Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2017:3277-1

Опубликовано: 13 дек. 2017
Источник: suse-cvrf

Описание

Security update for php5

This update for php5 fixes the following issues:

Security issues fixed:

  • CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441).
  • CVE-2017-4025: Fix pathname truncation in set_include_path, tempnam, rmdir, and readlink (bsc#1067090).
  • CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
  • CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).

Список пакетов

SUSE Linux Enterprise Module for Web and Scripting 12
apache2-mod_php5-5.5.14-109.13.1
php5-5.5.14-109.13.1
php5-bcmath-5.5.14-109.13.1
php5-bz2-5.5.14-109.13.1
php5-calendar-5.5.14-109.13.1
php5-ctype-5.5.14-109.13.1
php5-curl-5.5.14-109.13.1
php5-dba-5.5.14-109.13.1
php5-dom-5.5.14-109.13.1
php5-enchant-5.5.14-109.13.1
php5-exif-5.5.14-109.13.1
php5-fastcgi-5.5.14-109.13.1
php5-fileinfo-5.5.14-109.13.1
php5-fpm-5.5.14-109.13.1
php5-ftp-5.5.14-109.13.1
php5-gd-5.5.14-109.13.1
php5-gettext-5.5.14-109.13.1
php5-gmp-5.5.14-109.13.1
php5-iconv-5.5.14-109.13.1
php5-imap-5.5.14-109.13.1
php5-intl-5.5.14-109.13.1
php5-json-5.5.14-109.13.1
php5-ldap-5.5.14-109.13.1
php5-mbstring-5.5.14-109.13.1
php5-mcrypt-5.5.14-109.13.1
php5-mysql-5.5.14-109.13.1
php5-odbc-5.5.14-109.13.1
php5-opcache-5.5.14-109.13.1
php5-openssl-5.5.14-109.13.1
php5-pcntl-5.5.14-109.13.1
php5-pdo-5.5.14-109.13.1
php5-pear-5.5.14-109.13.1
php5-pgsql-5.5.14-109.13.1
php5-phar-5.5.14-109.13.1
php5-posix-5.5.14-109.13.1
php5-pspell-5.5.14-109.13.1
php5-shmop-5.5.14-109.13.1
php5-snmp-5.5.14-109.13.1
php5-soap-5.5.14-109.13.1
php5-sockets-5.5.14-109.13.1
php5-sqlite-5.5.14-109.13.1
php5-suhosin-5.5.14-109.13.1
php5-sysvmsg-5.5.14-109.13.1
php5-sysvsem-5.5.14-109.13.1
php5-sysvshm-5.5.14-109.13.1
php5-tokenizer-5.5.14-109.13.1
php5-wddx-5.5.14-109.13.1
php5-xmlreader-5.5.14-109.13.1
php5-xmlrpc-5.5.14-109.13.1
php5-xmlwriter-5.5.14-109.13.1
php5-xsl-5.5.14-109.13.1
php5-zip-5.5.14-109.13.1
php5-zlib-5.5.14-109.13.1
SUSE Linux Enterprise Software Development Kit 12 SP2
php5-devel-5.5.14-109.13.1
SUSE Linux Enterprise Software Development Kit 12 SP3
php5-devel-5.5.14-109.13.1

Ссылки

Описание

PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.

Затронутые продукты
SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bcmath-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bz2-5.5.14-109.13.1
Ссылки

Описание

In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c out-of-bounds reads affecting the php_parse_date function. NOTE: this is a different issue than CVE-2017-11145.

Затронутые продукты
SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bcmath-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bz2-5.5.14-109.13.1
Ссылки

Описание

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() during regular expression compilation due to an uninitialized variable from an incorrect state transition. An incorrect state transition in parse_char_class() could create an execution path that leaves a critical local variable uninitialized until it's used as an index, resulting in an out-of-bounds write memory corruption.

Затронутые продукты
SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bcmath-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bz2-5.5.14-109.13.1
Ссылки

Описание

An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A SIGSEGV occurs in left_adjust_char_head() during regular expression compilation. Invalid handling of reg->dmax in forward_search_range() could result in an invalid pointer dereference, normally as an immediate denial-of-service condition.

Затронутые продукты
SUSE Linux Enterprise Module for Web and Scripting 12:apache2-mod_php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bcmath-5.5.14-109.13.1
SUSE Linux Enterprise Module for Web and Scripting 12:php5-bz2-5.5.14-109.13.1
Ссылки
Уязвимость SUSE-SU-2017:3277-1