Описание
Security update for php53
This update for php53 fixes the following issues:
- The fix for CVE-2017-7272 was reverted, as it caused regressions in the mysql server connect module. [bsc#1044976] The security fix tried to avoid a server side request forgery, and will be submitted when a better fix becomes available.
Список пакетов
SUSE Linux Enterprise Server 11 SP4
apache2-mod_php53-5.3.17-111.2
php53-5.3.17-111.2
php53-bcmath-5.3.17-111.2
php53-bz2-5.3.17-111.2
php53-calendar-5.3.17-111.2
php53-ctype-5.3.17-111.2
php53-curl-5.3.17-111.2
php53-dba-5.3.17-111.2
php53-dom-5.3.17-111.2
php53-exif-5.3.17-111.2
php53-fastcgi-5.3.17-111.2
php53-fileinfo-5.3.17-111.2
php53-ftp-5.3.17-111.2
php53-gd-5.3.17-111.2
php53-gettext-5.3.17-111.2
php53-gmp-5.3.17-111.2
php53-iconv-5.3.17-111.2
php53-intl-5.3.17-111.2
php53-json-5.3.17-111.2
php53-ldap-5.3.17-111.2
php53-mbstring-5.3.17-111.2
php53-mcrypt-5.3.17-111.2
php53-mysql-5.3.17-111.2
php53-odbc-5.3.17-111.2
php53-openssl-5.3.17-111.2
php53-pcntl-5.3.17-111.2
php53-pdo-5.3.17-111.2
php53-pear-5.3.17-111.2
php53-pgsql-5.3.17-111.2
php53-pspell-5.3.17-111.2
php53-shmop-5.3.17-111.2
php53-snmp-5.3.17-111.2
php53-soap-5.3.17-111.2
php53-suhosin-5.3.17-111.2
php53-sysvmsg-5.3.17-111.2
php53-sysvsem-5.3.17-111.2
php53-sysvshm-5.3.17-111.2
php53-tokenizer-5.3.17-111.2
php53-wddx-5.3.17-111.2
php53-xmlreader-5.3.17-111.2
php53-xmlrpc-5.3.17-111.2
php53-xmlwriter-5.3.17-111.2
php53-xsl-5.3.17-111.2
php53-zip-5.3.17-111.2
php53-zlib-5.3.17-111.2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
apache2-mod_php53-5.3.17-111.2
php53-5.3.17-111.2
php53-bcmath-5.3.17-111.2
php53-bz2-5.3.17-111.2
php53-calendar-5.3.17-111.2
php53-ctype-5.3.17-111.2
php53-curl-5.3.17-111.2
php53-dba-5.3.17-111.2
php53-dom-5.3.17-111.2
php53-exif-5.3.17-111.2
php53-fastcgi-5.3.17-111.2
php53-fileinfo-5.3.17-111.2
php53-ftp-5.3.17-111.2
php53-gd-5.3.17-111.2
php53-gettext-5.3.17-111.2
php53-gmp-5.3.17-111.2
php53-iconv-5.3.17-111.2
php53-intl-5.3.17-111.2
php53-json-5.3.17-111.2
php53-ldap-5.3.17-111.2
php53-mbstring-5.3.17-111.2
php53-mcrypt-5.3.17-111.2
php53-mysql-5.3.17-111.2
php53-odbc-5.3.17-111.2
php53-openssl-5.3.17-111.2
php53-pcntl-5.3.17-111.2
php53-pdo-5.3.17-111.2
php53-pear-5.3.17-111.2
php53-pgsql-5.3.17-111.2
php53-pspell-5.3.17-111.2
php53-shmop-5.3.17-111.2
php53-snmp-5.3.17-111.2
php53-soap-5.3.17-111.2
php53-suhosin-5.3.17-111.2
php53-sysvmsg-5.3.17-111.2
php53-sysvsem-5.3.17-111.2
php53-sysvshm-5.3.17-111.2
php53-tokenizer-5.3.17-111.2
php53-wddx-5.3.17-111.2
php53-xmlreader-5.3.17-111.2
php53-xmlrpc-5.3.17-111.2
php53-xmlwriter-5.3.17-111.2
php53-xsl-5.3.17-111.2
php53-zip-5.3.17-111.2
php53-zlib-5.3.17-111.2
SUSE Linux Enterprise Software Development Kit 11 SP4
php53-devel-5.3.17-111.2
php53-imap-5.3.17-111.2
php53-posix-5.3.17-111.2
php53-readline-5.3.17-111.2
php53-sockets-5.3.17-111.2
php53-sqlite-5.3.17-111.2
php53-tidy-5.3.17-111.2
Ссылки
- Link for SUSE-SU-2017:1709-1
- E-Mail link for SUSE-SU-2017:1709-1
- SUSE Security Ratings
- SUSE Bug 1031246
- SUSE Bug 1044976
- SUSE CVE CVE-2017-7272 page
Описание
PHP through 7.1.11 enables potential SSRF in applications that accept an fsockopen or pfsockopen hostname argument with an expectation that the port number is constrained. Because a :port syntax is recognized, fsockopen will use the port number that is specified in the hostname argument, instead of the port number in the second argument of the function.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:apache2-mod_php53-5.3.17-111.2
SUSE Linux Enterprise Server 11 SP4:php53-5.3.17-111.2
SUSE Linux Enterprise Server 11 SP4:php53-bcmath-5.3.17-111.2
SUSE Linux Enterprise Server 11 SP4:php53-bz2-5.3.17-111.2
Ссылки
- CVE-2017-7272
- SUSE Bug 1031246
- SUSE Bug 1044976