Описание
Security update for php53
This update of PHP5 brings several security fixes.
Security fixes:
- CVE-2015-6831: A use after free vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295]
- CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]
- CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]
It also includes a bugfix for the odbc module:
- compare with SQL_NULL_DATA correctly [bnc#935074]
Список пакетов
SUSE Linux Enterprise Server 11 SP3
apache2-mod_php53-5.3.17-48.1
php53-5.3.17-48.1
php53-bcmath-5.3.17-48.1
php53-bz2-5.3.17-48.1
php53-calendar-5.3.17-48.1
php53-ctype-5.3.17-48.1
php53-curl-5.3.17-48.1
php53-dba-5.3.17-48.1
php53-dom-5.3.17-48.1
php53-exif-5.3.17-48.1
php53-fastcgi-5.3.17-48.1
php53-fileinfo-5.3.17-48.1
php53-ftp-5.3.17-48.1
php53-gd-5.3.17-48.1
php53-gettext-5.3.17-48.1
php53-gmp-5.3.17-48.1
php53-iconv-5.3.17-48.1
php53-intl-5.3.17-48.1
php53-json-5.3.17-48.1
php53-ldap-5.3.17-48.1
php53-mbstring-5.3.17-48.1
php53-mcrypt-5.3.17-48.1
php53-mysql-5.3.17-48.1
php53-odbc-5.3.17-48.1
php53-openssl-5.3.17-48.1
php53-pcntl-5.3.17-48.1
php53-pdo-5.3.17-48.1
php53-pear-5.3.17-48.1
php53-pgsql-5.3.17-48.1
php53-pspell-5.3.17-48.1
php53-shmop-5.3.17-48.1
php53-snmp-5.3.17-48.1
php53-soap-5.3.17-48.1
php53-suhosin-5.3.17-48.1
php53-sysvmsg-5.3.17-48.1
php53-sysvsem-5.3.17-48.1
php53-sysvshm-5.3.17-48.1
php53-tokenizer-5.3.17-48.1
php53-wddx-5.3.17-48.1
php53-xmlreader-5.3.17-48.1
php53-xmlrpc-5.3.17-48.1
php53-xmlwriter-5.3.17-48.1
php53-xsl-5.3.17-48.1
php53-zip-5.3.17-48.1
php53-zlib-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
apache2-mod_php53-5.3.17-48.1
php53-5.3.17-48.1
php53-bcmath-5.3.17-48.1
php53-bz2-5.3.17-48.1
php53-calendar-5.3.17-48.1
php53-ctype-5.3.17-48.1
php53-curl-5.3.17-48.1
php53-dba-5.3.17-48.1
php53-dom-5.3.17-48.1
php53-exif-5.3.17-48.1
php53-fastcgi-5.3.17-48.1
php53-fileinfo-5.3.17-48.1
php53-ftp-5.3.17-48.1
php53-gd-5.3.17-48.1
php53-gettext-5.3.17-48.1
php53-gmp-5.3.17-48.1
php53-iconv-5.3.17-48.1
php53-intl-5.3.17-48.1
php53-json-5.3.17-48.1
php53-ldap-5.3.17-48.1
php53-mbstring-5.3.17-48.1
php53-mcrypt-5.3.17-48.1
php53-mysql-5.3.17-48.1
php53-odbc-5.3.17-48.1
php53-openssl-5.3.17-48.1
php53-pcntl-5.3.17-48.1
php53-pdo-5.3.17-48.1
php53-pear-5.3.17-48.1
php53-pgsql-5.3.17-48.1
php53-pspell-5.3.17-48.1
php53-shmop-5.3.17-48.1
php53-snmp-5.3.17-48.1
php53-soap-5.3.17-48.1
php53-suhosin-5.3.17-48.1
php53-sysvmsg-5.3.17-48.1
php53-sysvsem-5.3.17-48.1
php53-sysvshm-5.3.17-48.1
php53-tokenizer-5.3.17-48.1
php53-wddx-5.3.17-48.1
php53-xmlreader-5.3.17-48.1
php53-xmlrpc-5.3.17-48.1
php53-xmlwriter-5.3.17-48.1
php53-xsl-5.3.17-48.1
php53-zip-5.3.17-48.1
php53-zlib-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP4
apache2-mod_php53-5.3.17-48.1
php53-5.3.17-48.1
php53-bcmath-5.3.17-48.1
php53-bz2-5.3.17-48.1
php53-calendar-5.3.17-48.1
php53-ctype-5.3.17-48.1
php53-curl-5.3.17-48.1
php53-dba-5.3.17-48.1
php53-dom-5.3.17-48.1
php53-exif-5.3.17-48.1
php53-fastcgi-5.3.17-48.1
php53-fileinfo-5.3.17-48.1
php53-ftp-5.3.17-48.1
php53-gd-5.3.17-48.1
php53-gettext-5.3.17-48.1
php53-gmp-5.3.17-48.1
php53-iconv-5.3.17-48.1
php53-intl-5.3.17-48.1
php53-json-5.3.17-48.1
php53-ldap-5.3.17-48.1
php53-mbstring-5.3.17-48.1
php53-mcrypt-5.3.17-48.1
php53-mysql-5.3.17-48.1
php53-odbc-5.3.17-48.1
php53-openssl-5.3.17-48.1
php53-pcntl-5.3.17-48.1
php53-pdo-5.3.17-48.1
php53-pear-5.3.17-48.1
php53-pgsql-5.3.17-48.1
php53-pspell-5.3.17-48.1
php53-shmop-5.3.17-48.1
php53-snmp-5.3.17-48.1
php53-soap-5.3.17-48.1
php53-suhosin-5.3.17-48.1
php53-sysvmsg-5.3.17-48.1
php53-sysvsem-5.3.17-48.1
php53-sysvshm-5.3.17-48.1
php53-tokenizer-5.3.17-48.1
php53-wddx-5.3.17-48.1
php53-xmlreader-5.3.17-48.1
php53-xmlrpc-5.3.17-48.1
php53-xmlwriter-5.3.17-48.1
php53-xsl-5.3.17-48.1
php53-zip-5.3.17-48.1
php53-zlib-5.3.17-48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP3
apache2-mod_php53-5.3.17-48.1
php53-5.3.17-48.1
php53-bcmath-5.3.17-48.1
php53-bz2-5.3.17-48.1
php53-calendar-5.3.17-48.1
php53-ctype-5.3.17-48.1
php53-curl-5.3.17-48.1
php53-dba-5.3.17-48.1
php53-dom-5.3.17-48.1
php53-exif-5.3.17-48.1
php53-fastcgi-5.3.17-48.1
php53-fileinfo-5.3.17-48.1
php53-ftp-5.3.17-48.1
php53-gd-5.3.17-48.1
php53-gettext-5.3.17-48.1
php53-gmp-5.3.17-48.1
php53-iconv-5.3.17-48.1
php53-intl-5.3.17-48.1
php53-json-5.3.17-48.1
php53-ldap-5.3.17-48.1
php53-mbstring-5.3.17-48.1
php53-mcrypt-5.3.17-48.1
php53-mysql-5.3.17-48.1
php53-odbc-5.3.17-48.1
php53-openssl-5.3.17-48.1
php53-pcntl-5.3.17-48.1
php53-pdo-5.3.17-48.1
php53-pear-5.3.17-48.1
php53-pgsql-5.3.17-48.1
php53-pspell-5.3.17-48.1
php53-shmop-5.3.17-48.1
php53-snmp-5.3.17-48.1
php53-soap-5.3.17-48.1
php53-suhosin-5.3.17-48.1
php53-sysvmsg-5.3.17-48.1
php53-sysvsem-5.3.17-48.1
php53-sysvshm-5.3.17-48.1
php53-tokenizer-5.3.17-48.1
php53-wddx-5.3.17-48.1
php53-xmlreader-5.3.17-48.1
php53-xmlrpc-5.3.17-48.1
php53-xmlwriter-5.3.17-48.1
php53-xsl-5.3.17-48.1
php53-zip-5.3.17-48.1
php53-zlib-5.3.17-48.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
apache2-mod_php53-5.3.17-48.1
php53-5.3.17-48.1
php53-bcmath-5.3.17-48.1
php53-bz2-5.3.17-48.1
php53-calendar-5.3.17-48.1
php53-ctype-5.3.17-48.1
php53-curl-5.3.17-48.1
php53-dba-5.3.17-48.1
php53-dom-5.3.17-48.1
php53-exif-5.3.17-48.1
php53-fastcgi-5.3.17-48.1
php53-fileinfo-5.3.17-48.1
php53-ftp-5.3.17-48.1
php53-gd-5.3.17-48.1
php53-gettext-5.3.17-48.1
php53-gmp-5.3.17-48.1
php53-iconv-5.3.17-48.1
php53-intl-5.3.17-48.1
php53-json-5.3.17-48.1
php53-ldap-5.3.17-48.1
php53-mbstring-5.3.17-48.1
php53-mcrypt-5.3.17-48.1
php53-mysql-5.3.17-48.1
php53-odbc-5.3.17-48.1
php53-openssl-5.3.17-48.1
php53-pcntl-5.3.17-48.1
php53-pdo-5.3.17-48.1
php53-pear-5.3.17-48.1
php53-pgsql-5.3.17-48.1
php53-pspell-5.3.17-48.1
php53-shmop-5.3.17-48.1
php53-snmp-5.3.17-48.1
php53-soap-5.3.17-48.1
php53-suhosin-5.3.17-48.1
php53-sysvmsg-5.3.17-48.1
php53-sysvsem-5.3.17-48.1
php53-sysvshm-5.3.17-48.1
php53-tokenizer-5.3.17-48.1
php53-wddx-5.3.17-48.1
php53-xmlreader-5.3.17-48.1
php53-xmlrpc-5.3.17-48.1
php53-xmlwriter-5.3.17-48.1
php53-xsl-5.3.17-48.1
php53-zip-5.3.17-48.1
php53-zlib-5.3.17-48.1
SUSE Linux Enterprise Software Development Kit 11 SP3
php53-devel-5.3.17-48.1
php53-imap-5.3.17-48.1
php53-posix-5.3.17-48.1
php53-readline-5.3.17-48.1
php53-sockets-5.3.17-48.1
php53-sqlite-5.3.17-48.1
php53-tidy-5.3.17-48.1
SUSE Linux Enterprise Software Development Kit 11 SP4
php53-devel-5.3.17-48.1
php53-imap-5.3.17-48.1
php53-posix-5.3.17-48.1
php53-readline-5.3.17-48.1
php53-sockets-5.3.17-48.1
php53-sqlite-5.3.17-48.1
php53-tidy-5.3.17-48.1
Ссылки
- Link for SUSE-SU-2015:1818-1
- E-Mail link for SUSE-SU-2015:1818-1
- SUSE Security Ratings
- SUSE Bug 935074
- SUSE Bug 942291
- SUSE Bug 942294
- SUSE Bug 942295
- SUSE Bug 942296
- SUSE Bug 945412
- SUSE Bug 945428
- SUSE CVE CVE-2015-6831 page
- SUSE CVE CVE-2015-6833 page
- SUSE CVE CVE-2015-6836 page
- SUSE CVE CVE-2015-6837 page
- SUSE CVE CVE-2015-6838 page
Описание
Multiple use-after-free vulnerabilities in SPL in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allow remote attackers to execute arbitrary code via vectors involving (1) ArrayObject, (2) SplObjectStorage, and (3) SplDoublyLinkedList, which are mishandled during unserialization.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-mod_php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bcmath-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bz2-5.3.17-48.1
Ссылки
- CVE-2015-6831
- SUSE Bug 942291
- SUSE Bug 942294
- SUSE Bug 942295
- SUSE Bug 945188
- SUSE Bug 980366
Описание
Directory traversal vulnerability in the PharData class in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 allows remote attackers to write to arbitrary files via a .. (dot dot) in a ZIP archive entry that is mishandled during an extractTo call.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-mod_php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bcmath-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bz2-5.3.17-48.1
Ссылки
- CVE-2015-6833
- SUSE Bug 942296
- SUSE Bug 980366
Описание
The SoapClient __call method in ext/soap/soap.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13 does not properly manage headers, which allows remote attackers to execute arbitrary code via crafted serialized data that triggers a "type confusion" in the serialize_function_call function.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-mod_php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bcmath-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bz2-5.3.17-48.1
Ссылки
- CVE-2015-6836
- SUSE Bug 945428
- SUSE Bug 980366
Описание
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation during initial error checking, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6838.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-mod_php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bcmath-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bz2-5.3.17-48.1
Ссылки
- CVE-2015-6837
- SUSE Bug 945412
- SUSE Bug 980366
Описание
The xsl_ext_function_php function in ext/xsl/xsltprocessor.c in PHP before 5.4.45, 5.5.x before 5.5.29, and 5.6.x before 5.6.13, when libxml2 before 2.9.2 is used, does not consider the possibility of a NULL valuePop return value before proceeding with a free operation after the principal argument loop, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted XML document, a different vulnerability than CVE-2015-6837.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP3-TERADATA:apache2-mod_php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bcmath-5.3.17-48.1
SUSE Linux Enterprise Server 11 SP3-TERADATA:php53-bz2-5.3.17-48.1
Ссылки
- CVE-2015-6838
- SUSE Bug 945412
- SUSE Bug 980366