ELSA-2015-1135
- ULN >
- Oracle Linux Errata repository >
- ELSA-2015-1135
ELSA-2015-1135 - php security and bug fix update
| Type: | SECURITY |
| Impact: | IMPORTANT |
| Release Date: | 2015-06-23 |
Description
[5.4.16-36]
- fix more functions accept paths with NUL character #1213407
[5.4.16-35]
- core: fix multipart/form-data request can use excessive
amount of CPU usage CVE-2015-4024
- fix various functions accept paths with NUL character
CVE-2015-4025, CVE-2015-4026, #1213407
- fileinfo: fix denial of service when processing a crafted
file #1213442
- ftp: fix integer overflow leading to heap overflow when
reading FTP file listing CVE-2015-4022
- phar: fix buffer over-read in metadata parsing CVE-2015-2783
- phar: invalid pointer free() in phar_tar_process_metadata()
CVE-2015-3307
- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329
- phar: fix memory corruption in phar_parse_tarfile caused by
empty entry file name CVE-2015-4021
- soap: fix type confusion through unserialize #1222538
- apache2handler: fix pipelined request executed in deinitialized
interpreter under httpd 2.4 CVE-2015-3330
[5.4.16-34]
- fix memory corruption in fileinfo module on big endian
machines #1082624
- fix segfault in pdo_odbc on x86_64 #1159892
- fix segfault in gmp allocator #1154760
[5.4.16-33]
- core: use after free vulnerability in unserialize()
CVE-2014-8142 and CVE-2015-0231
- core: fix use-after-free in unserialize CVE-2015-2787
- core: fix NUL byte injection in file name argument of
move_uploaded_file() CVE-2015-2348
- date: use after free vulnerability in unserialize CVE-2015-0273
- enchant: fix heap buffer overflow in enchant_broker_request_dict
CVE-2014-9705
- exif: free called on unitialized pointer CVE-2015-0232
- fileinfo: fix out of bounds read in mconvert CVE-2014-9652
- gd: fix buffer read overflow in gd_gif_in.c CVE-2014-9709
- phar: use after free in phar_object.c CVE-2015-2301
- soap: fix type confusion through unserialize
[5.4.16-31]
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
[5.4.16-29]
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
- core: fix integer overflow in unserialize() CVE-2014-3669
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670
[5.4.16-27]
- gd: fix NULL pointer dereference in gdImageCreateFromXpm().
CVE-2014-2497
- gd: fix NUL byte injection in file names. CVE-2014-5120
- fileinfo: fix extensive backtracking in regular expression
(incomplete fix for CVE-2013-7345). CVE-2014-3538
- fileinfo: fix mconvert incorrect handling of truncated
pascal string size. CVE-2014-3478
- fileinfo: fix cdf_read_property_info
(incomplete fix for CVE-2012-1571). CVE-2014-3587
- spl: fix use-after-free in ArrayIterator due to object
change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- network: fix segfault in dns_get_record
(incomplete fix for CVE-2014-4049). CVE-2014-3597
[5.4.16-25]
- fix segfault after startup on aarch64 (#1107567)
- compile php with -O3 on ppc64le (#1123499)
Related CVEs
Updated Packages
| Release/Architecture | Filename | sha256 | Superseded By Advisory | Channel Label |
| Oracle Linux 7 (x86_64) | php-5.4.16-36.el7_1.src.rpm | c118960d67279f4b936ed091cae3475dd3dd031bf17edc4b97ff107cc67a6fc8 | ELSA-2020-1112 | ol7_x86_64_latest_archive |
| php-5.4.16-36.el7_1.src.rpm | c118960d67279f4b936ed091cae3475dd3dd031bf17edc4b97ff107cc67a6fc8 | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-5.4.16-36.el7_1.src.rpm | c118960d67279f4b936ed091cae3475dd3dd031bf17edc4b97ff107cc67a6fc8 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-5.4.16-36.el7_1.src.rpm | c118960d67279f4b936ed091cae3475dd3dd031bf17edc4b97ff107cc67a6fc8 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-5.4.16-36.el7_1.x86_64.rpm | 6a0d6628eadae9f52578570c8d4112c5fdefe070419967f2dd56004821d58697 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-5.4.16-36.el7_1.x86_64.rpm | 6a0d6628eadae9f52578570c8d4112c5fdefe070419967f2dd56004821d58697 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-5.4.16-36.el7_1.x86_64.rpm | 6a0d6628eadae9f52578570c8d4112c5fdefe070419967f2dd56004821d58697 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-bcmath-5.4.16-36.el7_1.x86_64.rpm | 4eab9f8e2a80920697bb14031ab7db2ca672d73e9d3b42f2a50fd6699d8176c5 | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-cli-5.4.16-36.el7_1.x86_64.rpm | d3fcdde0f1bf02a042f698c852b60e9b7c8850d0f8e63edaabf731cb2c56a4f4 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-cli-5.4.16-36.el7_1.x86_64.rpm | d3fcdde0f1bf02a042f698c852b60e9b7c8850d0f8e63edaabf731cb2c56a4f4 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-cli-5.4.16-36.el7_1.x86_64.rpm | d3fcdde0f1bf02a042f698c852b60e9b7c8850d0f8e63edaabf731cb2c56a4f4 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-common-5.4.16-36.el7_1.x86_64.rpm | 87dde606c277261f820f7a44dd113ce5b2af232b73645c817a8113425c54485d | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-common-5.4.16-36.el7_1.x86_64.rpm | 87dde606c277261f820f7a44dd113ce5b2af232b73645c817a8113425c54485d | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-common-5.4.16-36.el7_1.x86_64.rpm | 87dde606c277261f820f7a44dd113ce5b2af232b73645c817a8113425c54485d | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-dba-5.4.16-36.el7_1.x86_64.rpm | cd06b79d206a6359503cdef332bfc6faae6061ba32ac51a03280b2c42fd3f26c | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-devel-5.4.16-36.el7_1.x86_64.rpm | 4d404324bfc9553afa58e91ea909b924abc50f38b34b3811a1f283737457f58f | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-embedded-5.4.16-36.el7_1.x86_64.rpm | ed17ea9321e31fd5e3f2cb1566615dbe842b9f31b52e2f9aba1f5f0e56d778f3 | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-enchant-5.4.16-36.el7_1.x86_64.rpm | 4deb71d694f9aefe606724c0fbe85a86625b04d1cf6cb1bec0b8fd3f46bd813f | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-fpm-5.4.16-36.el7_1.x86_64.rpm | aaf359f794441e117a2c51dc589b6ebc6f94ad47565338c2e739c9b544ecd591 | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-gd-5.4.16-36.el7_1.x86_64.rpm | 56aacf9c8abf08dd2a2f18254d56fd016256cfe9f38ea5ae6da08b52008631bb | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-gd-5.4.16-36.el7_1.x86_64.rpm | 56aacf9c8abf08dd2a2f18254d56fd016256cfe9f38ea5ae6da08b52008631bb | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-gd-5.4.16-36.el7_1.x86_64.rpm | 56aacf9c8abf08dd2a2f18254d56fd016256cfe9f38ea5ae6da08b52008631bb | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-intl-5.4.16-36.el7_1.x86_64.rpm | c09912ac7ddae429ccb1ed68aa39fe9d206aa98cf79b52671495ba5bc7138a29 | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-ldap-5.4.16-36.el7_1.x86_64.rpm | 7873d27d26885187a6b399fc3787462fc54a3b4537198003d108bdf663a604ad | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-ldap-5.4.16-36.el7_1.x86_64.rpm | 7873d27d26885187a6b399fc3787462fc54a3b4537198003d108bdf663a604ad | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-ldap-5.4.16-36.el7_1.x86_64.rpm | 7873d27d26885187a6b399fc3787462fc54a3b4537198003d108bdf663a604ad | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-mbstring-5.4.16-36.el7_1.x86_64.rpm | 2a81ece9f69ad153bb7ba5ddcca07ee04c74b9f2f2388dd25958b9dcd579751d | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-mysql-5.4.16-36.el7_1.x86_64.rpm | 4c8dfc039408c9c19bf048e1e8adb5d7e923908c1ade8f767b8251ac75796f82 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-mysql-5.4.16-36.el7_1.x86_64.rpm | 4c8dfc039408c9c19bf048e1e8adb5d7e923908c1ade8f767b8251ac75796f82 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-mysql-5.4.16-36.el7_1.x86_64.rpm | 4c8dfc039408c9c19bf048e1e8adb5d7e923908c1ade8f767b8251ac75796f82 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-mysqlnd-5.4.16-36.el7_1.x86_64.rpm | 1b765f10ec0b7fe32c074fd96fd76fbcc1398c6b06b02a0584081920f9134cdf | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-odbc-5.4.16-36.el7_1.x86_64.rpm | 0ccfa259d6d634f5907f532d84c7cec9342a56c111cdd4da4ebf53933b0ad095 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-odbc-5.4.16-36.el7_1.x86_64.rpm | 0ccfa259d6d634f5907f532d84c7cec9342a56c111cdd4da4ebf53933b0ad095 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-odbc-5.4.16-36.el7_1.x86_64.rpm | 0ccfa259d6d634f5907f532d84c7cec9342a56c111cdd4da4ebf53933b0ad095 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-pdo-5.4.16-36.el7_1.x86_64.rpm | 9aaf9bdc5ef0f56e33299f7915a17ff7fab2ae7aa34d5a2e54af1c3c5f0e5939 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-pdo-5.4.16-36.el7_1.x86_64.rpm | 9aaf9bdc5ef0f56e33299f7915a17ff7fab2ae7aa34d5a2e54af1c3c5f0e5939 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-pdo-5.4.16-36.el7_1.x86_64.rpm | 9aaf9bdc5ef0f56e33299f7915a17ff7fab2ae7aa34d5a2e54af1c3c5f0e5939 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-pgsql-5.4.16-36.el7_1.x86_64.rpm | 9781c3b6c9a442db4288514a53c99996225d8693817fbd47cac1174e52125aa2 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-pgsql-5.4.16-36.el7_1.x86_64.rpm | 9781c3b6c9a442db4288514a53c99996225d8693817fbd47cac1174e52125aa2 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-pgsql-5.4.16-36.el7_1.x86_64.rpm | 9781c3b6c9a442db4288514a53c99996225d8693817fbd47cac1174e52125aa2 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-process-5.4.16-36.el7_1.x86_64.rpm | 5d5834a6a019e2ece705141e51a5b9bbc2ea5fa8eb82fa59ce5e08cd5e21e067 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-process-5.4.16-36.el7_1.x86_64.rpm | 5d5834a6a019e2ece705141e51a5b9bbc2ea5fa8eb82fa59ce5e08cd5e21e067 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-process-5.4.16-36.el7_1.x86_64.rpm | 5d5834a6a019e2ece705141e51a5b9bbc2ea5fa8eb82fa59ce5e08cd5e21e067 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-pspell-5.4.16-36.el7_1.x86_64.rpm | 8c62419687c20d5bbc226d247b1fefd4a5d9866bfded6a8888f18c5ec02526be | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-recode-5.4.16-36.el7_1.x86_64.rpm | eec699672df9faf57c6577ac07ad4c83cb63c74d7fe60ca63b0fc21f11b6ed67 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-recode-5.4.16-36.el7_1.x86_64.rpm | eec699672df9faf57c6577ac07ad4c83cb63c74d7fe60ca63b0fc21f11b6ed67 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-recode-5.4.16-36.el7_1.x86_64.rpm | eec699672df9faf57c6577ac07ad4c83cb63c74d7fe60ca63b0fc21f11b6ed67 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-snmp-5.4.16-36.el7_1.x86_64.rpm | 6d504b753ec5626e3b5bdc7b759bf4c8a4b86f87f9ed2a38c44f2f1d03e3f718 | ELSA-2020-1112 | ol7_x86_64_optional_archive | |
| php-soap-5.4.16-36.el7_1.x86_64.rpm | 71e671b70962eba365af33ee33688c77397d1c00d3738f0de6829b28fb436c57 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-soap-5.4.16-36.el7_1.x86_64.rpm | 71e671b70962eba365af33ee33688c77397d1c00d3738f0de6829b28fb436c57 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-soap-5.4.16-36.el7_1.x86_64.rpm | 71e671b70962eba365af33ee33688c77397d1c00d3738f0de6829b28fb436c57 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-xml-5.4.16-36.el7_1.x86_64.rpm | 1be1e39760450021da890d40dd7f476fb0d4f9c82a745a3a6f4ce8c6e80e6261 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-xml-5.4.16-36.el7_1.x86_64.rpm | 1be1e39760450021da890d40dd7f476fb0d4f9c82a745a3a6f4ce8c6e80e6261 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-xml-5.4.16-36.el7_1.x86_64.rpm | 1be1e39760450021da890d40dd7f476fb0d4f9c82a745a3a6f4ce8c6e80e6261 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
| php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm | 57945d275d0c2f93ab82ff52a187d8fa6dfd629edfa187366656ac037dd4a6c6 | ELSA-2020-1112 | ol7_x86_64_latest_archive | |
| php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm | 57945d275d0c2f93ab82ff52a187d8fa6dfd629edfa187366656ac037dd4a6c6 | ELSA-2020-1112 | ol7_x86_64_u1_patch | |
| php-xmlrpc-5.4.16-36.el7_1.x86_64.rpm | 57945d275d0c2f93ab82ff52a187d8fa6dfd629edfa187366656ac037dd4a6c6 | ELSA-2020-1112 | ol7_x86_64_u2_base | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
