Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2019:14013-1

Опубликовано: 05 апр. 2019
Источник: suse-cvrf

Описание

Security update for php53

This update for php53 fixes the following issues:

Security issues fixed:

  • CVE-2019-9637: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128892).
  • CVE-2019-9675: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128886).
  • CVE-2019-9638: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension ((bsc#1128889).
  • CVE-2019-9639: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128887).
  • CVE-2019-9640: Fixed improper implementation of rename function and multiple invalid memory access in EXIF extension (bsc#1128883).
  • CVE-2019-9024: Fixed a vulnerability in xmlrpc_decode function which could allow to a hostile XMLRPC server to cause memory read outside the allocated areas (bsc#1126821).
  • CVE-2019-9020: Fixed a heap out of bounds in xmlrpc_decode function (bsc#1126711).
  • CVE-2018-20783: Fixed a buffer over-read in PHAR reading functions which could allow an attacker to read allocated and unallocated memory when parsing a phar file (bsc#1127122).
  • CVE-2019-9021: Fixed a heap buffer-based buffer over-read in PHAR reading functions which could allow an attacker to read allocated and unallocated memory when parsing a phar file (bsc#1126713).
  • CVE-2019-9023: Fixed multiple heap-based buffer over-read instances in mbstring regular expression functions (bsc#1126823).
  • CVE-2019-9641: Fixed multiple invalid memory access in EXIF extension and improved insecure implementation of rename function (bsc#1128722).

Список пакетов

SUSE Linux Enterprise Point of Sale 11 SP3
apache2-mod_php53-5.3.17-112.58.1
php53-5.3.17-112.58.1
php53-bcmath-5.3.17-112.58.1
php53-bz2-5.3.17-112.58.1
php53-calendar-5.3.17-112.58.1
php53-ctype-5.3.17-112.58.1
php53-curl-5.3.17-112.58.1
php53-dba-5.3.17-112.58.1
php53-dom-5.3.17-112.58.1
php53-exif-5.3.17-112.58.1
php53-fastcgi-5.3.17-112.58.1
php53-fileinfo-5.3.17-112.58.1
php53-ftp-5.3.17-112.58.1
php53-gd-5.3.17-112.58.1
php53-gettext-5.3.17-112.58.1
php53-gmp-5.3.17-112.58.1
php53-iconv-5.3.17-112.58.1
php53-intl-5.3.17-112.58.1
php53-json-5.3.17-112.58.1
php53-ldap-5.3.17-112.58.1
php53-mbstring-5.3.17-112.58.1
php53-mcrypt-5.3.17-112.58.1
php53-mysql-5.3.17-112.58.1
php53-odbc-5.3.17-112.58.1
php53-openssl-5.3.17-112.58.1
php53-pcntl-5.3.17-112.58.1
php53-pdo-5.3.17-112.58.1
php53-pear-5.3.17-112.58.1
php53-pgsql-5.3.17-112.58.1
php53-pspell-5.3.17-112.58.1
php53-shmop-5.3.17-112.58.1
php53-snmp-5.3.17-112.58.1
php53-soap-5.3.17-112.58.1
php53-suhosin-5.3.17-112.58.1
php53-sysvmsg-5.3.17-112.58.1
php53-sysvsem-5.3.17-112.58.1
php53-sysvshm-5.3.17-112.58.1
php53-tokenizer-5.3.17-112.58.1
php53-wddx-5.3.17-112.58.1
php53-xmlreader-5.3.17-112.58.1
php53-xmlrpc-5.3.17-112.58.1
php53-xmlwriter-5.3.17-112.58.1
php53-xsl-5.3.17-112.58.1
php53-zip-5.3.17-112.58.1
php53-zlib-5.3.17-112.58.1
SUSE Linux Enterprise Server 11 SP4
apache2-mod_php53-5.3.17-112.58.1
php53-5.3.17-112.58.1
php53-bcmath-5.3.17-112.58.1
php53-bz2-5.3.17-112.58.1
php53-calendar-5.3.17-112.58.1
php53-ctype-5.3.17-112.58.1
php53-curl-5.3.17-112.58.1
php53-dba-5.3.17-112.58.1
php53-dom-5.3.17-112.58.1
php53-exif-5.3.17-112.58.1
php53-fastcgi-5.3.17-112.58.1
php53-fileinfo-5.3.17-112.58.1
php53-ftp-5.3.17-112.58.1
php53-gd-5.3.17-112.58.1
php53-gettext-5.3.17-112.58.1
php53-gmp-5.3.17-112.58.1
php53-iconv-5.3.17-112.58.1
php53-intl-5.3.17-112.58.1
php53-json-5.3.17-112.58.1
php53-ldap-5.3.17-112.58.1
php53-mbstring-5.3.17-112.58.1
php53-mcrypt-5.3.17-112.58.1
php53-mysql-5.3.17-112.58.1
php53-odbc-5.3.17-112.58.1
php53-openssl-5.3.17-112.58.1
php53-pcntl-5.3.17-112.58.1
php53-pdo-5.3.17-112.58.1
php53-pear-5.3.17-112.58.1
php53-pgsql-5.3.17-112.58.1
php53-pspell-5.3.17-112.58.1
php53-shmop-5.3.17-112.58.1
php53-snmp-5.3.17-112.58.1
php53-soap-5.3.17-112.58.1
php53-suhosin-5.3.17-112.58.1
php53-sysvmsg-5.3.17-112.58.1
php53-sysvsem-5.3.17-112.58.1
php53-sysvshm-5.3.17-112.58.1
php53-tokenizer-5.3.17-112.58.1
php53-wddx-5.3.17-112.58.1
php53-xmlreader-5.3.17-112.58.1
php53-xmlrpc-5.3.17-112.58.1
php53-xmlwriter-5.3.17-112.58.1
php53-xsl-5.3.17-112.58.1
php53-zip-5.3.17-112.58.1
php53-zlib-5.3.17-112.58.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
apache2-mod_php53-5.3.17-112.58.1
php53-5.3.17-112.58.1
php53-bcmath-5.3.17-112.58.1
php53-bz2-5.3.17-112.58.1
php53-calendar-5.3.17-112.58.1
php53-ctype-5.3.17-112.58.1
php53-curl-5.3.17-112.58.1
php53-dba-5.3.17-112.58.1
php53-dom-5.3.17-112.58.1
php53-exif-5.3.17-112.58.1
php53-fastcgi-5.3.17-112.58.1
php53-fileinfo-5.3.17-112.58.1
php53-ftp-5.3.17-112.58.1
php53-gd-5.3.17-112.58.1
php53-gettext-5.3.17-112.58.1
php53-gmp-5.3.17-112.58.1
php53-iconv-5.3.17-112.58.1
php53-intl-5.3.17-112.58.1
php53-json-5.3.17-112.58.1
php53-ldap-5.3.17-112.58.1
php53-mbstring-5.3.17-112.58.1
php53-mcrypt-5.3.17-112.58.1
php53-mysql-5.3.17-112.58.1
php53-odbc-5.3.17-112.58.1
php53-openssl-5.3.17-112.58.1
php53-pcntl-5.3.17-112.58.1
php53-pdo-5.3.17-112.58.1
php53-pear-5.3.17-112.58.1
php53-pgsql-5.3.17-112.58.1
php53-pspell-5.3.17-112.58.1
php53-shmop-5.3.17-112.58.1
php53-snmp-5.3.17-112.58.1
php53-soap-5.3.17-112.58.1
php53-suhosin-5.3.17-112.58.1
php53-sysvmsg-5.3.17-112.58.1
php53-sysvsem-5.3.17-112.58.1
php53-sysvshm-5.3.17-112.58.1
php53-tokenizer-5.3.17-112.58.1
php53-wddx-5.3.17-112.58.1
php53-xmlreader-5.3.17-112.58.1
php53-xmlrpc-5.3.17-112.58.1
php53-xmlwriter-5.3.17-112.58.1
php53-xsl-5.3.17-112.58.1
php53-zip-5.3.17-112.58.1
php53-zlib-5.3.17-112.58.1
SUSE Linux Enterprise Software Development Kit 11 SP4
php53-devel-5.3.17-112.58.1
php53-imap-5.3.17-112.58.1
php53-posix-5.3.17-112.58.1
php53-readline-5.3.17-112.58.1
php53-sockets-5.3.17-112.58.1
php53-sqlite-5.3.17-112.58.1
php53-tidy-5.3.17-112.58.1

Ссылки

Описание

In PHP before 5.6.39, 7.x before 7.0.33, 7.1.x before 7.1.25, and 7.2.x before 7.2.13, a buffer over-read in PHAR reading functions may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse a .phar file. This is related to phar_parse_pharfile in ext/phar/phar.c.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. Invalid input to the function xmlrpc_decode() can lead to an invalid memory access (heap out of bounds read or read after free). This is related to xml_elem_parse_buf in ext/xmlrpc/libxmlrpc/xml_element.c.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A heap-based buffer over-read in PHAR reading functions in the PHAR extension may allow an attacker to read allocated or unallocated memory past the actual data when trying to parse the file name, a different vulnerability than CVE-2018-20783. This is related to phar_detect_phar_fname_ext in ext/phar/phar.c.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. A number of heap-based buffer over-read instances are present in mbstring regular expression functions when supplied with invalid multibyte data. These occur in ext/mbstring/oniguruma/regcomp.c, ext/mbstring/oniguruma/regexec.c, ext/mbstring/oniguruma/regparse.c, ext/mbstring/oniguruma/enc/unicode.c, and ext/mbstring/oniguruma/src/utf32_be.c when a multibyte regular expression pattern contains invalid multibyte sequences.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in PHP before 5.6.40, 7.x before 7.1.26, 7.2.x before 7.2.14, and 7.3.x before 7.3.1. xmlrpc_decode() can allow a hostile XMLRPC server to cause PHP to read memory outside of allocated areas in base64_decode_xmlrpc in ext/xmlrpc/libxmlrpc/base64.c.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented, it is possible that file being renamed is briefly available with wrong permissions while the rename is ongoing, thus enabling unauthorized users to access the data.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the maker_note->offset relationship to value_len.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_MAKERNOTE because of mishandling the data_len variable.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_process_SOFn.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in exif_process_IFD_in_TIFF.

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки

Описание

** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer overflow via a long link value. NOTE: The vendor indicates that the link value is used only when an archive contains a symlink, which currently cannot happen: "This issue allows theoretical compromise of security, but a practical attack is usually impossible."

Затронутые продукты
SUSE Linux Enterprise Point of Sale 11 SP3:apache2-mod_php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bcmath-5.3.17-112.58.1
SUSE Linux Enterprise Point of Sale 11 SP3:php53-bz2-5.3.17-112.58.1
Ссылки
Уязвимость SUSE-SU-2019:14013-1