Bulletin d'alerte Debian

DSA-1282-1 php4 -- Plusieurs vulnérabilités

Date du rapport:

26 avril 2007

Paquets concernés:

Vulnérabilité:

Oui

Références dans la base de données de sécurité:

Dans le dictionnaire CVE du Mitre : CVE-2007-1286, CVE-2007-1380, CVE-2007-1521, CVE-2007-1711, CVE-2007-1718, CVE-2007-1777.

Pour plus d'information:

Plusieurs vulnérabilités à distance ont été découvertes dans PHP, un langage de scripts embarqué dans le HTML côté serveur, cela peut entraîner l'exécution de code arbitraire. Le projet des expositions et vulnérabilités communes (CVE) identifie les problèmes suivants :

CVE-2007-1286 Stefan Esser a découvert un débordement dans le code de gestion des références des objets de la fonction unserialize(), cela permet l'exécution de code arbitraire si une entrée mal formée est passée à partir d'une application.

CVE-2007-1380 Stefan Esser a découvert que le gestionnaire de sessions ne réalisait pas de validation suffisante des longueurs des noms de variables, cela permet la divulgation d'informations via la fuite d'informations sur des blocs de mémoire.

CVE-2007-1521 Stefan Esser a découvert une vulnérabilité par double libération de zone de mémoire dans la fonction session_regenerate_id(), cela permet l'exécution de code arbitraire.

CVE-2007-1711 Stefan Esser a découvert une vulnérabilité par double libération de zone de mémoire dans le code de gestion des sessions, cela permet l'exécution de code arbitraire.

CVE-2007-1718 Stefan Esser a découvert que la fonction mail() ne réalisait pas de validation suffisante des en-têtes de courriels imbriqués, cela permet l'injection d'en-têtes de courriel.

CVE-2007-1777 Stefan Esser a découvert que l'extension gérant les archives ZIP ne réalisait pas de vérifications de longueur suffisantes, cela permet l'exécution de code arbitraire.

Pour l'ancienne distribution stable (Sarge), ces problèmes ont été corrigés dans la version 4.3.10-20.

Pour la distribution stable (Etch), ces problèmes ont été corrigés dans la version 4.4.4-8+etch2.

Pour la distribution instable (Sid), ces problèmes seront corrigés dans la version 4.4.6-1. Php4 sera retiré de Sid ; vous êtes donc fortement incités à migrer vers php5 si vous préférez suivre la distribution instable.

Nous vous recommandons de mettre à jour vos paquets PHP. Les paquets pour les architectures arm, m68k, mips et mipsel ne sont pas encore disponibles. Ils seront fournis plus tard.

Corrigé dans:

Debian GNU/Linux 3.1 (sarge)

Source :: http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10-20.dsc; http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10-20.diff.gz; http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10.orig.tar.gz
Composant indépendant de l'architecture :: http://security.debian.org/pool/updates/main/p/php4/php4-pear_4.3.10-20_all.deb; http://security.debian.org/pool/updates/main/p/php4/php4_4.3.10-20_all.deb
Alpha:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_amd64.deb
HPPA:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_ia64.deb
PowerPC:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.3.10-20_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.3.10-20_sparc.deb

Debian GNU/Linux 4.0 (etch)

Source :: http://security.debian.org/pool/updates/main/p/php4/php4_4.4.4-8+etch2.dsc; http://security.debian.org/pool/updates/main/p/php4/php4_4.4.4-8+etch2.diff.gz; http://security.debian.org/pool/updates/main/p/php4/php4_4.4.4.orig.tar.gz
Composant indépendant de l'architecture :: http://security.debian.org/pool/updates/main/p/php4/php4-pear_4.4.4-8+etch2_all.deb; http://security.debian.org/pool/updates/main/p/php4/php4_4.4.4-8+etch2_all.deb
Alpha:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_alpha.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_alpha.deb
AMD64:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-interbase_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_amd64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_amd64.deb
HPPA:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_hppa.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_hppa.deb
Intel IA-32:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-interbase_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_i386.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_i386.deb
Intel IA-64:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_ia64.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_ia64.deb
PowerPC:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_powerpc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_powerpc.deb
IBM S/390:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_s390.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_s390.deb
Sun Sparc:: http://security.debian.org/pool/updates/main/p/php4/libapache-mod-php4_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/libapache2-mod-php4_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cgi_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-cli_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-common_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-curl_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-dev_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-domxml_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-gd_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-imap_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-ldap_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcal_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mcrypt_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mhash_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-mysql_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-odbc_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pgsql_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-pspell_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-recode_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-snmp_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-sybase_4.4.4-8+etch2_sparc.deb; http://security.debian.org/pool/updates/main/p/php4/php4-xslt_4.4.4-8+etch2_sparc.deb

Les hachés MD5 des fichiers indiqués sont disponibles sur la page originale de l'alerte de sécurité.