| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 09 Jul 2014 13:24:00 +0200 From: security@...driva.com To: bugtraq@...urityfocus.com Subject: [ MDVSA-2014:130 ] php -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2014:130 http://www.mandriva.com/en/support/security/ _______________________________________________________________________ Package : php Date : July 9, 2014 Affected: Business Server 1.0 _______________________________________________________________________ Problem Description: Updated php packages fix security vulnerabilities: The unserialize() function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue related to the SPL ArrayObject and SPLObjectStorage Types (CVE-2014-3515). It was discovered that PHP is vulnerable to a heap-based buffer overflow in the DNS TXT record parsing. A malicious server or man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application uses dns_get_record() to perform a DNS query (CVE-2014-4049). A flaw was found in the way file parsed property information from Composite Document Files (CDF) files, where the mconvert() function did not correctly compute the truncated pascal string size (CVE-2014-3478). Multiple flaws were found in the way file parsed property information from Composite Document Files (CDF) files, due to insufficient boundary checks on buffers (CVE-2014-0207, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487). PHP contains a bundled copy of the file utility's libmagic library, so it was vulnerable to this issue. It has been updated to versions 5.5.14, which fix this issue and several other bugs. The phpinfo() function in PHP before 5.4.30 and 5.5.14 has a Type Confusion issue that can cause it to leak arbitrary process memory (CVE-2014-4721). Additionally, php-apc has been rebuilt against the updated php packages and the php-timezonedb packages has been upgraded to the 2014.5 version. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0207 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3478 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3479 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3480 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3487 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3515 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4049 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4721 http://www.php.net/ChangeLog-5.php#5.5.14 http://advisories.mageia.org/MGASA-2014-0284.html _______________________________________________________________________ Updated Packages: Mandriva Business Server 1/X86_64: d750f3a4dd445dfff5d48c2cd335f5ee mbs1/x86_64/apache-mod_php-5.5.14-1.mbs1.x86_64.rpm bd6c38473df5579c601717197e0b3871 mbs1/x86_64/lib64php5_common5-5.5.14-1.mbs1.x86_64.rpm 438c5c236dd05aaf8f7df1aef41402f3 mbs1/x86_64/php-apc-3.1.15-1.8.mbs1.x86_64.rpm a52f3e744008e04d0136b8ecacee951e mbs1/x86_64/php-apc-admin-3.1.15-1.8.mbs1.x86_64.rpm 0f8c84efaeb06e7db89942525195da9b mbs1/x86_64/php-bcmath-5.5.14-1.mbs1.x86_64.rpm b0199c32c7bee5c4b17919db7d84190f mbs1/x86_64/php-bz2-5.5.14-1.mbs1.x86_64.rpm 9bd5ffbaf938d31fd5f9de5ed69d31f2 mbs1/x86_64/php-calendar-5.5.14-1.mbs1.x86_64.rpm c08143e0bcfac5d80136114d43157f31 mbs1/x86_64/php-cgi-5.5.14-1.mbs1.x86_64.rpm 8e6d23960410e1232e6810d5b3c9175e mbs1/x86_64/php-cli-5.5.14-1.mbs1.x86_64.rpm 3489e684a75c2025b795ef8812f9a6b3 mbs1/x86_64/php-ctype-5.5.14-1.mbs1.x86_64.rpm 6258c812ae9dd1ed984d707ef702e5a5 mbs1/x86_64/php-curl-5.5.14-1.mbs1.x86_64.rpm 34d78b00a2c29b01afd140f7e9af7ade mbs1/x86_64/php-dba-5.5.14-1.mbs1.x86_64.rpm f5291102bb3825e22f7b48e750a8fc39 mbs1/x86_64/php-devel-5.5.14-1.mbs1.x86_64.rpm 26bb707cceccc837d09e1e910f9ff2d8 mbs1/x86_64/php-doc-5.5.14-1.mbs1.noarch.rpm 25136ba7b5fa05754b785aadb646dad4 mbs1/x86_64/php-dom-5.5.14-1.mbs1.x86_64.rpm 4883b77f434fb92f66b5c9d25d1bb75f mbs1/x86_64/php-enchant-5.5.14-1.mbs1.x86_64.rpm d6344ab3bbf9bcc1acc6c88cc4a23203 mbs1/x86_64/php-exif-5.5.14-1.mbs1.x86_64.rpm f2c02261ca1827f8c1277e1f9010a34c mbs1/x86_64/php-fileinfo-5.5.14-1.mbs1.x86_64.rpm d61863b92ae06460d19a1927986fda23 mbs1/x86_64/php-filter-5.5.14-1.mbs1.x86_64.rpm f7b5b349884f7f733270f76bae3adb3d mbs1/x86_64/php-fpm-5.5.14-1.mbs1.x86_64.rpm 6a5922f4ce756fb7beb4f1547d940003 mbs1/x86_64/php-ftp-5.5.14-1.mbs1.x86_64.rpm 59ea194bdd3fd658e4cae8991abf8a22 mbs1/x86_64/php-gd-5.5.14-1.mbs1.x86_64.rpm 75a19794726b72db481fdfcbdf85a389 mbs1/x86_64/php-gettext-5.5.14-1.mbs1.x86_64.rpm 9000903f2268d2abebc2c968c8a3fe94 mbs1/x86_64/php-gmp-5.5.14-1.mbs1.x86_64.rpm d1b21d9cb29de195df99e26e165dd888 mbs1/x86_64/php-hash-5.5.14-1.mbs1.x86_64.rpm c3bce91b1e2399f0294d30c7cc8c348b mbs1/x86_64/php-iconv-5.5.14-1.mbs1.x86_64.rpm aefdb8dc9393e62379d9ef7ba7a61754 mbs1/x86_64/php-imap-5.5.14-1.mbs1.x86_64.rpm 7fc0430ee471f866ccbc4b7182644fcd mbs1/x86_64/php-ini-5.5.14-1.mbs1.x86_64.rpm efbab2d1304ec348e50ef54173cb21af mbs1/x86_64/php-intl-5.5.14-1.mbs1.x86_64.rpm 8ec9d6719adb5c4b52232eae273c424d mbs1/x86_64/php-json-5.5.14-1.mbs1.x86_64.rpm c669eb5a0a166f79f2974501c74b825d mbs1/x86_64/php-ldap-5.5.14-1.mbs1.x86_64.rpm d731c3140fc17387b03509675c64f8d6 mbs1/x86_64/php-mbstring-5.5.14-1.mbs1.x86_64.rpm bd3bdddd6d15d51b43af92b2d77c2d1e mbs1/x86_64/php-mcrypt-5.5.14-1.mbs1.x86_64.rpm 05a9d03e68a7538b279f7a1b775fb78f mbs1/x86_64/php-mssql-5.5.14-1.mbs1.x86_64.rpm 9fc1b49a1356e02944985baae0fbdf82 mbs1/x86_64/php-mysql-5.5.14-1.mbs1.x86_64.rpm df58c5d755b84a84797343e6e2644da6 mbs1/x86_64/php-mysqli-5.5.14-1.mbs1.x86_64.rpm f510fbd63f4e1f6bbacef83d80c1f02c mbs1/x86_64/php-mysqlnd-5.5.14-1.mbs1.x86_64.rpm 454575e0713f5ec8d9438aac6fdefbae mbs1/x86_64/php-odbc-5.5.14-1.mbs1.x86_64.rpm aa908adcb75e0784e631a9c8163aa894 mbs1/x86_64/php-opcache-5.5.14-1.mbs1.x86_64.rpm 204eb99a6af84b86bfd62d37f7613671 mbs1/x86_64/php-openssl-5.5.14-1.mbs1.x86_64.rpm 384be6b92e3664f1286923c940a0c062 mbs1/x86_64/php-pcntl-5.5.14-1.mbs1.x86_64.rpm 9c01c1dd40cd979b7148bde98e06ce41 mbs1/x86_64/php-pdo-5.5.14-1.mbs1.x86_64.rpm e1b9beede3435186533c4b1d9fabb098 mbs1/x86_64/php-pdo_dblib-5.5.14-1.mbs1.x86_64.rpm 19ef3e72992d4b3e7c42045b23ecc826 mbs1/x86_64/php-pdo_mysql-5.5.14-1.mbs1.x86_64.rpm 29337cc01f7bad7d6deb1a34f2b46d2b mbs1/x86_64/php-pdo_odbc-5.5.14-1.mbs1.x86_64.rpm 418855d92dcfd0b2ba968971ddc7f959 mbs1/x86_64/php-pdo_pgsql-5.5.14-1.mbs1.x86_64.rpm 7ac2ec094e86e7b663cd5db5de33f6c9 mbs1/x86_64/php-pdo_sqlite-5.5.14-1.mbs1.x86_64.rpm b31dd5a24d9e9ed9e710034b51b2aaf5 mbs1/x86_64/php-pgsql-5.5.14-1.mbs1.x86_64.rpm 38e0f890a62ac31f553e1cf71e3ed4f6 mbs1/x86_64/php-phar-5.5.14-1.mbs1.x86_64.rpm ea61eec1783b3ecc2aabaa073781d2c5 mbs1/x86_64/php-posix-5.5.14-1.mbs1.x86_64.rpm c074e154df76d47e8474b2b181c810d2 mbs1/x86_64/php-readline-5.5.14-1.mbs1.x86_64.rpm 34059ca8e564d6fba8ddb9b13816b4f0 mbs1/x86_64/php-recode-5.5.14-1.mbs1.x86_64.rpm 5b22a942a47f9572baa7f4dbac426179 mbs1/x86_64/php-session-5.5.14-1.mbs1.x86_64.rpm 3c29ec2e950740f836a010aa7140e385 mbs1/x86_64/php-shmop-5.5.14-1.mbs1.x86_64.rpm 44661960b2972161a27fd60f44f6a3a6 mbs1/x86_64/php-snmp-5.5.14-1.mbs1.x86_64.rpm 80a972ae51d5e3f9dbc48e688b56c49a mbs1/x86_64/php-soap-5.5.14-1.mbs1.x86_64.rpm 04a34ac96ea1bc8690e16a185b06c8c5 mbs1/x86_64/php-sockets-5.5.14-1.mbs1.x86_64.rpm f5c01919ebd495a9bba529312ef6150d mbs1/x86_64/php-sqlite3-5.5.14-1.mbs1.x86_64.rpm bf23ff3ca37a590ea171523f00808629 mbs1/x86_64/php-sybase_ct-5.5.14-1.mbs1.x86_64.rpm 2ebd5df6114b163da35d4ccc76d9f637 mbs1/x86_64/php-sysvmsg-5.5.14-1.mbs1.x86_64.rpm e4d94b4e8211b0d0e9c4aa5e39b60733 mbs1/x86_64/php-sysvsem-5.5.14-1.mbs1.x86_64.rpm fe4b07b96f8a70da15d54caba9d659f4 mbs1/x86_64/php-sysvshm-5.5.14-1.mbs1.x86_64.rpm ca8eb25cffa9574e83328dcc2e8e1eeb mbs1/x86_64/php-tidy-5.5.14-1.mbs1.x86_64.rpm 316e394027c266537924232f436075a6 mbs1/x86_64/php-timezonedb-2014.5-1.mbs1.x86_64.rpm c9686b9ac17c643aafba60698dc69527 mbs1/x86_64/php-tokenizer-5.5.14-1.mbs1.x86_64.rpm abb31c2cc4b8dd2afc098e20d5c2e38e mbs1/x86_64/php-wddx-5.5.14-1.mbs1.x86_64.rpm 423b83dc99cb338845198e98b8900bdf mbs1/x86_64/php-xml-5.5.14-1.mbs1.x86_64.rpm 3066b5b1bc337fb578fcf975a8bf7601 mbs1/x86_64/php-xmlreader-5.5.14-1.mbs1.x86_64.rpm 479948b9c9dd16fc01d974aa72eba3d3 mbs1/x86_64/php-xmlrpc-5.5.14-1.mbs1.x86_64.rpm 92a0c3926501e5e18cd60dc264603100 mbs1/x86_64/php-xmlwriter-5.5.14-1.mbs1.x86_64.rpm 2acde2f8f5f2061f71ecdf5bab85e0ec mbs1/x86_64/php-xsl-5.5.14-1.mbs1.x86_64.rpm f2a5ce6dc32e017f21ad745a7179fa43 mbs1/x86_64/php-zip-5.5.14-1.mbs1.x86_64.rpm 386f79ebfcfbcd1448609143b3401dd8 mbs1/x86_64/php-zlib-5.5.14-1.mbs1.x86_64.rpm 7dc3ab0433d95a8a5a315d00e83269c5 mbs1/SRPMS/php-5.5.14-1.mbs1.src.rpm 9f9d447b3b77be38f5cd1196891eb3eb mbs1/SRPMS/php-apc-3.1.15-1.8.mbs1.src.rpm 1ae42e12e9399b837472724ee456affe mbs1/SRPMS/php-timezonedb-2014.5-1.mbs1.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/en/support/security/advisories/ If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iD8DBQFTvPwWmqjQ0CJFipgRAoMwAJ9Z6gNAFZyirDovMCrxLSHBh2+FRgCgtMFF /pEs0ohIXDtwzVKnZAsyPFU= =x64F -----END PGP SIGNATURE-----
Powered by blists - more mailing lists