|
 |
| Problem Description |
A buffer overflow was discovered in the wordwrap() function in versions
of PHP greater than 4.1.2 and less than 4.3.0. Under certain
circumstances, this buffer overflow can be used to overwite heap memory
and could potentially lead to remote system compromise.
| Updated Packages |
Mandrakelinux 9.0
1dd1c88e1a9a4493a800367acc0bc64d 9.0/RPMS/php-4.2.3-1.1mdk.i586.rpm 00f26b98cf8ab7555b439df231a18359 9.0/RPMS/php-common-4.2.3-1.1mdk.i586.rpm f333cd5d6bab04605b57de5b403d4f31 9.0/RPMS/php-devel-4.2.3-1.1mdk.i586.rpm 18ebac6f378d0f58e22bf9699af2f430 9.0/RPMS/php-pear-4.2.3-1.1mdk.i586.rpm f0000512d2fa612c6a190bd25d22558d 9.0/SRPMS/php-4.2.3-1.1mdk.src.rpm
| References |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1396
| Upgrade |
To upgrade automatically, use MandrivaUpdate.
| Verification |
Please verify the update prior to upgrading to ensure the integrity of the downloaded package. You can do this with the command :
rpm --checksig package.rpm
You can get the GPG public key of the Mandriva Security Team to verify the GPG signature of each RPM.
If you use MandrivaUpdate, the verification of md5 checksum and GPG signature is performed automatically for you.