cross site scripting, information leak in php4,php5

2006-05-0513:42:01

lists.opensuse.org

0.247 Low

EPSS

Percentile

96.2%

JSON

This update fixes the following security issues in the scripting languages PHP4 and PHP5:

Solution

There is no known workaround, please install the update packages.

OSVersionArchitecturePackageVersionFilename
openSUSE10.0x86_64php5-pear< 5.0.4-9.10php5-pear-5.0.4-9.10.x86_64.rpm
openSUSE9.3x86_64php5-fastcgi< 5.0.3-14.20php5-fastcgi-5.0.3-14.20.x86_64.rpm
openSUSE9.3x86_64php4-32bit< 9.3-7.9php4-32bit-9.3-7.9.x86_64.rpm
openSUSE10.0ppcphp5-fastcgi< 5.0.4-9.10php5-fastcgi-5.0.4-9.10.ppc.rpm
openSUSE9.3i586php4-sysvshm< 4.3.10-14.20php4-sysvshm-4.3.10-14.20.i586.rpm
openSUSE9.2x86_64php4-pear< 4.3.8-8.23php4-pear-4.3.8-8.23.x86_64.rpm
openSUSE10.0i586php5< 5.0.4-9.10php5-5.0.4-9.10.i586.rpm
openSUSE10.0x86_64php4-mbstring< 4.4.0-6.10php4-mbstring-4.4.0-6.10.x86_64.rpm
openSUSE9.1x86_64mod_php4-core< 4.3.4-43.53mod_php4-core-4.3.4-43.53.x86_64.rpm
openSUSE10.0i586php4-unixodbc< 4.4.0-6.10php4-unixODBC-4.4.0-6.10.i586.rpm

OS	Version	Architecture	Package	Version	Filename
openSUSE	10.0	x86_64	php5-pear	< 5.0.4-9.10	php5-pear-5.0.4-9.10.x86_64.rpm
openSUSE	9.3	x86_64	php5-fastcgi	< 5.0.3-14.20	php5-fastcgi-5.0.3-14.20.x86_64.rpm
openSUSE	9.3	x86_64	php4-32bit	< 9.3-7.9	php4-32bit-9.3-7.9.x86_64.rpm
openSUSE	10.0	ppc	php5-fastcgi	< 5.0.4-9.10	php5-fastcgi-5.0.4-9.10.ppc.rpm
openSUSE	9.3	i586	php4-sysvshm	< 4.3.10-14.20	php4-sysvshm-4.3.10-14.20.i586.rpm
openSUSE	9.2	x86_64	php4-pear	< 4.3.8-8.23	php4-pear-4.3.8-8.23.x86_64.rpm
openSUSE	10.0	i586	php5	< 5.0.4-9.10	php5-5.0.4-9.10.i586.rpm
openSUSE	10.0	x86_64	php4-mbstring	< 4.4.0-6.10	php4-mbstring-4.4.0-6.10.x86_64.rpm
openSUSE	9.1	x86_64	mod_php4-core	< 4.3.4-43.53	mod_php4-core-4.3.4-43.53.x86_64.rpm
openSUSE	10.0	i586	php4-unixodbc	< 4.4.0-6.10	php4-unixODBC-4.4.0-6.10.i586.rpm