The Open SUSE group has released an update for a list of their software to bring their PHP4 and PHP5 packages up to date.

php5 was updated to version 5.2.5 to fix several security vulnerabilities. For php4 on SLES9 the patches were backported.

You can find out more about the issues corrected as well as links to the packages that have been updated in the advisory message.

As mentioned in this new security advisory from Avaya, there's a risk that the PHP version included with their Messaging systems could provide a hole for a would-be attacker to gain access.

Issues have been reported in the following:

• integer overflow vulnerabilities in the PHP gd extension
• integer overflow vulnerability in the PHP chunk_split function
• a security update has introduced a bug into PHP session cookie handling
• vulnerability in the PHP money_format function
• vulnerability in the PHP wordwrap function
• vulnerability in PHP session cookie handling
• vulnerability in the PHP gc extension

The advisory contains links to more information from RedHat on these issues and includes a list of systems effected as well as recommended actions to take.

As mentioned in this new security advisory from Avaya, there's a risk that the PHP version included with their Messaging systems could provide a hole for a would-be attacker to gain access.

Issues have been reported in the following:

• integer overflow vulnerabilities in the PHP gd extension
• integer overflow vulnerability in the PHP chunk_split function
• a security update has introduced a bug into PHP session cookie handling
• vulnerability in the PHP money_format function
• vulnerability in the PHP wordwrap function
• vulnerability in PHP session cookie handling
• vulnerability in the PHP gc extension

The advisory contains links to more information from RedHat on these issues and includes a list of systems effected as well as recommended actions to take.

The Red Hat linux group has issued an update for their PHP packages today:

Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

You can get more information about this moderate level advisory from the Red Hat advisory including the affected products and the list of packages that should be updated to bring your installation up to date.

The Red Hat linux group has issued an update for their PHP packages today:

Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

You can get more information about this moderate level advisory from the Red Hat advisory including the affected products and the list of packages that should be updated to bring your installation up to date.

Via this Secunia advisory posted today, there's information about the update the Fedora Linux group has made to the PHP package included in their distribution. According to the release:

This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

The original advisory post has more details on what the update fixes as well as the link to download the RPM packages to update your system. You can either manually download them or use the "yum" system to handle things a bit more automatically.

Via this Secunia advisory posted today, there's information about the update the Fedora Linux group has made to the PHP package included in their distribution. According to the release:

This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

The original advisory post has more details on what the update fixes as well as the link to download the RPM packages to update your system. You can either manually download them or use the "yum" system to handle things a bit more automatically.

On the Secunia site today, there's a new advisory posted for users of Red Hat linux - an update to the system's PHP packages.

Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

The original advisory has more details on what the patch fixes and the checksum information for the update packages for all OSes.

On the Secunia site today, there's a new advisory posted for users of Red Hat linux - an update to the system's PHP packages.

Red Hat has issued an update for php. This fixes some vulnerabilities, which can be exploited by malicious, local users to bypass certain security restrictions and by malicious people to bypass certain security restrictions and cause a DoS (Denial of Service).

The original advisory has more details on what the patch fixes and the checksum information for the update packages for all OSes.

As mentioned in this advisory on the Secunia website (reposted from the original advisory) the Fedora Linux group has posted an update for their PHP package to bring it up to date with the recent PHP 5.2.4 release.

Fedora has issued an update for php. This fixes a weakness and some vulnerabilities, where some have unknown impacts and others can be exploited by malicious users and malicious, local users to bypass certain security restrictions.

You can find the complete list of packages that were updated in their advisory posting and a brief mention of the easiest way for you to update your distribution (yum).