PHP5.3.10がリリースされました

先日5.3.9がでたばかりのPHPですが、5.3.10がリリースされました
理由はセキュリティ的な問題のようです

The PHP development team would like to announce the immediate availability of PHP 5.3.10. This release delivers a critical security fix.

Security Fixes in PHP 5.3.10:

Fixed arbitrary remote code execution vulnerability reported by Stefan Esser, CVE-2012-0830.
All users are strongly encouraged to upgrade to PHP 5.3.10.

PHP: News Archive – 2012

PHP開発チームはPHP5.3.10の当面の空室状況を発表したいと思います。このリリースでは、重要なセキュリティフィックスを提供します。

PHP5.3.10のセキュリティに関する修正:

固定の任意のリモートコードが実行される脆弱性がStefan Esser氏、CVE-2012から0830によって報告された。
すべてのユーザーが強くPHP5.3.10にアップグレードすることをお勧めします。

via google翻訳


というわけでremiで入れていますのでyumでupdate
いつもついでにmysqlも最新にするのであわせてアップデートします

~~~
$ yum update –enablerepo=epel,remi php* mysql*
Loaded plugins: fastestmirror
Determining fastest mirrors
* base: ftp.nara.wide.ad.jp
* epel: ftp.kddilabs.jp
* extras: ftp.nara.wide.ad.jp
* remi: rpms.famillecollet.com
* updates: ftp.nara.wide.ad.jp
base | 1.1 kB 00:00
epel | 3.7 kB 00:00
extras | 2.1 kB 00:00
extras/primary_db | 179 kB 00:00
remi | 2.5 kB 00:00
remi/primary_db | 267 kB 00:01
updates | 1.9 kB 00:00
updates/primary_db | 614 kB 00:00
Setting up Update Process
Resolving Dependencies
–> Running transaction check
—> Package mysql.x86_64 0:5.5.20-1.el5.remi set to be updated
—> Package mysql-libs.x86_64 0:5.5.20-1.el5.remi set to be updated
—> Package mysql-server.x86_64 0:5.5.20-1.el5.remi set to be updated
—> Package php.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-cli.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-common.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-devel.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-gd.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-mbstring.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-mysql.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-pdo.x86_64 0:5.3.10-2.el5.remi set to be updated
—> Package php-xml.x86_64 0:5.3.10-2.el5.remi set to be updated
–> Finished Dependency Resolution

Dependencies Resolved

=============================================================================================================================================
Package Arch Version Repository Size
=============================================================================================================================================
Updating:
mysql x86_64 5.5.20-1.el5.remi remi 7.4 M
mysql-libs x86_64 5.5.20-1.el5.remi remi 1.1 M
mysql-server x86_64 5.5.20-1.el5.remi remi 13 M
php x86_64 5.3.10-2.el5.remi remi 2.8 M
php-cli x86_64 5.3.10-2.el5.remi remi 2.6 M
php-common x86_64 5.3.10-2.el5.remi remi 997 k
php-devel x86_64 5.3.10-2.el5.remi remi 2.6 M
php-gd x86_64 5.3.10-2.el5.remi remi 210 k
php-mbstring x86_64 5.3.10-2.el5.remi remi 2.3 M
php-mysql x86_64 5.3.10-2.el5.remi remi 173 k
php-pdo x86_64 5.3.10-2.el5.remi remi 119 k
php-xml x86_64 5.3.10-2.el5.remi remi 226 k

Transaction Summary
=============================================================================================================================================
Install 0 Package(s)
Upgrade 12 Package(s)

Total download size: 33 M
Is this ok [y/N]: y
Downloading Packages:
(1/12): php-pdo-5.3.10-2.el5.remi.x86_64.rpm | 119 kB 00:01
(2/12): php-mysql-5.3.10-2.el5.remi.x86_64.rpm | 173 kB 00:01
(3/12): php-gd-5.3.10-2.el5.remi.x86_64.rpm | 210 kB 00:01
(4/12): php-xml-5.3.10-2.el5.remi.x86_64.rpm | 226 kB 00:01
(5/12): php-common-5.3.10-2.el5.remi.x86_64.rpm | 997 kB 00:02
(6/12): mysql-libs-5.5.20-1.el5.remi.x86_64.rpm | 1.1 MB 00:03
(7/12): php-mbstring-5.3.10-2.el5.remi.x86_64.rpm | 2.3 MB 00:03
(8/12): php-devel-5.3.10-2.el5.remi.x86_64.rpm | 2.6 MB 00:03
(9/12): php-cli-5.3.10-2.el5.remi.x86_64.rpm | 2.6 MB 00:03
(10/12): php-5.3.10-2.el5.remi.x86_64.rpm | 2.8 MB 00:03
(11/12): mysql-5.5.20-1.el5.remi.x86_64.rpm | 7.4 MB 00:05
(12/12): mysql-server-5.5.20-1.el5.remi.x86_64.rpm | 13 MB 00:08
———————————————————————————————————————————————
Total 714 kB/s | 33 MB 00:47
Running rpm_check_debug
Running Transaction Test
Finished Transaction Test
Transaction Test Succeeded
Running Transaction

WARNING : These php-* RPM are not official Fedora/Redhat build and
overrides the official ones. Don’t file bugs on Fedora Project nor Redhat.

Use dedicated forums http://forums.famillecollet.com/

Updating : php-common 1/24
warning: /etc/php.ini created as /etc/php.ini.rpmnew

WARNING : This MySQL RPM is not an official Fedora/Redhat build and it
overrides the official one. Don’t file bugs on Fedora Project nor Redhat.
Use dedicated forums http://forums.famillecollet.com/

Updating : mysql-libs 2/24
Updating : php-cli 3/24
Updating : php 4/24
Updating : mysql 5/24
Updating : php-pdo 6/24
Updating : mysql-server 7/24
Updating : php-devel 8/24
Updating : php-mbstring 9/24
Updating : php-gd 10/24
Updating : php-xml 11/24
Updating : php-mysql 12/24
Cleanup : mysql 13/24
Cleanup : mysql-server 14/24
Cleanup : php-cli 15/24
Cleanup : php-devel 16/24
Cleanup : php 17/24
Cleanup : php-mbstring 18/24
Cleanup : php-pdo 19/24
Cleanup : php-gd 20/24
Cleanup : mysql-libs 21/24
Cleanup : php-common 22/24
Cleanup : php-xml 23/24
Cleanup : php-mysql 24/24

Updated:
mysql.x86_64 0:5.5.20-1.el5.remi mysql-libs.x86_64 0:5.5.20-1.el5.remi mysql-server.x86_64 0:5.5.20-1.el5.remi
php.x86_64 0:5.3.10-2.el5.remi php-cli.x86_64 0:5.3.10-2.el5.remi php-common.x86_64 0:5.3.10-2.el5.remi
php-devel.x86_64 0:5.3.10-2.el5.remi php-gd.x86_64 0:5.3.10-2.el5.remi php-mbstring.x86_64 0:5.3.10-2.el5.remi
php-mysql.x86_64 0:5.3.10-2.el5.remi php-pdo.x86_64 0:5.3.10-2.el5.remi php-xml.x86_64 0:5.3.10-2.el5.remi

Complete!
~~~

すべてのPHPユーザーはちゃんとアップデートしましょう!

コメント

タイトルとURLをコピーしました