
bc56d8e0d56197d7b0eaeee791e20307 php-5.2.11-i486-1_slack12.0.tgz

Slackware 12.1 package:
67fa37b8c23b303c3ecf3294183ed0ae php-5.2.11-i486-1_slack12.1.tgz

Slackware 12.2 package:
6e44a700f0ef0a57eecb37a033d3cd1f php-5.2.11-i486-1_slack12.2.tgz

Slackware 13.0 package:
a766796b71a41b6cd783ffbf2b237a80 php-5.2.11-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
d7de1dc05f88c8b3b7cff7cec45f18de php-5.2.11-x86_64-1_slack13.0.txz

Slackware -current package:
fb6e9b0a3d8c4a3a08eea2bbe31a9c08 php-5.2.11-i486-1.txz

Slackware x86_64 -current package:
be11f0990d29843d1f4480a75eaa4d3e php-5.2.11-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg php-5.2.11-i486-1_slack13.0.txz

Related

nessus 27
openvas 53
freebsd 3
securityvulns 4
seebug 1
f5 2
prion 4
debian 2
osv 1
veracode 2
ubuntucve 4
cve 4
redhat 1
oraclelinux 1
centos 1
ubuntu 2
debiancve 1
gentoo 1
amazon 1
nessus
nessus
Mandriva Linux Security Advisory : php (MDVSA-2009:248)
2010-07-30 00:00:00
FreeBSD : php5 -- Multiple security issues (437a68cf-b752-11de-b6eb-00e0815b8da8)
2009-10-13 00:00:00
Slackware 12.0 / 12.1 / 12.2 / 13.0 / current : php (SSA:2009-276-02)
2009-10-05 00:00:00
openvas
openvas
Mandrake Security Advisory MDVSA-2009:248 (php)
2009-09-28 00:00:00
Slackware Advisory SSA:2009-276-02 php
2012-09-11 00:00:00
Mandrake Security Advisory MDVSA-2009:248 (php)
2009-09-28 00:00:00
freebsd
freebsd
php5 -- Multiple security issues
2009-09-17 00:00:00
gd -- '_gdGetColors' remote buffer overflow vulnerability
2009-10-15 00:00:00
libwmf -- multiple vulnerabilities
2004-10-12 00:00:00
securityvulns
securityvulns
[ MDVSA-2009:248 ] php
2009-09-28 00:00:00
PHP multiple security vulnerabilities
2009-10-20 00:00:00
[ MDVSA-2009:284 ] gd
2009-10-20 00:00:00
seebug
seebug
PHP 5.2.11版本修复多个安全漏洞
2009-09-23 00:00:00
f5
f5
SOL13275 - PHP vulnerability CVE-2009-3293
2011-12-15 00:00:00
K13275 : PHP vulnerability CVE-2009-3293
2013-09-12 00:00:00
prion
prion
Design/Logic Flaw
2009-09-22 10:30:00
Design/Logic Flaw
2009-09-22 10:30:00
Code injection
2009-09-22 10:30:00
debian
debian
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
[SECURITY] [DSA-1940-1] New php5 packages fix several issues
2009-11-25 21:48:09
osv
osv
php5 - multiple issues
2009-11-25 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:42:39
Spoofing Attack
2020-04-10 00:42:39
ubuntucve
ubuntucve
CVE-2009-3292
2009-09-22 00:00:00
CVE-2009-3293
2009-09-22 00:00:00
CVE-2009-3291
2009-09-22 00:00:00
cve
cve
CVE-2009-3292
2009-09-22 10:30:00
CVE-2009-3293
2009-09-22 10:30:00
CVE-2009-3291
2009-09-22 10:30:00
redhat
redhat
(RHSA-2010:0040) Moderate: php security update
2010-01-13 00:00:00
oraclelinux
oraclelinux
php security update
2010-01-13 00:00:00
centos
centos
php security update
2010-01-13 22:42:15
ubuntu
ubuntu
PHP vulnerabilities
2009-11-26 00:00:00
GD library vulnerabilities
2009-11-05 00:00:00
debiancve
debiancve
CVE-2009-3546
2009-10-19 20:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2010-01-05 00:00:00
amazon
amazon
Important: libwmf
2015-10-27 13:51:00

0.018 Low

EPSS

Percentile

86.8%

JSON
Related for SSA-2009-276-02
nessus27openvas53freebsd3securityvulns4seebug1f52prion4debian2osv1veracode2ubuntucve4cve4redhat1oraclelinux1centos1ubuntu2debiancve1gentoo1amazon1