ELSA-2014-1013

ELSA-2014-1013 - php security update

Type:SECURITY
Severity:MODERATE
Release Date:2014-08-06

Description


[5.4.16-23]
- fileinfo: cdf_unpack_summary_info() excessive looping
DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite
loop. CVE-2014-0238
- fileinfo: cdf_check_stream_offset insufficient boundary
check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check
CVE-2014-3480
- fileinfo: cdf_read_short_sector insufficient boundary
check. CVE-2014-0207
- fileinfo: cdf_read_property_info insufficient boundary
check. CVE-2014-3487
- fileinfo: fix extensive backtracking CVE-2013-7345
- core: type confusion issue in phpinfo(). CVE-2014-4721
- core: fix heap-based buffer overflow in DNS TXT record
parsing. CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage
type confusion flaw. CVE-2014-3515


Related CVEs


CVE-2013-7345
CVE-2014-0207
CVE-2014-0237
CVE-2014-0238
CVE-2014-3479
CVE-2014-3480
CVE-2014-3487
CVE-2014-3515
CVE-2014-4049
CVE-2014-4721

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 7 (x86_64) php-5.4.16-23.el7_0.src.rpmb92017f2c9c3c791ebf83003d32c4d92ELSA-2020-1112
php-5.4.16-23.el7_0.x86_64.rpmc52abaeae0fc3cbf52ca4678f213f902ELSA-2020-1112
php-bcmath-5.4.16-23.el7_0.x86_64.rpmea31a672d53aad4d7b29e59e06b13756ELSA-2020-1112
php-cli-5.4.16-23.el7_0.x86_64.rpmf4fa7adcfe4b8ea62b6cc6bc8bc13bb1ELSA-2020-1112
php-common-5.4.16-23.el7_0.x86_64.rpm08fb36860a037d7df9657a22705ee6aaELSA-2020-1112
php-dba-5.4.16-23.el7_0.x86_64.rpm23f41efe0d74e61b97af6e9765bf2a18ELSA-2020-1112
php-devel-5.4.16-23.el7_0.x86_64.rpm3d7ca483e2a96fc012f5a2d6eae55368ELSA-2020-1112
php-embedded-5.4.16-23.el7_0.x86_64.rpm259e4a6708f2f0324fdd726bb2a8cec8ELSA-2020-1112
php-enchant-5.4.16-23.el7_0.x86_64.rpm0d7067886c05cb70364dbd935c390620ELSA-2020-1112
php-fpm-5.4.16-23.el7_0.x86_64.rpm65e98a15e8438731aefa9a17483e4051ELSA-2020-1112
php-gd-5.4.16-23.el7_0.x86_64.rpmad1e1004f7a04527c8438bf6f437ede9ELSA-2020-1112
php-intl-5.4.16-23.el7_0.x86_64.rpm88508175454ad90618b0c1e57f55122cELSA-2020-1112
php-ldap-5.4.16-23.el7_0.x86_64.rpm327a2c7208baab48283d3920fa70d475ELSA-2020-1112
php-mbstring-5.4.16-23.el7_0.x86_64.rpme4f114f077c337572814daffe649d1e6ELSA-2020-1112
php-mysql-5.4.16-23.el7_0.x86_64.rpmd17d4f75dcf46ca685d6e779d2d7bb48ELSA-2020-1112
php-mysqlnd-5.4.16-23.el7_0.x86_64.rpm1c61b370c6b8b091cdfe46db56632e15ELSA-2020-1112
php-odbc-5.4.16-23.el7_0.x86_64.rpm074701cb144aead864e7768386bf5e07ELSA-2020-1112
php-pdo-5.4.16-23.el7_0.x86_64.rpm03ffef59bc783fc8b317b4870adfd261ELSA-2020-1112
php-pgsql-5.4.16-23.el7_0.x86_64.rpme90f186ac7d48956fcb92deb56681d46ELSA-2020-1112
php-process-5.4.16-23.el7_0.x86_64.rpma5b29b472f4997f86c3d7d8f5e03d5b8ELSA-2020-1112
php-pspell-5.4.16-23.el7_0.x86_64.rpm0bb4ebf7f4adf37902149ea5d7f28d60ELSA-2020-1112
php-recode-5.4.16-23.el7_0.x86_64.rpma221e70c098ce35f520182ca59dce570ELSA-2020-1112
php-snmp-5.4.16-23.el7_0.x86_64.rpmdff65c242b29c6ffa5d7eb2ee8c1f51bELSA-2020-1112
php-soap-5.4.16-23.el7_0.x86_64.rpm53f3ef9de74c46d996f96fa0e4535ffeELSA-2020-1112
php-xml-5.4.16-23.el7_0.x86_64.rpm9eaa42d0e532a82a9c860bdde751d185ELSA-2020-1112
php-xmlrpc-5.4.16-23.el7_0.x86_64.rpm096ab0b04e6d99b8bcdfb966de225b76ELSA-2020-1112



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete