=====================================================================
                                  CERT-Renater

                       Note d'Information No. 2005/VULN429
_____________________________________________________________________

DATE                      : 01/07/2005

HARDWARE PLATFORM(S)      : /

OPERATING SYSTEM(S)       : Systems running php-pear.

======================================================================

  _______________________________________________________________________

                 Mandriva Linux Security Update Advisory
  _______________________________________________________________________

  Package name:           php-pear
  Advisory ID:            MDKSA-2005:109
  Date:                   June 30th, 2005

  Affected versions:	 10.0, 10.1, 10.2, Corporate 3.0
  ______________________________________________________________________

  Problem Description:

  A vulnerability was discovered by GulfTech Security in the PHP XML RPC
  project.  This vulnerability is considered critical and can lead to
  remote code execution.  The vulnerability also exists in the PEAR
  XMLRPC implementation.

  Mandriva ships with the PEAR XMLRPC implementation and it has been
  patched to correct this problem.  It is advised that users examine the
  PHP applications they have installed on their servers for any
  applications that may come bundled with their own copies of the PEAR
  system and either patch RPC.php or use the system PEAR (found in
  /usr/share/pear).

  Updates have been released for some popular PHP applications such
  as WordPress and Serendipity and users are urged to take all
  precautions to protect their systems from attack and/or defacement by
  upgrading their applications from the authors of the respective
  applications.
  _______________________________________________________________________

  References:

   http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1921
   http://www.hardened-php.net/advisory-022005.php
  ______________________________________________________________________

  Updated Packages:

  Mandrakelinux 10.0:
  38955856a2689f10db9f9f5ca734392c  10.0/RPMS/php-pear-4.3.4-3.1.100mdk.noarch.rpm
  18695b853e1aba539da2c68a6d574a4b  10.0/SRPMS/php-pear-4.3.4-3.1.100mdk.src.rpm

  Mandrakelinux 10.0/AMD64:
  9de5b21dc478563f5277f9157b98c49f  amd64/10.0/RPMS/php-pear-4.3.4-3.1.100mdk.noarch.rpm
  18695b853e1aba539da2c68a6d574a4b  amd64/10.0/SRPMS/php-pear-4.3.4-3.1.100mdk.src.rpm

  Mandrakelinux 10.1:
  d48b2e73f6f1ec0366498014a484f328  10.1/RPMS/php-pear-4.3.8-1.1.101mdk.noarch.rpm
  20c91279fa70d68d9e51587980cd262d  10.1/SRPMS/php-pear-4.3.8-1.1.101mdk.src.rpm

  Mandrakelinux 10.1/X86_64:
  dba6b07d89653e4596220cf93a3fed73  x86_64/10.1/RPMS/php-pear-4.3.8-1.1.101mdk.noarch.rpm
  20c91279fa70d68d9e51587980cd262d  x86_64/10.1/SRPMS/php-pear-4.3.8-1.1.101mdk.src.rpm

  Mandrakelinux 10.2:
  4734a42ea347a8f3ad42f2ebbde56f22  10.2/RPMS/php-pear-4.3.10-3.1.102mdk.noarch.rpm
  b564c4dce014d6c3968ef0544effe318  10.2/SRPMS/php-pear-4.3.10-3.1.102mdk.src.rpm

  Mandrakelinux 10.2/X86_64:
  c3349adf16855ee536cbd01077f087e5  x86_64/10.2/RPMS/php-pear-4.3.10-3.1.102mdk.noarch.rpm
  b564c4dce014d6c3968ef0544effe318  x86_64/10.2/SRPMS/php-pear-4.3.10-3.1.102mdk.src.rpm

  Corporate 3.0:
  ac0ffe7efc09f7718461fa81a9ac5864  corporate/3.0/RPMS/php-pear-4.3.4-3.1.C30mdk.noarch.rpm
  1cf934b41b88c63614f4e4d623da479b  corporate/3.0/SRPMS/php-pear-4.3.4-3.1.C30mdk.src.rpm

  Corporate 3.0/X86_64:
  3b4eea612865d6aeb242299c390f2fe9  x86_64/corporate/3.0/RPMS/php-pear-4.3.4-3.1.C30mdk.noarch.rpm
  1cf934b41b88c63614f4e4d623da479b  x86_64/corporate/3.0/SRPMS/php-pear-4.3.4-3.1.C30mdk.src.rpm
  _______________________________________________________________________

  To upgrade automatically use MandrakeUpdate or urpmi.  The verification
  of md5 checksums and GPG signatures is performed automatically for you.

  All packages are signed by Mandriva for security.  You can obtain the
  GPG public key of the Mandriva Security Team by executing:

   gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

  You can view other update advisories for Mandriva Linux at:

   http://www.mandriva.com/security/advisories

  If you want to report vulnerabilities, please contact

   security_(at)_mandriva.com
  _______________________________________________________________________

  Type Bits/KeyID     Date       User ID
  pub  1024D/22458A98 2000-07-10 Mandriva Security Team
   <security*mandriva.com>

======================================================================

         =========================================================
         Les serveurs de référence du CERT-Renater
         http://www.urec.fr/securite
         http://www.cru.fr/securite
         http://www.renater.fr
         =========================================================
         + CERT-RENATER          | tel : 01-53-94-20-44          +
         + 151 bd de l'Hopital   | fax : 01-53-94-20-41          +
         + 75013 Paris           | email: certsvp@renater.fr     +
         =========================================================