Описание
Security update for php5
This update for php5 fixes the following issues:
- CVE-2013-7456: imagescale out-of-bounds read (bnc#982009).
- CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010).
- CVE-2016-5094: Don't create strings with lengths outside of valid range (bnc#982011).
- CVE-2016-5095: Don't create strings with lengths outside of valid range (bnc#982012).
- CVE-2016-5096: int/size_t confusion in fread (bsc#982013).
- CVE-2015-8877: The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) as used in PHP used inconsistent allocate and free approaches, which allowed remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function (bsc#981061).
- CVE-2015-8876: Zend/zend_exceptions.c in PHP did not validate certain Exception objects, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data (bsc#981049).
- CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050).
Список пакетов
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Module for Web and Scripting 12
SUSE Linux Enterprise Software Development Kit 12
SUSE Linux Enterprise Software Development Kit 12 SP1
SUSE Linux Enterprise Workstation Extension 12
SUSE Linux Enterprise Workstation Extension 12 SP1
Ссылки
- Link for SUSE-SU-2016:1633-1
- E-Mail link for SUSE-SU-2016:1633-1
- SUSE Security Ratings
- SUSE Bug 981049
- SUSE Bug 981050
- SUSE Bug 981061
- SUSE Bug 982009
- SUSE Bug 982010
- SUSE Bug 982011
- SUSE Bug 982012
- SUSE Bug 982013
- SUSE CVE CVE-2013-7456 page
- SUSE CVE CVE-2015-8876 page
- SUSE CVE CVE-2015-8877 page
- SUSE CVE CVE-2015-8879 page
- SUSE CVE CVE-2016-5093 page
- SUSE CVE CVE-2016-5094 page
- SUSE CVE CVE-2016-5095 page
- SUSE CVE CVE-2016-5096 page
Описание
gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.
Затронутые продукты
Ссылки
- CVE-2013-7456
- SUSE Bug 982009
Описание
Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.
Затронутые продукты
Ссылки
- CVE-2015-8876
- SUSE Bug 1019550
- SUSE Bug 981049
Описание
The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.
Затронутые продукты
Ссылки
- CVE-2015-8877
- SUSE Bug 981061
Описание
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.
Затронутые продукты
Ссылки
- CVE-2015-8879
- SUSE Bug 981050
Описание
The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.
Затронутые продукты
Ссылки
- CVE-2016-5093
- SUSE Bug 982010
Описание
Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.
Затронутые продукты
Ссылки
- CVE-2016-5094
- SUSE Bug 982011
- SUSE Bug 982012
Описание
Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.
Затронутые продукты
Ссылки
- CVE-2016-5095
- SUSE Bug 982011
- SUSE Bug 982012
Описание
Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.
Затронутые продукты
Ссылки
- CVE-2016-5096
- SUSE Bug 982013