Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2018:0806-1

Опубликовано: 26 мар. 2018
Источник: suse-cvrf

Описание

Security update for php53

This update for php53 fixes several issues.

These security issues were fixed:

  • CVE-2016-10712: In PHP all of the return values of stream_get_meta_data could be controlled if the input can be controlled (e.g., during file uploads). (bsc#1080234)
  • CVE-2018-5712: Prevent reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file that allowed for information disclosure (bsc#1076220)
  • CVE-2018-5711: Prevent integer signedness error that could have lead to an infinite loop via a crafted GIF file allowing for DoS (bsc#1076391)
  • CVE-2016-5773: php_zip.c in the zip extension in PHP improperly interacted with the unserialize implementation and garbage collection, which allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object. (bsc#986247)
  • CVE-2016-5771: spl_array.c in the SPL extension in PHP improperly interacted with the unserialize implementation and garbage collection, which allowed remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data. (bsc#986391)
  • CVE-2018-7584: Fixed stack-based buffer under-read while parsing an HTTPresponse in the php_stream_url_wrap_http_ex. (bsc#1083639)

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
apache2-mod_php53-5.3.17-112.20.1
php53-5.3.17-112.20.1
php53-bcmath-5.3.17-112.20.1
php53-bz2-5.3.17-112.20.1
php53-calendar-5.3.17-112.20.1
php53-ctype-5.3.17-112.20.1
php53-curl-5.3.17-112.20.1
php53-dba-5.3.17-112.20.1
php53-dom-5.3.17-112.20.1
php53-exif-5.3.17-112.20.1
php53-fastcgi-5.3.17-112.20.1
php53-fileinfo-5.3.17-112.20.1
php53-ftp-5.3.17-112.20.1
php53-gd-5.3.17-112.20.1
php53-gettext-5.3.17-112.20.1
php53-gmp-5.3.17-112.20.1
php53-iconv-5.3.17-112.20.1
php53-intl-5.3.17-112.20.1
php53-json-5.3.17-112.20.1
php53-ldap-5.3.17-112.20.1
php53-mbstring-5.3.17-112.20.1
php53-mcrypt-5.3.17-112.20.1
php53-mysql-5.3.17-112.20.1
php53-odbc-5.3.17-112.20.1
php53-openssl-5.3.17-112.20.1
php53-pcntl-5.3.17-112.20.1
php53-pdo-5.3.17-112.20.1
php53-pear-5.3.17-112.20.1
php53-pgsql-5.3.17-112.20.1
php53-pspell-5.3.17-112.20.1
php53-shmop-5.3.17-112.20.1
php53-snmp-5.3.17-112.20.1
php53-soap-5.3.17-112.20.1
php53-suhosin-5.3.17-112.20.1
php53-sysvmsg-5.3.17-112.20.1
php53-sysvsem-5.3.17-112.20.1
php53-sysvshm-5.3.17-112.20.1
php53-tokenizer-5.3.17-112.20.1
php53-wddx-5.3.17-112.20.1
php53-xmlreader-5.3.17-112.20.1
php53-xmlrpc-5.3.17-112.20.1
php53-xmlwriter-5.3.17-112.20.1
php53-xsl-5.3.17-112.20.1
php53-zip-5.3.17-112.20.1
php53-zlib-5.3.17-112.20.1
SUSE Linux Enterprise Server 11 SP3-LTSS
apache2-mod_php53-5.3.17-112.20.1
php53-5.3.17-112.20.1
php53-bcmath-5.3.17-112.20.1
php53-bz2-5.3.17-112.20.1
php53-calendar-5.3.17-112.20.1
php53-ctype-5.3.17-112.20.1
php53-curl-5.3.17-112.20.1
php53-dba-5.3.17-112.20.1
php53-dom-5.3.17-112.20.1
php53-exif-5.3.17-112.20.1
php53-fastcgi-5.3.17-112.20.1
php53-fileinfo-5.3.17-112.20.1
php53-ftp-5.3.17-112.20.1
php53-gd-5.3.17-112.20.1
php53-gettext-5.3.17-112.20.1
php53-gmp-5.3.17-112.20.1
php53-iconv-5.3.17-112.20.1
php53-intl-5.3.17-112.20.1
php53-json-5.3.17-112.20.1
php53-ldap-5.3.17-112.20.1
php53-mbstring-5.3.17-112.20.1
php53-mcrypt-5.3.17-112.20.1
php53-mysql-5.3.17-112.20.1
php53-odbc-5.3.17-112.20.1
php53-openssl-5.3.17-112.20.1
php53-pcntl-5.3.17-112.20.1
php53-pdo-5.3.17-112.20.1
php53-pear-5.3.17-112.20.1
php53-pgsql-5.3.17-112.20.1
php53-pspell-5.3.17-112.20.1
php53-shmop-5.3.17-112.20.1
php53-snmp-5.3.17-112.20.1
php53-soap-5.3.17-112.20.1
php53-suhosin-5.3.17-112.20.1
php53-sysvmsg-5.3.17-112.20.1
php53-sysvsem-5.3.17-112.20.1
php53-sysvshm-5.3.17-112.20.1
php53-tokenizer-5.3.17-112.20.1
php53-wddx-5.3.17-112.20.1
php53-xmlreader-5.3.17-112.20.1
php53-xmlrpc-5.3.17-112.20.1
php53-xmlwriter-5.3.17-112.20.1
php53-xsl-5.3.17-112.20.1
php53-zip-5.3.17-112.20.1
php53-zlib-5.3.17-112.20.1
SUSE Linux Enterprise Server 11 SP3-TERADATA
apache2-mod_php53-5.3.17-112.20.1
php53-5.3.17-112.20.1
php53-bcmath-5.3.17-112.20.1
php53-bz2-5.3.17-112.20.1
php53-calendar-5.3.17-112.20.1
php53-ctype-5.3.17-112.20.1
php53-curl-5.3.17-112.20.1
php53-dba-5.3.17-112.20.1
php53-dom-5.3.17-112.20.1
php53-exif-5.3.17-112.20.1
php53-fastcgi-5.3.17-112.20.1
php53-fileinfo-5.3.17-112.20.1
php53-ftp-5.3.17-112.20.1
php53-gd-5.3.17-112.20.1
php53-gettext-5.3.17-112.20.1
php53-gmp-5.3.17-112.20.1
php53-iconv-5.3.17-112.20.1
php53-intl-5.3.17-112.20.1
php53-json-5.3.17-112.20.1
php53-ldap-5.3.17-112.20.1
php53-mbstring-5.3.17-112.20.1
php53-mcrypt-5.3.17-112.20.1
php53-mysql-5.3.17-112.20.1
php53-odbc-5.3.17-112.20.1
php53-openssl-5.3.17-112.20.1
php53-pcntl-5.3.17-112.20.1
php53-pdo-5.3.17-112.20.1
php53-pear-5.3.17-112.20.1
php53-pgsql-5.3.17-112.20.1
php53-pspell-5.3.17-112.20.1
php53-shmop-5.3.17-112.20.1
php53-snmp-5.3.17-112.20.1
php53-soap-5.3.17-112.20.1
php53-suhosin-5.3.17-112.20.1
php53-sysvmsg-5.3.17-112.20.1
php53-sysvsem-5.3.17-112.20.1
php53-sysvshm-5.3.17-112.20.1
php53-tokenizer-5.3.17-112.20.1
php53-wddx-5.3.17-112.20.1
php53-xmlreader-5.3.17-112.20.1
php53-xmlrpc-5.3.17-112.20.1
php53-xmlwriter-5.3.17-112.20.1
php53-xsl-5.3.17-112.20.1
php53-zip-5.3.17-112.20.1
php53-zlib-5.3.17-112.20.1
SUSE Linux Enterprise Server 11 SP4
apache2-mod_php53-5.3.17-112.20.1
php53-5.3.17-112.20.1
php53-bcmath-5.3.17-112.20.1
php53-bz2-5.3.17-112.20.1
php53-calendar-5.3.17-112.20.1
php53-ctype-5.3.17-112.20.1
php53-curl-5.3.17-112.20.1
php53-dba-5.3.17-112.20.1
php53-dom-5.3.17-112.20.1
php53-exif-5.3.17-112.20.1
php53-fastcgi-5.3.17-112.20.1
php53-fileinfo-5.3.17-112.20.1
php53-ftp-5.3.17-112.20.1
php53-gd-5.3.17-112.20.1
php53-gettext-5.3.17-112.20.1
php53-gmp-5.3.17-112.20.1
php53-iconv-5.3.17-112.20.1
php53-intl-5.3.17-112.20.1
php53-json-5.3.17-112.20.1
php53-ldap-5.3.17-112.20.1
php53-mbstring-5.3.17-112.20.1
php53-mcrypt-5.3.17-112.20.1
php53-mysql-5.3.17-112.20.1
php53-odbc-5.3.17-112.20.1
php53-openssl-5.3.17-112.20.1
php53-pcntl-5.3.17-112.20.1
php53-pdo-5.3.17-112.20.1
php53-pear-5.3.17-112.20.1
php53-pgsql-5.3.17-112.20.1
php53-pspell-5.3.17-112.20.1
php53-shmop-5.3.17-112.20.1
php53-snmp-5.3.17-112.20.1
php53-soap-5.3.17-112.20.1
php53-suhosin-5.3.17-112.20.1
php53-sysvmsg-5.3.17-112.20.1
php53-sysvsem-5.3.17-112.20.1
php53-sysvshm-5.3.17-112.20.1
php53-tokenizer-5.3.17-112.20.1
php53-wddx-5.3.17-112.20.1
php53-xmlreader-5.3.17-112.20.1
php53-xmlrpc-5.3.17-112.20.1
php53-xmlwriter-5.3.17-112.20.1
php53-xsl-5.3.17-112.20.1
php53-zip-5.3.17-112.20.1
php53-zlib-5.3.17-112.20.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
apache2-mod_php53-5.3.17-112.20.1
php53-5.3.17-112.20.1
php53-bcmath-5.3.17-112.20.1
php53-bz2-5.3.17-112.20.1
php53-calendar-5.3.17-112.20.1
php53-ctype-5.3.17-112.20.1
php53-curl-5.3.17-112.20.1
php53-dba-5.3.17-112.20.1
php53-dom-5.3.17-112.20.1
php53-exif-5.3.17-112.20.1
php53-fastcgi-5.3.17-112.20.1
php53-fileinfo-5.3.17-112.20.1
php53-ftp-5.3.17-112.20.1
php53-gd-5.3.17-112.20.1
php53-gettext-5.3.17-112.20.1
php53-gmp-5.3.17-112.20.1
php53-iconv-5.3.17-112.20.1
php53-intl-5.3.17-112.20.1
php53-json-5.3.17-112.20.1
php53-ldap-5.3.17-112.20.1
php53-mbstring-5.3.17-112.20.1
php53-mcrypt-5.3.17-112.20.1
php53-mysql-5.3.17-112.20.1
php53-odbc-5.3.17-112.20.1
php53-openssl-5.3.17-112.20.1
php53-pcntl-5.3.17-112.20.1
php53-pdo-5.3.17-112.20.1
php53-pear-5.3.17-112.20.1
php53-pgsql-5.3.17-112.20.1
php53-pspell-5.3.17-112.20.1
php53-shmop-5.3.17-112.20.1
php53-snmp-5.3.17-112.20.1
php53-soap-5.3.17-112.20.1
php53-suhosin-5.3.17-112.20.1
php53-sysvmsg-5.3.17-112.20.1
php53-sysvsem-5.3.17-112.20.1
php53-sysvshm-5.3.17-112.20.1
php53-tokenizer-5.3.17-112.20.1
php53-wddx-5.3.17-112.20.1
php53-xmlreader-5.3.17-112.20.1
php53-xmlrpc-5.3.17-112.20.1
php53-xmlwriter-5.3.17-112.20.1
php53-xsl-5.3.17-112.20.1
php53-zip-5.3.17-112.20.1
php53-zlib-5.3.17-112.20.1
SUSE Linux Enterprise Software Development Kit 11 SP4
php53-devel-5.3.17-112.20.1
php53-imap-5.3.17-112.20.1
php53-posix-5.3.17-112.20.1
php53-readline-5.3.17-112.20.1
php53-sockets-5.3.17-112.20.1
php53-sqlite-5.3.17-112.20.1
php53-tidy-5.3.17-112.20.1

Ссылки

Описание

In PHP before 5.5.32, 5.6.x before 5.6.18, and 7.x before 7.0.3, all of the return values of stream_get_meta_data can be controlled if the input can be controlled (e.g., during file uploads). For example, a "$uri = stream_get_meta_data(fopen($file, "r"))['uri']" call mishandles the case where $file is data:text/plain;uri=eviluri, -- in other words, metadata can be set by an attacker.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.20.1
Ссылки

Описание

spl_array.c in the SPL extension in PHP before 5.5.37 and 5.6.x before 5.6.23 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.20.1
Ссылки

Описание

php_zip.c in the zip extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 improperly interacts with the unserialize implementation and garbage collection, which allows remote attackers to execute arbitrary code or cause a denial of service (use-after-free and application crash) via crafted serialized data containing a ZipArchive object.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.20.1
Ссылки

Описание

gd_gif_in.c in the GD Graphics Library (aka libgd), as used in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1, has an integer signedness error that leads to an infinite loop via a crafted GIF file, as demonstrated by a call to the imagecreatefromgif or imagecreatefromstring PHP function. This is related to GetCode_ and gdImageCreateFromGifCtx.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.20.1
Ссылки

Описание

An issue was discovered in PHP before 5.6.33, 7.0.x before 7.0.27, 7.1.x before 7.1.13, and 7.2.x before 7.2.1. There is Reflected XSS on the PHAR 404 error page via the URI of a request for a .phar file.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.20.1
Ссылки

Описание

In PHP through 5.6.33, 7.0.x before 7.0.28, 7.1.x through 7.1.14, and 7.2.x through 7.2.2, there is a stack-based buffer under-read while parsing an HTTP response in the php_stream_url_wrap_http_ex function in ext/standard/http_fopen_wrapper.c. This subsequently results in copying a large string.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.20.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.20.1
Ссылки
Уязвимость SUSE-SU-2018:0806-1