Описание
ELSA-2013-1813: php53 and php security update (CRITICAL)
[5.3.3-27]
- add security fix for CVE-2013-6420
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
php
5.3.3-27.el6_5
php-bcmath
5.3.3-27.el6_5
php-cli
5.3.3-27.el6_5
php-common
5.3.3-27.el6_5
php-dba
5.3.3-27.el6_5
php-devel
5.3.3-27.el6_5
php-embedded
5.3.3-27.el6_5
php-enchant
5.3.3-27.el6_5
php-fpm
5.3.3-27.el6_5
php-gd
5.3.3-27.el6_5
php-imap
5.3.3-27.el6_5
php-intl
5.3.3-27.el6_5
php-ldap
5.3.3-27.el6_5
php-mbstring
5.3.3-27.el6_5
php-mysql
5.3.3-27.el6_5
php-odbc
5.3.3-27.el6_5
php-pdo
5.3.3-27.el6_5
php-pgsql
5.3.3-27.el6_5
php-process
5.3.3-27.el6_5
php-pspell
5.3.3-27.el6_5
php-recode
5.3.3-27.el6_5
php-snmp
5.3.3-27.el6_5
php-soap
5.3.3-27.el6_5
php-tidy
5.3.3-27.el6_5
php-xml
5.3.3-27.el6_5
php-xmlrpc
5.3.3-27.el6_5
php-zts
5.3.3-27.el6_5
Oracle Linux i686
php
5.3.3-27.el6_5
php-bcmath
5.3.3-27.el6_5
php-cli
5.3.3-27.el6_5
php-common
5.3.3-27.el6_5
php-dba
5.3.3-27.el6_5
php-devel
5.3.3-27.el6_5
php-embedded
5.3.3-27.el6_5
php-enchant
5.3.3-27.el6_5
php-fpm
5.3.3-27.el6_5
php-gd
5.3.3-27.el6_5
php-imap
5.3.3-27.el6_5
php-intl
5.3.3-27.el6_5
php-ldap
5.3.3-27.el6_5
php-mbstring
5.3.3-27.el6_5
php-mysql
5.3.3-27.el6_5
php-odbc
5.3.3-27.el6_5
php-pdo
5.3.3-27.el6_5
php-pgsql
5.3.3-27.el6_5
php-process
5.3.3-27.el6_5
php-pspell
5.3.3-27.el6_5
php-recode
5.3.3-27.el6_5
php-snmp
5.3.3-27.el6_5
php-soap
5.3.3-27.el6_5
php-tidy
5.3.3-27.el6_5
php-xml
5.3.3-27.el6_5
php-xmlrpc
5.3.3-27.el6_5
php-zts
5.3.3-27.el6_5
Oracle Linux 5
Oracle Linux ia64
php53
5.3.3-22.el5_10
php53-bcmath
5.3.3-22.el5_10
php53-cli
5.3.3-22.el5_10
php53-common
5.3.3-22.el5_10
php53-dba
5.3.3-22.el5_10
php53-devel
5.3.3-22.el5_10
php53-gd
5.3.3-22.el5_10
php53-imap
5.3.3-22.el5_10
php53-intl
5.3.3-22.el5_10
php53-ldap
5.3.3-22.el5_10
php53-mbstring
5.3.3-22.el5_10
php53-mysql
5.3.3-22.el5_10
php53-odbc
5.3.3-22.el5_10
php53-pdo
5.3.3-22.el5_10
php53-pgsql
5.3.3-22.el5_10
php53-process
5.3.3-22.el5_10
php53-pspell
5.3.3-22.el5_10
php53-snmp
5.3.3-22.el5_10
php53-soap
5.3.3-22.el5_10
php53-xml
5.3.3-22.el5_10
php53-xmlrpc
5.3.3-22.el5_10
Oracle Linux x86_64
php53
5.3.3-22.el5_10
php53-bcmath
5.3.3-22.el5_10
php53-cli
5.3.3-22.el5_10
php53-common
5.3.3-22.el5_10
php53-dba
5.3.3-22.el5_10
php53-devel
5.3.3-22.el5_10
php53-gd
5.3.3-22.el5_10
php53-imap
5.3.3-22.el5_10
php53-intl
5.3.3-22.el5_10
php53-ldap
5.3.3-22.el5_10
php53-mbstring
5.3.3-22.el5_10
php53-mysql
5.3.3-22.el5_10
php53-odbc
5.3.3-22.el5_10
php53-pdo
5.3.3-22.el5_10
php53-pgsql
5.3.3-22.el5_10
php53-process
5.3.3-22.el5_10
php53-pspell
5.3.3-22.el5_10
php53-snmp
5.3.3-22.el5_10
php53-soap
5.3.3-22.el5_10
php53-xml
5.3.3-22.el5_10
php53-xmlrpc
5.3.3-22.el5_10
Oracle Linux i386
php53
5.3.3-22.el5_10
php53-bcmath
5.3.3-22.el5_10
php53-cli
5.3.3-22.el5_10
php53-common
5.3.3-22.el5_10
php53-dba
5.3.3-22.el5_10
php53-devel
5.3.3-22.el5_10
php53-gd
5.3.3-22.el5_10
php53-imap
5.3.3-22.el5_10
php53-intl
5.3.3-22.el5_10
php53-ldap
5.3.3-22.el5_10
php53-mbstring
5.3.3-22.el5_10
php53-mysql
5.3.3-22.el5_10
php53-odbc
5.3.3-22.el5_10
php53-pdo
5.3.3-22.el5_10
php53-pgsql
5.3.3-22.el5_10
php53-process
5.3.3-22.el5_10
php53-pspell
5.3.3-22.el5_10
php53-snmp
5.3.3-22.el5_10
php53-soap
5.3.3-22.el5_10
php53-xml
5.3.3-22.el5_10
php53-xmlrpc
5.3.3-22.el5_10
Связанные CVE
Связанные уязвимости
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP befor ...
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function.