lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1Ybkgy-0001Cb-QC@titan.mandriva.com>
Date: Sat, 28 Mar 2015 07:58:00 +0100
From: security@...driva.com
To: bugtraq@...urityfocus.com
Subject: [ MDVSA-2015:079 ] php

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:079
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : php
 Date    : March 28, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in php:
 
 S. Paraschoudis discovered that PHP incorrectly handled memory in
 the enchant binding. A remote attacker could use this issue to cause
 PHP to crash, resulting in a denial of service, or possibly execute
 arbitrary code (CVE-2014-9705).
 
 Taoguang Chen discovered that PHP incorrectly handled unserializing
 objects. A remote attacker could use this issue to cause PHP to crash,
 resulting in a denial of service, or possibly execute arbitrary code
 (CVE-2015-0273).
 
 It was discovered that PHP incorrectly handled memory in the phar
 extension. A remote attacker could use this issue to cause PHP to
 crash, resulting in a denial of service, or possibly execute arbitrary
 code (CVE-2015-2301).
 
 Use-after-free vulnerability in the process_nested_data function in
 ext/standard/var_unserializer.re in PHP before 5.4.37, 5.5.x before
 5.5.21, and 5.6.x before 5.6.5 allows remote attackers to execute
 arbitrary code via a crafted unserialize call that leverages improper
 handling of duplicate numerical keys within the serialized properties
 of an object. NOTE: this vulnerability exists because of an incomplete
 fix for CVE-2014-8142 (CVE-2015-0231).
 
 An integer overflow flaw, leading to a heap-based buffer overflow,
 was found in the way libzip, which is embedded in PHP, processed
 certain ZIP archives. If an attacker were able to supply a specially
 crafted ZIP archive to an application using libzip, it could cause
 the application to crash or, possibly, execute arbitrary code
 (CVE-2015-2331).
 
 It was discovered that the PHP opcache component incorrectly handled
 memory. A remote attacker could possibly use this issue to cause
 PHP to crash, resulting in a denial of service, or possibly execute
 arbitrary code (CVE-2015-1351).
 
 It was discovered that the PHP PostgreSQL database extension
 incorrectly handled certain pointers. A remote attacker could possibly
 use this issue to cause PHP to crash, resulting in a denial of service,
 or possibly execute arbitrary code (CVE-2015-1352).
 
 The updated php packages have been patched and upgraded to the 5.5.23
 version which is not vulnerable to these issues. The libzip packages
 has been patched to address the CVE-2015-2331 flaw.
 
 Additionally the php-xdebug package has been upgraded to the latest
 2.3.2 and the PECL packages which requires so has been rebuilt for
 php-5.5.23.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9705
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0231
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0273
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1351
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1352
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2301
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2331
 http://php.net/ChangeLog-5.php#5.5.22
 http://php.net/ChangeLog-5.php#5.5.23
 http://www.ubuntu.com/usn/usn-2535-1/
 http://www.ubuntu.com/usn/usn-2501-1/
 https://bugzilla.redhat.com/show_bug.cgi?id=1204676
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 3c1e2ab81c1731c63a99a4a7c66d48d3  mbs1/x86_64/apache-mod_php-5.5.23-1.mbs1.x86_64.rpm
 6a12e93ebf52d6cb505652cb919b73c3  mbs1/x86_64/lib64php5_common5-5.5.23-1.mbs1.x86_64.rpm
 92ae97e82c0bae091c65847f672f0369  mbs1/x86_64/lib64zip2-0.10.1-2.1.mbs1.x86_64.rpm
 ac28732246df9bf58921740921560c67  mbs1/x86_64/lib64zip-devel-0.10.1-2.1.mbs1.x86_64.rpm
 538fad85574f17991959c00f0b4a43b1  mbs1/x86_64/libzip-0.10.1-2.1.mbs1.x86_64.rpm
 70d44c88afb55e2b1519e8d3a71f274c  mbs1/x86_64/php-apc-3.1.15-1.17.mbs1.x86_64.rpm
 2e2f9c88f1d92bc4f3f0e4df3908fd73  mbs1/x86_64/php-apc-admin-3.1.15-1.17.mbs1.x86_64.rpm
 e3d5f3fb0fcace77e78209986102b171  mbs1/x86_64/php-bcmath-5.5.23-1.mbs1.x86_64.rpm
 1ca44e20629234028499eda497f27059  mbs1/x86_64/php-bz2-5.5.23-1.mbs1.x86_64.rpm
 473167211cea7e0b62916e66921ee5a4  mbs1/x86_64/php-calendar-5.5.23-1.mbs1.x86_64.rpm
 214618465b0e9b1dac6efb3b4f52b988  mbs1/x86_64/php-cgi-5.5.23-1.mbs1.x86_64.rpm
 6b178d78c6dd197b6643e7e493bce359  mbs1/x86_64/php-cli-5.5.23-1.mbs1.x86_64.rpm
 c1d4dd5178780fc999f449024ebde36e  mbs1/x86_64/php-ctype-5.5.23-1.mbs1.x86_64.rpm
 152132662ebefb9ade6fa67465b9af2a  mbs1/x86_64/php-curl-5.5.23-1.mbs1.x86_64.rpm
 01961ff4ec2820dd005d336f0671fe04  mbs1/x86_64/php-dba-5.5.23-1.mbs1.x86_64.rpm
 96a7ecb45d71793af39558a1369853e2  mbs1/x86_64/php-devel-5.5.23-1.mbs1.x86_64.rpm
 2106bf2eb5a17f18379add6b17408ed3  mbs1/x86_64/php-doc-5.5.23-1.mbs1.noarch.rpm
 c657e211cc4627a792f67e6c9f5eb06b  mbs1/x86_64/php-dom-5.5.23-1.mbs1.x86_64.rpm
 675db3e8eb585640b7a04a04e5ffce93  mbs1/x86_64/php-enchant-5.5.23-1.mbs1.x86_64.rpm
 bf345e51365465268e696684b77c9cc8  mbs1/x86_64/php-exif-5.5.23-1.mbs1.x86_64.rpm
 69352287afb24b38ba68f995ddece5ab  mbs1/x86_64/php-fileinfo-5.5.23-1.mbs1.x86_64.rpm
 bbf3d7067c2bbc71a4a9ae5e353c6f8e  mbs1/x86_64/php-filter-5.5.23-1.mbs1.x86_64.rpm
 c6a25a432547a0e8d404dab281963d74  mbs1/x86_64/php-fpm-5.5.23-1.mbs1.x86_64.rpm
 889332d46d1d9f1a2cf6421b6a5b5e3f  mbs1/x86_64/php-ftp-5.5.23-1.mbs1.x86_64.rpm
 86a90c9565562b5b360eb11d431536e7  mbs1/x86_64/php-gd-5.5.23-1.mbs1.x86_64.rpm
 dba72038f9098f7332e969b19c9d65a8  mbs1/x86_64/php-gettext-5.5.23-1.mbs1.x86_64.rpm
 b25d3f9ded7322a2b28942648ec74ff4  mbs1/x86_64/php-gmp-5.5.23-1.mbs1.x86_64.rpm
 9bf5bfcb843c2d3b71855792e6b2050e  mbs1/x86_64/php-hash-5.5.23-1.mbs1.x86_64.rpm
 284a394dbe68e756c8813a53c0a89c66  mbs1/x86_64/php-iconv-5.5.23-1.mbs1.x86_64.rpm
 9df2ec7f05f9a7955770e3ed4513cbfb  mbs1/x86_64/php-imap-5.5.23-1.mbs1.x86_64.rpm
 e5947618cc905d249191bcc2066ffed1  mbs1/x86_64/php-ini-5.5.23-1.mbs1.x86_64.rpm
 d4f9e91e2877d6aaff0ee07bc5bdd95b  mbs1/x86_64/php-intl-5.5.23-1.mbs1.x86_64.rpm
 071ba0290df66c3ac1b0f0fa18ec2195  mbs1/x86_64/php-json-5.5.23-1.mbs1.x86_64.rpm
 62146a98a0d24ee66cebd23887fc43fa  mbs1/x86_64/php-ldap-5.5.23-1.mbs1.x86_64.rpm
 03a94596eaf34eaac0c7e6f88a6aa7cb  mbs1/x86_64/php-mbstring-5.5.23-1.mbs1.x86_64.rpm
 d966c79af040bd5c18dc4a2771bf7184  mbs1/x86_64/php-mcrypt-5.5.23-1.mbs1.x86_64.rpm
 9ab71c0a90c649b4c31386a3582a5d26  mbs1/x86_64/php-mssql-5.5.23-1.mbs1.x86_64.rpm
 80dd51f72e2cd0d854904dc7595a4bb0  mbs1/x86_64/php-mysql-5.5.23-1.mbs1.x86_64.rpm
 88bc7c5a10b7a7f12b71b342afbbd18e  mbs1/x86_64/php-mysqli-5.5.23-1.mbs1.x86_64.rpm
 231ec6adca00980d04f39ce5fd866a83  mbs1/x86_64/php-mysqlnd-5.5.23-1.mbs1.x86_64.rpm
 2c831cf0074977bf76d413c5e9b3f9de  mbs1/x86_64/php-odbc-5.5.23-1.mbs1.x86_64.rpm
 1a4553dcf596125aab2976b2f8c4792c  mbs1/x86_64/php-opcache-5.5.23-1.mbs1.x86_64.rpm
 4cb160e28e8899628c6e698376add11f  mbs1/x86_64/php-openssl-5.5.23-1.mbs1.x86_64.rpm
 aa04993c7abe0539302a36527ad4674a  mbs1/x86_64/php-pcntl-5.5.23-1.mbs1.x86_64.rpm
 57b65d1dec0785825ea2cc8462a2256d  mbs1/x86_64/php-pdo-5.5.23-1.mbs1.x86_64.rpm
 6d5b8bf803d93067f4bce7daad5379ba  mbs1/x86_64/php-pdo_dblib-5.5.23-1.mbs1.x86_64.rpm
 3785dea886512d3473b1cda3d762aa9c  mbs1/x86_64/php-pdo_mysql-5.5.23-1.mbs1.x86_64.rpm
 330c62452427e64106c47fcd1e674ed6  mbs1/x86_64/php-pdo_odbc-5.5.23-1.mbs1.x86_64.rpm
 a3803c5de5acbb0d3c6a26c42b8ec39b  mbs1/x86_64/php-pdo_pgsql-5.5.23-1.mbs1.x86_64.rpm
 2f6a19bc0adc914b46fbab06e3dc7ac7  mbs1/x86_64/php-pdo_sqlite-5.5.23-1.mbs1.x86_64.rpm
 4d452c2c81e21f9ce1d08afadba60d6a  mbs1/x86_64/php-pgsql-5.5.23-1.mbs1.x86_64.rpm
 39c301d412cbd28256f141fd409ea561  mbs1/x86_64/php-phar-5.5.23-1.mbs1.x86_64.rpm
 9c78e1c9192cd1219f1415424156c491  mbs1/x86_64/php-posix-5.5.23-1.mbs1.x86_64.rpm
 5bb762bd20418abbd99c38d0d14127d1  mbs1/x86_64/php-readline-5.5.23-1.mbs1.x86_64.rpm
 e97eb930df1a35f0646e62f88dd8b1e6  mbs1/x86_64/php-recode-5.5.23-1.mbs1.x86_64.rpm
 2b4a91ff5da098a80fa0a74b184f9621  mbs1/x86_64/php-session-5.5.23-1.mbs1.x86_64.rpm
 5ecc3ef7dde9a12cc70308c323c650f9  mbs1/x86_64/php-shmop-5.5.23-1.mbs1.x86_64.rpm
 7380aeaced54d09831dc4828772a9b4f  mbs1/x86_64/php-snmp-5.5.23-1.mbs1.x86_64.rpm
 030ca0276e74f616a1cc8866cc4a3149  mbs1/x86_64/php-soap-5.5.23-1.mbs1.x86_64.rpm
 ba8b4a7dafc450564d41bf54de7b2ea2  mbs1/x86_64/php-sockets-5.5.23-1.mbs1.x86_64.rpm
 61859f052b4a89c1d4ea9bff4251041f  mbs1/x86_64/php-sqlite3-5.5.23-1.mbs1.x86_64.rpm
 81639f4e567c6358f8d1b22c9e2acf98  mbs1/x86_64/php-sybase_ct-5.5.23-1.mbs1.x86_64.rpm
 2f4a24db6aedc32c32f8a1d202a798e2  mbs1/x86_64/php-sysvmsg-5.5.23-1.mbs1.x86_64.rpm
 aab6b3451a848ebf916418e28303fb23  mbs1/x86_64/php-sysvsem-5.5.23-1.mbs1.x86_64.rpm
 6820a01599b0e7d543cd6faa5adf1aee  mbs1/x86_64/php-sysvshm-5.5.23-1.mbs1.x86_64.rpm
 ed7aa5fc5226ede2325b64f862ba121b  mbs1/x86_64/php-tidy-5.5.23-1.mbs1.x86_64.rpm
 6fd07a6cfcff5b6f5791b3c173d6de3f  mbs1/x86_64/php-tokenizer-5.5.23-1.mbs1.x86_64.rpm
 7130ab17ba8d88e08abbff8cc5ce9406  mbs1/x86_64/php-wddx-5.5.23-1.mbs1.x86_64.rpm
 bb977de60a780898623b458e8be594fc  mbs1/x86_64/php-xdebug-2.3.2-1.mbs1.x86_64.rpm
 f66d72fa26d7c2ddf28cbd9834f50981  mbs1/x86_64/php-xml-5.5.23-1.mbs1.x86_64.rpm
 52b65a29cce730602f7788545d8c68eb  mbs1/x86_64/php-xmlreader-5.5.23-1.mbs1.x86_64.rpm
 8e7ce89111d36fa56003a7b2cfb5ca17  mbs1/x86_64/php-xmlrpc-5.5.23-1.mbs1.x86_64.rpm
 64a27f8e54344c459ffa5a2bb1c33521  mbs1/x86_64/php-xmlwriter-5.5.23-1.mbs1.x86_64.rpm
 506d5cd854c2d3140f38b67137fe4f16  mbs1/x86_64/php-xsl-5.5.23-1.mbs1.x86_64.rpm
 3e74425e2868a46bf8db184feaeac041  mbs1/x86_64/php-zip-5.5.23-1.mbs1.x86_64.rpm
 fa27aa395c0d87bf832471e3f6f06c68  mbs1/x86_64/php-zlib-5.5.23-1.mbs1.x86_64.rpm 
 5be5023a4703f52af150c7fbcb2c4e5a  mbs1/SRPMS/libzip-0.10.1-2.1.mbs1.src.rpm
 bdf35808447e6b0224eb958adf086dc5  mbs1/SRPMS/php-5.5.23-1.mbs1.src.rpm
 a5047c3b6e20db0167f65ff6ad667e99  mbs1/SRPMS/php-apc-3.1.15-1.17.mbs1.src.rpm
 2eb2949f57a66f2eed5110181ce7f8ce  mbs1/SRPMS/php-xdebug-2.3.2-1.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVFkMLmqjQ0CJFipgRAs8jAJ0Zs7seobOHtc5hQKmofiNNPEG5OQCfVwCF
cHIjCqsYPKSYavI4KbIB1QA=
=4VI0
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ