Описание
ELSA-2013-1307: php53 security, bug fix and enhancement update (MODERATE)
[5.3.3-21]
- add security fix for CVE-2013-4248
[5.3.3-20]
- add security fix for CVE-2013-4113
[5.3.3-19]
- add upstream reproducer for error_handler (#951075)
[5.3.3-18]
- add security fixes for CVE-2006-7243
[5.3.3-17]
- reorder security patches
- add security fixes for CVE-2012-2688, CVE-2012-0831, CVE-2011-1398, CVE-2013-1643
[5.3.3-15]
- fix segfault in error_handler with allow_call_time_pass_reference = Off (#951075)
- fix double free when destroy_zend_class fails (#951076)
[5.3.3-14]
- fix possible buffer overflow in pdo_odbc (#869694)
- rename php-5.3.3-extrglob.patch and reorder
- php script hangs when it exceeds max_execution_time when inside an ODBC call (#864954)
- fix zend garbage collector (#892695)
- fix transposed memset arguments in libzip (#953818)
- fix possible segfault in pdo_mysql (#869693)
- fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859369)
- fix stream support in fileinfo (#869697)
- fix setDate when DateTime created from timestamp (#869691)
- fix permission on source files (#869688)
- add php(language) and missing provides (#837044)
- fix copy doesn't report failure on partial copy (#951413)
Обновленные пакеты
Oracle Linux 5
Oracle Linux ia64
php53
5.3.3-21.el5
php53-bcmath
5.3.3-21.el5
php53-cli
5.3.3-21.el5
php53-common
5.3.3-21.el5
php53-dba
5.3.3-21.el5
php53-devel
5.3.3-21.el5
php53-gd
5.3.3-21.el5
php53-imap
5.3.3-21.el5
php53-intl
5.3.3-21.el5
php53-ldap
5.3.3-21.el5
php53-mbstring
5.3.3-21.el5
php53-mysql
5.3.3-21.el5
php53-odbc
5.3.3-21.el5
php53-pdo
5.3.3-21.el5
php53-pgsql
5.3.3-21.el5
php53-process
5.3.3-21.el5
php53-pspell
5.3.3-21.el5
php53-snmp
5.3.3-21.el5
php53-soap
5.3.3-21.el5
php53-xml
5.3.3-21.el5
php53-xmlrpc
5.3.3-21.el5
Oracle Linux x86_64
php53
5.3.3-21.el5
php53-bcmath
5.3.3-21.el5
php53-cli
5.3.3-21.el5
php53-common
5.3.3-21.el5
php53-dba
5.3.3-21.el5
php53-devel
5.3.3-21.el5
php53-gd
5.3.3-21.el5
php53-imap
5.3.3-21.el5
php53-intl
5.3.3-21.el5
php53-ldap
5.3.3-21.el5
php53-mbstring
5.3.3-21.el5
php53-mysql
5.3.3-21.el5
php53-odbc
5.3.3-21.el5
php53-pdo
5.3.3-21.el5
php53-pgsql
5.3.3-21.el5
php53-process
5.3.3-21.el5
php53-pspell
5.3.3-21.el5
php53-snmp
5.3.3-21.el5
php53-soap
5.3.3-21.el5
php53-xml
5.3.3-21.el5
php53-xmlrpc
5.3.3-21.el5
Oracle Linux i386
php53
5.3.3-21.el5
php53-bcmath
5.3.3-21.el5
php53-cli
5.3.3-21.el5
php53-common
5.3.3-21.el5
php53-dba
5.3.3-21.el5
php53-devel
5.3.3-21.el5
php53-gd
5.3.3-21.el5
php53-imap
5.3.3-21.el5
php53-intl
5.3.3-21.el5
php53-ldap
5.3.3-21.el5
php53-mbstring
5.3.3-21.el5
php53-mysql
5.3.3-21.el5
php53-odbc
5.3.3-21.el5
php53-pdo
5.3.3-21.el5
php53-pgsql
5.3.3-21.el5
php53-process
5.3.3-21.el5
php53-pspell
5.3.3-21.el5
php53-snmp
5.3.3-21.el5
php53-soap
5.3.3-21.el5
php53-xml
5.3.3-21.el5
php53-xmlrpc
5.3.3-21.el5
Ссылки на источники
Связанные уязвимости
ELSA-2013-0514: php security, bug fix and enhancement update (MODERATE)
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
PHP before 5.3.10 does not properly perform a temporary change to the magic_quotes_gpc directive during the importing of environment variables, which makes it easier for remote attackers to conduct SQL injection attacks via a crafted request, related to main/php_variables.c, sapi/cgi/cgi_main.c, and sapi/fpm/fpm/fpm_main.c.
PHP before 5.3.10 does not properly perform a temporary change to the ...