Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

openSUSE-SU-2016:1688-1

Опубликовано: 27 июн. 2016
Источник: suse-cvrf

Описание

Security update for php5

This update for php5 fixes the following issues:

  • CVE-2013-7456: imagescale out-of-bounds read (bnc#982009).
  • CVE-2016-5093: get_icu_value_internal out-of-bounds read (bnc#982010).
  • CVE-2016-5094: Don't create strings with lengths outside of valid range (bnc#982011).
  • CVE-2016-5095: Don't create strings with lengths outside of valid range (bnc#982012).
  • CVE-2016-5096: int/size_t confusion in fread (bsc#982013).
  • CVE-2015-8877: The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) as used in PHP used inconsistent allocate and free approaches, which allowed remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function (bsc#981061).
  • CVE-2015-8876: Zend/zend_exceptions.c in PHP did not validate certain Exception objects, which allowed remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data (bsc#981049).
  • CVE-2015-8879: The odbc_bindcols function in ext/odbc/php_odbc.c in PHP mishandles driver behavior for SQL_WVARCHAR columns, which allowed remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table (bsc#981050).

This update was imported from the SUSE:SLE-12:Update update project.

Список пакетов

openSUSE Leap 42.1
apache2-mod_php5-5.5.14-53.1
imap-2007e_suse-22.1
imap-devel-2007e_suse-22.1
libc-client2007e_suse-2007e_suse-22.1
php5-5.5.14-53.1
php5-bcmath-5.5.14-53.1
php5-bz2-5.5.14-53.1
php5-calendar-5.5.14-53.1
php5-ctype-5.5.14-53.1
php5-curl-5.5.14-53.1
php5-dba-5.5.14-53.1
php5-devel-5.5.14-53.1
php5-dom-5.5.14-53.1
php5-enchant-5.5.14-53.1
php5-exif-5.5.14-53.1
php5-fastcgi-5.5.14-53.1
php5-fileinfo-5.5.14-53.1
php5-firebird-5.5.14-53.1
php5-fpm-5.5.14-53.1
php5-ftp-5.5.14-53.1
php5-gd-5.5.14-53.1
php5-gettext-5.5.14-53.1
php5-gmp-5.5.14-53.1
php5-iconv-5.5.14-53.1
php5-imap-5.5.14-53.1
php5-intl-5.5.14-53.1
php5-json-5.5.14-53.1
php5-ldap-5.5.14-53.1
php5-mbstring-5.5.14-53.1
php5-mcrypt-5.5.14-53.1
php5-mssql-5.5.14-53.1
php5-mysql-5.5.14-53.1
php5-odbc-5.5.14-53.1
php5-opcache-5.5.14-53.1
php5-openssl-5.5.14-53.1
php5-pcntl-5.5.14-53.1
php5-pdo-5.5.14-53.1
php5-pear-5.5.14-53.1
php5-pgsql-5.5.14-53.1
php5-phar-5.5.14-53.1
php5-posix-5.5.14-53.1
php5-pspell-5.5.14-53.1
php5-readline-5.5.14-53.1
php5-shmop-5.5.14-53.1
php5-snmp-5.5.14-53.1
php5-soap-5.5.14-53.1
php5-sockets-5.5.14-53.1
php5-sqlite-5.5.14-53.1
php5-suhosin-5.5.14-53.1
php5-sysvmsg-5.5.14-53.1
php5-sysvsem-5.5.14-53.1
php5-sysvshm-5.5.14-53.1
php5-tidy-5.5.14-53.1
php5-tokenizer-5.5.14-53.1
php5-wddx-5.5.14-53.1
php5-xmlreader-5.5.14-53.1
php5-xmlrpc-5.5.14-53.1
php5-xmlwriter-5.5.14-53.1
php5-xsl-5.5.14-53.1
php5-zip-5.5.14-53.1
php5-zlib-5.5.14-53.1

Ссылки

Описание

gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.1.1, as used in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7, allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted image that is mishandled by the imagescale function.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

Zend/zend_exceptions.c in PHP before 5.4.44, 5.5.x before 5.5.28, and 5.6.x before 5.6.12 does not validate certain Exception objects, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or trigger unintended method execution via crafted serialized data.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

The gdImageScaleTwoPass function in gd_interpolation.c in the GD Graphics Library (aka libgd) before 2.2.0, as used in PHP before 5.6.12, uses inconsistent allocate and free approaches, which allows remote attackers to cause a denial of service (memory consumption) via a crafted call, as demonstrated by a call to the PHP imagescale function.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12 mishandles driver behavior for SQL_WVARCHAR columns, which allows remote attackers to cause a denial of service (application crash) in opportunistic circumstances by leveraging use of the odbc_fetch_array function to access a certain type of Microsoft SQL Server table.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

The get_icu_value_internal function in ext/intl/locale/locale_methods.c in PHP before 5.5.36, 5.6.x before 5.6.22, and 7.x before 7.0.7 does not ensure the presence of a '\0' character, which allows remote attackers to cause a denial of service (out-of-bounds read) or possibly have unspecified other impact via a crafted locale_get_primary_language call.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

Integer overflow in the php_html_entities function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from the htmlspecialchars function.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

Integer overflow in the php_escape_html_entities_ex function in ext/standard/html.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact by triggering a large output string from a FILTER_SANITIZE_FULL_SPECIAL_CHARS filter_var call. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-5094.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки

Описание

Integer overflow in the fread function in ext/standard/file.c in PHP before 5.5.36 and 5.6.x before 5.6.22 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a large integer in the second argument.

Затронутые продукты
openSUSE Leap 42.1:apache2-mod_php5-5.5.14-53.1
openSUSE Leap 42.1:imap-2007e_suse-22.1
openSUSE Leap 42.1:imap-devel-2007e_suse-22.1
openSUSE Leap 42.1:libc-client2007e_suse-2007e_suse-22.1
Ссылки
Уязвимость openSUSE-SU-2016:1688-1