[sflack-security] php (SFSA:2007-127-01)

[sflack-security]  php (SFSA:2007-127-01)

New php packages are available for Sflack 11.0, and -current
to improve the stability and security of PHP. Quite a few bugs were
fixed -- please see http://www.php.net for a detailed list.
All sites that use PHP are encouraged to upgrade. Please note that
we haven't tested all PHP applications for backwards compatibility
with this new upgrade, so you should have the old package on hand
just in case.



Here are the details from the Sflack 11.0 ChangeLog:
+--------------------------+
patches/packages/php-5.2.2-x86_64-1_sflack11.0.tgz:
Upgraded to php-5.2.2.
This fixes bugs and improves security.
For more details, see:
http://www.php.net/releases/5_2_2.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1001
(* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

See the "Get Sflack" section on http://sflack.com for
additional mirror sites near you.

Updated packages for Sflack 11.0:
ftp://ftp.sflack.com/pub/sflack/sflack-11.0/patches/packages/php-5.2.2-x86_64-1_sflack11.0.tgz

Updated packages for Sflack -current:
ftp://ftp.sflack.com/pub/sflack/sflack-current/slackware/n/php-5.2.2-x86_64-1.tgz


MD5 signatures:
+-------------+

Sflack 11.0 packages:
f6b7f27ebc1e7ad95298b860b3ae6ab6 php-5.2.2-x86_64-1_sflack11.0.tgz

Sflack -current packages:
471ab8dab1ea61f727586051d574e13d php-5.2.2-x86_64-1.tgz


Installation instructions:
+------------------------+

First, stop apache:
# apachectl stop

Next, upgrade to the new PHP package:
# upgradepkg php-5.2.2-x86_64-1_sflack11.0.tgz

Finally, restart apache:
# apachectl start (or: apachectl startssl)


+-----+

Sflack Linux Security Team
http://sflack.com/gpg-key
security at sflack.com