Paketname
php
Datum
2014-03-14
Advisory ID
MDVSA-2014:059
Betroffene Versionen
MBS1 x86_64

Problembeschreibung

Multiple vulnerabilities has been discovered and corrected in php:

Fixed bug #66731 (file: infinite recursion (CVE-2014-1943)).

Fixed bug #66820 (out-of-bounds memory access in fileinfo
(CVE-2014-2270)).

Fixed bug #66815 (imagecrop(): insufficient fix for NULL defer
(CVE-2013-7327)).

The updated php packages have been upgraded to the 5.5.10 version
which is not vulnerable to these issues.

The php-xdebug packages has been upgraded to the latest 2.2.4 version
that resolves numerous upstream bugs.

Additionally, the PECL packages which requires so has been rebuilt
for php-5.5.10.

Aktualisierte Pakete

MBS1 x86_64

 24737449ee336d5e9824e2f2ae543292  mbs1/x86_64/apache-mod_php-5.5.10-1.1.mbs1.x86_64.rpm
 0b922c54fa9223fecc8d35a5c7c8599e  mbs1/x86_64/lib64php5_common5-5.5.10-1.1.mbs1.x86_64.rpm
 7ee561479c57d59fd98a5501e9586500  mbs1/x86_64/php-apc-3.1.15-1.4.mbs1.x86_64.rpm
 eb7de5759296f86517f5edfd9d4436ca  mbs1/x86_64/php-apc-admin-3.1.15-1.4.mbs1.x86_64.rpm
 a1d9c94696da01a54ef8fdc514e87eeb  mbs1/x86_64/php-bcmath-5.5.10-1.1.mbs1.x86_64.rpm
 1b2cd506955bff2be731071a094c722f  mbs1/x86_64/php-bz2-5.5.10-1.1.mbs1.x86_64.rpm
 8960e53771c38895428275376133ad80  mbs1/x86_64/php-calendar-5.5.10-1.1.mbs1.x86_64.rpm
 76ae075f4cb8bbd735289a6c1d06fd7a  mbs1/x86_64/php-cgi-5.5.10-1.1.mbs1.x86_64.rpm
 12b695df15e1f8cb7b0a4dfe6c9aa088  mbs1/x86_64/php-cli-5.5.10-1.1.mbs1.x86_64.rpm
 f8f5f6b8ed7afaffe4893ee713198f96  mbs1/x86_64/php-ctype-5.5.10-1.1.mbs1.x86_64.rpm
 1950d33f015eefc8014070526758ee8e  mbs1/x86_64/php-curl-5.5.10-1.1.mbs1.x86_64.rpm
 9497d5da046377151644e93733cb074e  mbs1/x86_64/php-dba-5.5.10-1.1.mbs1.x86_64.rpm
 ac662e5ef7059d81cccb62c7bbe97901  mbs1/x86_64/php-devel-5.5.10-1.1.mbs1.x86_64.rpm
 87a743ba4947af120c24da6115c7e6db  mbs1/x86_64/php-doc-5.5.10-1.1.mbs1.noarch.rpm
 b941027ff5051dc2811b4263f6bf20b1  mbs1/x86_64/php-dom-5.5.10-1.1.mbs1.x86_64.rpm
 77c456007f9d6e330bfa514dc7e2c71c  mbs1/x86_64/php-enchant-5.5.10-1.1.mbs1.x86_64.rpm
 e14bbbfe6cbd0027eb92f2de676bda2b  mbs1/x86_64/php-exif-5.5.10-1.1.mbs1.x86_64.rpm
 016db3c40dafc614f69ed163870d0ba9  mbs1/x86_64/php-fileinfo-5.5.10-1.1.mbs1.x86_64.rpm
 800722c1127bf7f835fed88d5805612a  mbs1/x86_64/php-filter-5.5.10-1.1.mbs1.x86_64.rpm
 c25709c616879f64ca095493a250e49a  mbs1/x86_64/php-fpm-5.5.10-1.1.mbs1.x86_64.rpm
 dd3b14133c3e5e299976709acaba36f1  mbs1/x86_64/php-ftp-5.5.10-1.1.mbs1.x86_64.rpm
 33285cc7d2f89640c84a89c2d78d4c1c  mbs1/x86_64/php-gd-5.5.10-1.1.mbs1.x86_64.rpm
 98815ed19f6a439995c257c86d3fd8e7  mbs1/x86_64/php-gettext-5.5.10-1.1.mbs1.x86_64.rpm
 2c34c8d28d2bcf105deced29a743ce10  mbs1/x86_64/php-gmp-5.5.10-1.1.mbs1.x86_64.rpm
 66f17761f797c9ba5b9f64359df0e444  mbs1/x86_64/php-hash-5.5.10-1.1.mbs1.x86_64.rpm
 a9679cf58298c91fe11e9065888f3ecf  mbs1/x86_64/php-iconv-5.5.10-1.1.mbs1.x86_64.rpm
 44c8fd8cbd7a749ce405eafcb5cfaba0  mbs1/x86_64/php-imap-5.5.10-1.1.mbs1.x86_64.rpm
 de60f25c3e3da02a1ed96ea3c6b7d146  mbs1/x86_64/php-ini-5.5.10-1.1.mbs1.x86_64.rpm
 674171b2daf508b7709ec0fa39f3dadb  mbs1/x86_64/php-intl-5.5.10-1.1.mbs1.x86_64.rpm
 b4b75e252c03be45e1ea42d93cbb559d  mbs1/x86_64/php-json-5.5.10-1.1.mbs1.x86_64.rpm
 10071e1f44d3ec6500559211168c3b4a  mbs1/x86_64/php-ldap-5.5.10-1.1.mbs1.x86_64.rpm
 4b7e7d0a0b6adcca257a2fd124e62c58  mbs1/x86_64/php-mbstring-5.5.10-1.1.mbs1.x86_64.rpm
 19345fe51062884bd7c9ff80f49dcbdb  mbs1/x86_64/php-mcrypt-5.5.10-1.1.mbs1.x86_64.rpm
 e2a844b656f9ab03b731ad2f272b5d2b  mbs1/x86_64/php-mssql-5.5.10-1.1.mbs1.x86_64.rpm
 4fcf706c941176818fdfc995fba8209c  mbs1/x86_64/php-mysql-5.5.10-1.1.mbs1.x86_64.rpm
 46c3635f1e79e351b2d63d7be993557b  mbs1/x86_64/php-mysqli-5.5.10-1.1.mbs1.x86_64.rpm
 6b652b39093992140614a97e4633ee52  mbs1/x86_64/php-mysqlnd-5.5.10-1.1.mbs1.x86_64.rpm
 d8712b4ec5533dd53c3e1a6854a41612  mbs1/x86_64/php-odbc-5.5.10-1.1.mbs1.x86_64.rpm
 58da4457f76d98468fbc2216a82a6210  mbs1/x86_64/php-opcache-5.5.10-1.1.mbs1.x86_64.rpm
 67847c07b4d21ef262864d25a633d70a  mbs1/x86_64/php-openssl-5.5.10-1.1.mbs1.x86_64.rpm
 daf97d8271493a2ecbd18ad20a857bcf  mbs1/x86_64/php-pcntl-5.5.10-1.1.mbs1.x86_64.rpm
 4a6aed5d64de832c986caa41d4a99919  mbs1/x86_64/php-pdo-5.5.10-1.1.mbs1.x86_64.rpm
 38358c84106e4f5c86704c92f09a4852  mbs1/x86_64/php-pdo_dblib-5.5.10-1.1.mbs1.x86_64.rpm
 f5f013d46693b257672a53333c1d2aef  mbs1/x86_64/php-pdo_mysql-5.5.10-1.1.mbs1.x86_64.rpm
 a052eca4ad1c2fa1aa2cc5a492864959  mbs1/x86_64/php-pdo_odbc-5.5.10-1.1.mbs1.x86_64.rpm
 e5e592546df1d334c3bd8e26be14784e  mbs1/x86_64/php-pdo_pgsql-5.5.10-1.1.mbs1.x86_64.rpm
 bfe91133e7dd8ecd326d033f09156fd5  mbs1/x86_64/php-pdo_sqlite-5.5.10-1.1.mbs1.x86_64.rpm
 cec3e2d7281150e42c138375c7047392  mbs1/x86_64/php-pgsql-5.5.10-1.1.mbs1.x86_64.rpm
 45a7eefb527a69d733e121d6814e4294  mbs1/x86_64/php-phar-5.5.10-1.1.mbs1.x86_64.rpm
 093b385f0d0b46e3f6fd33f914548a0a  mbs1/x86_64/php-posix-5.5.10-1.1.mbs1.x86_64.rpm
 5864c26cd75dbe4f3c78b369081f0438  mbs1/x86_64/php-readline-5.5.10-1.1.mbs1.x86_64.rpm
 d0f41537a40bd91a5f1f3a8ca5fde200  mbs1/x86_64/php-recode-5.5.10-1.1.mbs1.x86_64.rpm
 ad5ab348291e6b2e5a4eb3bb33ce8a2f  mbs1/x86_64/php-session-5.5.10-1.1.mbs1.x86_64.rpm
 cf9882756cfc5ca36ceffe23a148bb47  mbs1/x86_64/php-shmop-5.5.10-1.1.mbs1.x86_64.rpm
 74b1621ca81142e93046925bed22a5e8  mbs1/x86_64/php-snmp-5.5.10-1.1.mbs1.x86_64.rpm
 80e3ba9497626214b3bcc2712f60ac5f  mbs1/x86_64/php-soap-5.5.10-1.1.mbs1.x86_64.rpm
 9de06a2dee1e54d7f42a33a17ca8205b  mbs1/x86_64/php-sockets-5.5.10-1.1.mbs1.x86_64.rpm
 c030bff618bbcb037e812ddb94649eb5  mbs1/x86_64/php-sqlite3-5.5.10-1.1.mbs1.x86_64.rpm
 b65a0c3e62630b815656e80da43a2480  mbs1/x86_64/php-sybase_ct-5.5.10-1.1.mbs1.x86_64.rpm
 be0694c255784a0a4f35f0e8d15f201b  mbs1/x86_64/php-sysvmsg-5.5.10-1.1.mbs1.x86_64.rpm
 80ad06376f143a770cfb5cba1d848af2  mbs1/x86_64/php-sysvsem-5.5.10-1.1.mbs1.x86_64.rpm
 20ee2f4ab2344649920c7ea75d251229  mbs1/x86_64/php-sysvshm-5.5.10-1.1.mbs1.x86_64.rpm
 756a95f3f9caf872ca3e656ae2c8f6e1  mbs1/x86_64/php-tidy-5.5.10-1.1.mbs1.x86_64.rpm
 ea69b8f0630a5016589c5340e9f8cb08  mbs1/x86_64/php-tokenizer-5.5.10-1.1.mbs1.x86_64.rpm
 9120358796e07a057bcb49b3f7a3287a  mbs1/x86_64/php-wddx-5.5.10-1.1.mbs1.x86_64.rpm
 140204bf0eb22cbaa71392c87217730b  mbs1/x86_64/php-xdebug-2.2.4-1.mbs1.x86_64.rpm
 d8f2b85bd082332a608612deeee0a527  mbs1/x86_64/php-xml-5.5.10-1.1.mbs1.x86_64.rpm
 1373b28914b0e1fc52d98e8599ab5286  mbs1/x86_64/php-xmlreader-5.5.10-1.1.mbs1.x86_64.rpm
 24767241f254b25cf40f22c5b42009d4  mbs1/x86_64/php-xmlrpc-5.5.10-1.1.mbs1.x86_64.rpm
 ebe5805c7fc2ba228019f461f666d53f  mbs1/x86_64/php-xmlwriter-5.5.10-1.1.mbs1.x86_64.rpm
 d8e5137af8780fb2aa1588d926ea5214  mbs1/x86_64/php-xsl-5.5.10-1.1.mbs1.x86_64.rpm
 8e7ec6219aa8ec67b7e34752266fd0c3  mbs1/x86_64/php-zip-5.5.10-1.1.mbs1.x86_64.rpm
 02eaebe931a02fa3b7aeee6f90078b59  mbs1/x86_64/php-zlib-5.5.10-1.1.mbs1.x86_64.rpm 
 d32d95daec74ca968d0143f9bb4c39aa  mbs1/SRPMS/php-5.5.10-1.1.mbs1.src.rpm
 cef70e625abea16578f7234743896bae  mbs1/SRPMS/php-apc-3.1.15-1.4.mbs1.src.rpm
 015ce9f2892ee94a3a73a8a15bdc58fd  mbs1/SRPMS/php-xdebug-2.2.4-1.mbs1.src.rpm

Referenzen