-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

---------------------------------------------------------
                   Red Hat Security Advisory

Synopsis:          Updated PHP packages are now available
Advisory ID:       RHSA-2003:204-01
Issue date:        2003-07-02
Updated on:        2003-07-02
Product:           Red Hat Linux
Keywords:          PHP Cross-Site-Scripting use_trans_sid session
Cross references:  
Obsoletes:         RHSA-2003:017
CVE Names:         CAN-2003-0442
-----------------------------------------------------

1. Topic:

Updated PHP packages for Red Hat Linux 8.0 and 9 are available that fix a
number of bugs, as well as a minor security problem in the transparent
session ID functionality.

2. Relevant releases/architectures:

Red Hat Linux 8.0 - i386
Red Hat Linux 9 - i386

3. Problem description:

PHP is an HTML-embedded scripting language commonly used with the Apache
HTTP server.

This update contains fixes for a number of bugs discovered in the version
of PHP included in Red Hat Linux 8.0 and 9.  These bugs include the use of 
a PHP script as an ErrorDocument and possible POST body corruption in some
configurations.

Also included is a fix for a minor security problem. In PHP version 4.3.1
and earlier, when transparent session ID support is enabled using the
"session.use_trans_sid" option, the session ID is not escaped before use. 
This allows a Cross Site Scripting attack.  The Common Vulnerabilities and
Exposures project (cve.mitre.org) has assigned the name CAN-2003-0442 to
this issue.

All users of PHP are advised to upgrade to these erratum packages, which
contain back-ported patches to correct these issues.

• Read full article
• Read full article in new window
• See other articles published by Help Net Security
• Today's headlines
• Headlines for Jul 03, 2003