Description: | Description:
The remote host is missing an update to php announced via advisory FEDORA-2005-518.
This update includes the PEAR XML_RPC 1.3.1 package, which fixes a security issue in the XML_RPC server implementation. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1921 to this issue.
The bundled version of shtool is also updated, to fix some temporary file handling races. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CVE-2005-1751 to this issue.
Bug fixes for the dom, ldap, and gd extensions are also included in this update.
* Mon Jul 4 2005 Joe Orton 5.0.4-10.3
- pear: update to XML_RPC 1.3.1 (CVE-2005-1921, #162045) - update bundled shtool to 2.0.2 (CVE-2005-1751, #158998)
* Tue Jun 21 2005 Joe Orton 5.0.4-10.2
- fix imports from dom module (Rob Richards, #161447) - fix detection and support for ldap_start_tls (#160527) - fix imagettftext et al (upstream, #161001) - mark php.ini and php.conf as noreplace again for updates
Solution: Apply the appropriate updates. This update can be downloaded from: http://download.fedora.redhat.com/pub/fedora/linux/core/updates/4/
This update can also be installed with the Update Agent you can launch the Update Agent with the 'up2date' command.
http://www.securityspace.com/smysecure/catid.html?in=FEDORA-2005-518
Risk factor : High
CVSS Score: 7.5
|