ELSA-2016-2598

ELSA-2016-2598 - php security and bug fix update

Type:SECURITY
Severity:MODERATE
Release Date:2016-11-09

Description


[5.4.16-42]
- bz2: fix improper error handling in bzread() CVE-2016-5399

[5.4.16-41]
- gd: fix integer overflow in _gd2GetHeader() resulting in
heap overflow CVE-2016-5766
- gd: fix integer overflow in gdImagePaletteToTrueColor()
resulting in heap overflow CVE-2016-5767
- mbstring: fix double free in _php_mb_regex_ereg_replace_exec
CVE-2016-5768

[5.4.16-40]
- don't set environmental variable based on user supplied Proxy
request header CVE-2016-5385

[5.4.16-39]
- fix segmentation fault in header_register_callback #1344578

[5.4.16-38]
- curl: add options to enable TLS #1291667
- mysqli: fix segfault in mysqli_stmt::bind_result() when
link is closed #1096800
- fpm: fix incorrectly defined SCRIPT_NAME variable when
using Apache #1138563
- core: fix segfault when a zend_extension is loaded twice #1289457
- openssl: change default_md algo from MD5 to SHA1 #1073388
- wddx: fix segfault in php_wddx_serialize_var #1131979

[5.4.16-37]
- session: fix segfault in session with rfc1867 #1297179


Related CVEs


CVE-2016-5399
CVE-2016-5767
CVE-2016-5768
CVE-2016-5766

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (aarch64) php-5.4.16-42.el7.src.rpm6336e9c4687861bd83968fb036fbb9d9ELSA-2020-1112
php-5.4.16-42.el7.aarch64.rpma356651dcac131dc53ca84a29ce06a4bELSA-2020-1112
php-bcmath-5.4.16-42.el7.aarch64.rpm62b7d374bb3d24eb05ffa1be70d63cdeELSA-2020-1112
php-cli-5.4.16-42.el7.aarch64.rpm9ffaf1d90841a624c0d2e5b8db24d3b8ELSA-2020-1112
php-common-5.4.16-42.el7.aarch64.rpm69fc3354b1259a674ec0a04222cb9a5bELSA-2020-1112
php-dba-5.4.16-42.el7.aarch64.rpm9e45e31f60ff14e7d0411cda11bc2c3bELSA-2020-1112
php-devel-5.4.16-42.el7.aarch64.rpm11f44ce562afa1e37fc00aafe2ca2454ELSA-2020-1112
php-embedded-5.4.16-42.el7.aarch64.rpmf4bf5ea19b1f66d057089437898feebcELSA-2020-1112
php-enchant-5.4.16-42.el7.aarch64.rpme52196329d41ac64d8a5e7e5e3821978ELSA-2020-1112
php-fpm-5.4.16-42.el7.aarch64.rpm385396a16c34fec5abd9ffb32ef16832ELSA-2020-1112
php-gd-5.4.16-42.el7.aarch64.rpme41e48b561834d7dd38c24fd48fba983ELSA-2020-1112
php-intl-5.4.16-42.el7.aarch64.rpm14fdbce825ece0bc25bbca2e5a568259ELSA-2020-1112
php-ldap-5.4.16-42.el7.aarch64.rpm9db4ea1f630ba5af85a668e20e00217cELSA-2020-1112
php-mbstring-5.4.16-42.el7.aarch64.rpm9a930d82bb521a0490e4669889d31d34ELSA-2020-1112
php-mysql-5.4.16-42.el7.aarch64.rpm969d1e9a72f678083e92ac7db40709efELSA-2020-1112
php-mysqlnd-5.4.16-42.el7.aarch64.rpm029e74986ed0f53f4b358ff407952282ELSA-2020-1112
php-odbc-5.4.16-42.el7.aarch64.rpm32262e3e58fa9e19f6bb33399ffb9bfbELSA-2020-1112
php-pdo-5.4.16-42.el7.aarch64.rpm9ed247cf657c9e869e9ef195ddc2b510ELSA-2020-1112
php-pgsql-5.4.16-42.el7.aarch64.rpmfa9ba33d9b3ec03d64940233dc92a2e0ELSA-2020-1112
php-process-5.4.16-42.el7.aarch64.rpm69086c111d34a1818594e2680b1f82b9ELSA-2020-1112
php-pspell-5.4.16-42.el7.aarch64.rpm3e4d704c1911c011417194e0b52477efELSA-2020-1112
php-recode-5.4.16-42.el7.aarch64.rpm375b4fe7dc49f1c517209b18228b919bELSA-2020-1112
php-snmp-5.4.16-42.el7.aarch64.rpm05efc155848db64408670287940c99cfELSA-2020-1112
php-soap-5.4.16-42.el7.aarch64.rpm1f0241523d35ee84d8a9f626a0026fe4ELSA-2020-1112
php-xml-5.4.16-42.el7.aarch64.rpm0ccbd0cd89680cd46b64aa42b76de784ELSA-2020-1112
php-xmlrpc-5.4.16-42.el7.aarch64.rpmeefa58a602983c2a7385f5143bea9e5bELSA-2020-1112
Oracle Linux 7 (x86_64) php-5.4.16-42.el7.src.rpm6336e9c4687861bd83968fb036fbb9d9ELSA-2020-1112
php-5.4.16-42.el7.x86_64.rpm0e33b9c1441de82813d812cf30080c85ELSA-2020-1112
php-bcmath-5.4.16-42.el7.x86_64.rpmfc22f917022ed98dbe6fba553e279c44ELSA-2020-1112
php-cli-5.4.16-42.el7.x86_64.rpmd9c413727d9b5d15e9530e82654c8249ELSA-2020-1112
php-common-5.4.16-42.el7.x86_64.rpm420a0c451b031318c3aaa5c556e24db7ELSA-2020-1112
php-dba-5.4.16-42.el7.x86_64.rpmab8557654ff838f0726c04c0c742fe75ELSA-2020-1112
php-devel-5.4.16-42.el7.x86_64.rpm62e4be967e95cff9a1b022ca2233d3baELSA-2020-1112
php-embedded-5.4.16-42.el7.x86_64.rpm4391ee2f554119f8f1a56545f3e6f6d6ELSA-2020-1112
php-enchant-5.4.16-42.el7.x86_64.rpmc6dea9d013baee16925336469483b024ELSA-2020-1112
php-fpm-5.4.16-42.el7.x86_64.rpm69032d0de9ddc6978b4e82673fc4d2d0ELSA-2020-1112
php-gd-5.4.16-42.el7.x86_64.rpmb5887546f6c48a7fcc6de8b50b05c917ELSA-2020-1112
php-intl-5.4.16-42.el7.x86_64.rpmbb44940a78d880d67b07a8df92aca5b4ELSA-2020-1112
php-ldap-5.4.16-42.el7.x86_64.rpmc6286e43bf5a76656d7e8bd02a9f4ad3ELSA-2020-1112
php-mbstring-5.4.16-42.el7.x86_64.rpmd911c1a9c9bed74b964281bdb0f96b4eELSA-2020-1112
php-mysql-5.4.16-42.el7.x86_64.rpmef925b4fe68a53c0516917229f857d17ELSA-2020-1112
php-mysqlnd-5.4.16-42.el7.x86_64.rpm02da03887fbdb6e959841a708b78f474ELSA-2020-1112
php-odbc-5.4.16-42.el7.x86_64.rpm3c24812b938c1fdba7be79c617692cb1ELSA-2020-1112
php-pdo-5.4.16-42.el7.x86_64.rpm96f51e52e08ee4a834d6a00d622d2bb2ELSA-2020-1112
php-pgsql-5.4.16-42.el7.x86_64.rpmf17e6fc4695b4d166b290cfac6cd314dELSA-2020-1112
php-process-5.4.16-42.el7.x86_64.rpm000249f654dc61729008c9732ddffdc2ELSA-2020-1112
php-pspell-5.4.16-42.el7.x86_64.rpm4036bee19514f5e0cd196fdbb9f5760dELSA-2020-1112
php-recode-5.4.16-42.el7.x86_64.rpm94476ced5fe6a1de3b859a854672ebc5ELSA-2020-1112
php-snmp-5.4.16-42.el7.x86_64.rpmfbc6727e45cecf9c4ce8094dcfe8f7b5ELSA-2020-1112
php-soap-5.4.16-42.el7.x86_64.rpm7d9fed9a60dc162f81a048e68812da12ELSA-2020-1112
php-xml-5.4.16-42.el7.x86_64.rpm28fb756f637c9a0b1f7297da91fce70dELSA-2020-1112
php-xmlrpc-5.4.16-42.el7.x86_64.rpm78ddae158d742ddc85fdd3c4e5561dcaELSA-2020-1112



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete