ELSA-2014-1327

ULN >
Oracle Linux Errata repository >
ELSA-2014-1327

ELSA-2014-1327 - php security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2014-09-30

Description

[5.4.16-23.1]
- gd: fix NULL pointer dereference in gdImageCreateFromXpm().
CVE-2014-2497
- gd: fix NUL byte injection in file names. CVE-2014-5120
- fileinfo: fix extensive backtracking in regular expression
(incomplete fix for CVE-2013-7345). CVE-2014-3538
- fileinfo: fix mconvert incorrect handling of truncated
pascal string size. CVE-2014-3478
- fileinfo: fix cdf_read_property_info
(incomplete fix for CVE-2012-1571). CVE-2014-3587
- spl: fix use-after-free in ArrayIterator due to object
change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- network: fix segfault in dns_get_record
(incomplete fix for CVE-2014-4049). CVE-2014-3597

Related CVEs

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory

Oracle Linux 7 (x86_64)	php-5.4.16-23.el7_0.1.src.rpm	7e68f778840f607f46b067453484f834	ELSA-2020-1112
	php-5.4.16-23.el7_0.1.x86_64.rpm	58c81605363dc3ab3557689b8ae8591c	ELSA-2020-1112
	php-bcmath-5.4.16-23.el7_0.1.x86_64.rpm	98fbde3068e5af8ea4f24e4b53d6eb36	ELSA-2020-1112
	php-cli-5.4.16-23.el7_0.1.x86_64.rpm	827f3f2e410e6b334559efbf4754eb95	ELSA-2020-1112
	php-common-5.4.16-23.el7_0.1.x86_64.rpm	6a1c540510d27bb652bb30a1d720a872	ELSA-2020-1112
	php-dba-5.4.16-23.el7_0.1.x86_64.rpm	10b0c107bb5c2dd6d4ae164ff6245bb0	ELSA-2020-1112
	php-devel-5.4.16-23.el7_0.1.x86_64.rpm	e1f3e79ee591fed2243737ac3dd33597	ELSA-2020-1112
	php-embedded-5.4.16-23.el7_0.1.x86_64.rpm	a6e4093f59aa0aa0b1171d2eb0633882	ELSA-2020-1112
	php-enchant-5.4.16-23.el7_0.1.x86_64.rpm	78426dce74325619a89885277f0d707b	ELSA-2020-1112
	php-fpm-5.4.16-23.el7_0.1.x86_64.rpm	c06ddfb042a1312cda9f6407f0088f97	ELSA-2020-1112
	php-gd-5.4.16-23.el7_0.1.x86_64.rpm	a8dc891a4e950b7cf75b82e7fd7a76d4	ELSA-2020-1112
	php-intl-5.4.16-23.el7_0.1.x86_64.rpm	3c79eac28ae8c5b52ffd3cdaa24e3ced	ELSA-2020-1112
	php-ldap-5.4.16-23.el7_0.1.x86_64.rpm	779d6735879a5ca6960dde7ae9507262	ELSA-2020-1112
	php-mbstring-5.4.16-23.el7_0.1.x86_64.rpm	75baf421083a8d1e4117b46cffc39709	ELSA-2020-1112
	php-mysql-5.4.16-23.el7_0.1.x86_64.rpm	ba875bb4343250f2866b4cd96111f6fe	ELSA-2020-1112
	php-mysqlnd-5.4.16-23.el7_0.1.x86_64.rpm	6be03c05b06d6f8577396e2ae2a4560a	ELSA-2020-1112
	php-odbc-5.4.16-23.el7_0.1.x86_64.rpm	2bef4a9a044fdecdc7d5b2f3ce3d57ce	ELSA-2020-1112
	php-pdo-5.4.16-23.el7_0.1.x86_64.rpm	a5036a776d2e67afb597e7c4edf6509b	ELSA-2020-1112
	php-pgsql-5.4.16-23.el7_0.1.x86_64.rpm	3b44f461fbdc97d2ac73c8c96a97121e	ELSA-2020-1112
	php-process-5.4.16-23.el7_0.1.x86_64.rpm	ba1ab9c8c92db953d1bda1b62b73d784	ELSA-2020-1112
	php-pspell-5.4.16-23.el7_0.1.x86_64.rpm	cfdff28669b9310e44181c48aae6623d	ELSA-2020-1112
	php-recode-5.4.16-23.el7_0.1.x86_64.rpm	7dfa78d1746902146f2ce24bbb5b18a9	ELSA-2020-1112
	php-snmp-5.4.16-23.el7_0.1.x86_64.rpm	95bb747a1da81d5b383e6c6a0305fe8c	ELSA-2020-1112
	php-soap-5.4.16-23.el7_0.1.x86_64.rpm	93b17a86e312f78f746d4f8a02f5cfa5	ELSA-2020-1112
	php-xml-5.4.16-23.el7_0.1.x86_64.rpm	a0ebedb06e1ab7089d2729c7a5c5271d	ELSA-2020-1112
	php-xmlrpc-5.4.16-23.el7_0.1.x86_64.rpm	25e55f428b473d212b2817b37a099989	ELSA-2020-1112

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691