Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2014-1326

Опубликовано: 30 сент. 2014
Источник: oracle-oval
Платформа: Oracle Linux 6
Платформа: Oracle Linux 5

Описание

ELSA-2014-1326: php53 and php security update (MODERATE)

[5.3.3-27.2]

  • spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698
  • spl: fix use-after-free in SPL Iterators. CVE-2014-4670
  • gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497
  • fileinfo: fix incomplete fix for CVE-2012-1571 in cdf_read_property_info. CVE-2014-3587
  • core: fix incomplete fix for CVE-2014-4049 DNS TXT record parsing. CVE-2014-3597

Обновленные пакеты

Oracle Linux 6

Oracle Linux x86_64

php

5.3.3-27.el6_5.2

php-bcmath

5.3.3-27.el6_5.2

php-cli

5.3.3-27.el6_5.2

php-common

5.3.3-27.el6_5.2

php-dba

5.3.3-27.el6_5.2

php-devel

5.3.3-27.el6_5.2

php-embedded

5.3.3-27.el6_5.2

php-enchant

5.3.3-27.el6_5.2

php-fpm

5.3.3-27.el6_5.2

php-gd

5.3.3-27.el6_5.2

php-imap

5.3.3-27.el6_5.2

php-intl

5.3.3-27.el6_5.2

php-ldap

5.3.3-27.el6_5.2

php-mbstring

5.3.3-27.el6_5.2

php-mysql

5.3.3-27.el6_5.2

php-odbc

5.3.3-27.el6_5.2

php-pdo

5.3.3-27.el6_5.2

php-pgsql

5.3.3-27.el6_5.2

php-process

5.3.3-27.el6_5.2

php-pspell

5.3.3-27.el6_5.2

php-recode

5.3.3-27.el6_5.2

php-snmp

5.3.3-27.el6_5.2

php-soap

5.3.3-27.el6_5.2

php-tidy

5.3.3-27.el6_5.2

php-xml

5.3.3-27.el6_5.2

php-xmlrpc

5.3.3-27.el6_5.2

php-zts

5.3.3-27.el6_5.2

Oracle Linux i686

php

5.3.3-27.el6_5.2

php-bcmath

5.3.3-27.el6_5.2

php-cli

5.3.3-27.el6_5.2

php-common

5.3.3-27.el6_5.2

php-dba

5.3.3-27.el6_5.2

php-devel

5.3.3-27.el6_5.2

php-embedded

5.3.3-27.el6_5.2

php-enchant

5.3.3-27.el6_5.2

php-fpm

5.3.3-27.el6_5.2

php-gd

5.3.3-27.el6_5.2

php-imap

5.3.3-27.el6_5.2

php-intl

5.3.3-27.el6_5.2

php-ldap

5.3.3-27.el6_5.2

php-mbstring

5.3.3-27.el6_5.2

php-mysql

5.3.3-27.el6_5.2

php-odbc

5.3.3-27.el6_5.2

php-pdo

5.3.3-27.el6_5.2

php-pgsql

5.3.3-27.el6_5.2

php-process

5.3.3-27.el6_5.2

php-pspell

5.3.3-27.el6_5.2

php-recode

5.3.3-27.el6_5.2

php-snmp

5.3.3-27.el6_5.2

php-soap

5.3.3-27.el6_5.2

php-tidy

5.3.3-27.el6_5.2

php-xml

5.3.3-27.el6_5.2

php-xmlrpc

5.3.3-27.el6_5.2

php-zts

5.3.3-27.el6_5.2

Oracle Linux 5

Oracle Linux ia64

php53

5.3.3-24.el5

php53-bcmath

5.3.3-24.el5

php53-cli

5.3.3-24.el5

php53-common

5.3.3-24.el5

php53-dba

5.3.3-24.el5

php53-devel

5.3.3-24.el5

php53-gd

5.3.3-24.el5

php53-imap

5.3.3-24.el5

php53-intl

5.3.3-24.el5

php53-ldap

5.3.3-24.el5

php53-mbstring

5.3.3-24.el5

php53-mysql

5.3.3-24.el5

php53-odbc

5.3.3-24.el5

php53-pdo

5.3.3-24.el5

php53-pgsql

5.3.3-24.el5

php53-process

5.3.3-24.el5

php53-pspell

5.3.3-24.el5

php53-snmp

5.3.3-24.el5

php53-soap

5.3.3-24.el5

php53-xml

5.3.3-24.el5

php53-xmlrpc

5.3.3-24.el5

Oracle Linux x86_64

php53

5.3.3-24.el5

php53-bcmath

5.3.3-24.el5

php53-cli

5.3.3-24.el5

php53-common

5.3.3-24.el5

php53-dba

5.3.3-24.el5

php53-devel

5.3.3-24.el5

php53-gd

5.3.3-24.el5

php53-imap

5.3.3-24.el5

php53-intl

5.3.3-24.el5

php53-ldap

5.3.3-24.el5

php53-mbstring

5.3.3-24.el5

php53-mysql

5.3.3-24.el5

php53-odbc

5.3.3-24.el5

php53-pdo

5.3.3-24.el5

php53-pgsql

5.3.3-24.el5

php53-process

5.3.3-24.el5

php53-pspell

5.3.3-24.el5

php53-snmp

5.3.3-24.el5

php53-soap

5.3.3-24.el5

php53-xml

5.3.3-24.el5

php53-xmlrpc

5.3.3-24.el5

Oracle Linux i386

php53

5.3.3-24.el5

php53-bcmath

5.3.3-24.el5

php53-cli

5.3.3-24.el5

php53-common

5.3.3-24.el5

php53-dba

5.3.3-24.el5

php53-devel

5.3.3-24.el5

php53-gd

5.3.3-24.el5

php53-imap

5.3.3-24.el5

php53-intl

5.3.3-24.el5

php53-ldap

5.3.3-24.el5

php53-mbstring

5.3.3-24.el5

php53-mysql

5.3.3-24.el5

php53-odbc

5.3.3-24.el5

php53-pdo

5.3.3-24.el5

php53-pgsql

5.3.3-24.el5

php53-process

5.3.3-24.el5

php53-pspell

5.3.3-24.el5

php53-snmp

5.3.3-24.el5

php53-soap

5.3.3-24.el5

php53-xml

5.3.3-24.el5

php53-xmlrpc

5.3.3-24.el5

Связанные CVE

CVE-2014-4698
CVE-2014-2497
CVE-2014-3587
CVE-2014-3597
CVE-2014-4670

Ссылки на источники

Связанные уязвимости

oracle-oval логотип

ELSA-2014-1327

oracle-oval
больше 10 лет назад

ELSA-2014-1327: php security update (MODERATE)

ubuntu логотип

CVE-2014-4698

ubuntu
почти 11 лет назад

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

redhat логотип

CVE-2014-4698

redhat
почти 11 лет назад

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

nvd логотип

CVE-2014-4698

nvd
почти 11 лет назад

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL component in PHP through 5.5.14 allows context-dependent attackers to cause a denial of service or possibly have unspecified other impact via crafted ArrayIterator usage within applications in certain web-hosting environments.

debian логотип

CVE-2014-4698

debian
почти 11 лет назад

Use-after-free vulnerability in ext/spl/spl_array.c in the SPL compone ...

Уязвимость ELSA-2014-1326