Описание
ELSA-2014-1013: php security update (MODERATE)
[5.4.16-23]
- fileinfo: cdf_unpack_summary_info() excessive looping DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238
- fileinfo: cdf_check_stream_offset insufficient boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check CVE-2014-3480
- fileinfo: cdf_read_short_sector insufficient boundary check. CVE-2014-0207
- fileinfo: cdf_read_property_info insufficient boundary check. CVE-2014-3487
- fileinfo: fix extensive backtracking CVE-2013-7345
- core: type confusion issue in phpinfo(). CVE-2014-4721
- core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw. CVE-2014-3515
Обновленные пакеты
Oracle Linux 7
Oracle Linux x86_64
php
5.4.16-23.el7_0
php-bcmath
5.4.16-23.el7_0
php-cli
5.4.16-23.el7_0
php-common
5.4.16-23.el7_0
php-dba
5.4.16-23.el7_0
php-devel
5.4.16-23.el7_0
php-embedded
5.4.16-23.el7_0
php-enchant
5.4.16-23.el7_0
php-fpm
5.4.16-23.el7_0
php-gd
5.4.16-23.el7_0
php-intl
5.4.16-23.el7_0
php-ldap
5.4.16-23.el7_0
php-mbstring
5.4.16-23.el7_0
php-mysql
5.4.16-23.el7_0
php-mysqlnd
5.4.16-23.el7_0
php-odbc
5.4.16-23.el7_0
php-pdo
5.4.16-23.el7_0
php-pgsql
5.4.16-23.el7_0
php-process
5.4.16-23.el7_0
php-pspell
5.4.16-23.el7_0
php-recode
5.4.16-23.el7_0
php-snmp
5.4.16-23.el7_0
php-soap
5.4.16-23.el7_0
php-xml
5.4.16-23.el7_0
php-xmlrpc
5.4.16-23.el7_0
