[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1ZUyev-0001q4-33@pool.mine.nu>
Date: Thu, 27 Aug 2015 17:00:09 +0200
From: Sebastien Delafond <seb@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3344-1] php5 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
- -------------------------------------------------------------------------
Debian Security Advisory DSA-3344-1 security@...ian.org
https://www.debian.org/security/ Sebastien Delafond
August 27, 2015 https://www.debian.org/security/faq
- -------------------------------------------------------------------------
Package : php5
CVE ID : CVE-2015-4598 CVE-2015-4643 CVE-2015-4644 CVE-2015-5589
CVE-2015-5590
Multiple vulnerabilities have been discovered in the PHP language:
CVE-2015-4598
thoger at redhat dot com discovered that paths containing a NUL
character were improperly handled, thus allowing an attacker to
manipulate unexpected files on the server.
CVE-2015-4643
Max Spelsberg discovered an integer overflow flaw leading to a
heap-based buffer overflow in PHP's FTP extension, when parsing
listings in FTP server responses. This could lead to a a crash or
execution of arbitrary code.
CVE-2015-4644
A denial of service through a crash could be caused by a segfault
in the php_pgsql_meta_data function.
CVE-2015-5589
kwrnel at hotmail dot com discovered that PHP could crash when
processing an invalid phar file, thus leading to a denial of
service.
CVE-2015-5590
jared at enhancesoft dot com discovered a buffer overflow in the
phar_fix_filepath function, that could causes a crash or execution
of arbitrary code.
Additionally, several other vulnerabilites were fixed:
sean dot heelan at gmail dot com discovered a problem in the
unserialization of some items, that could lead to arbitrary code
execution.
stewie at mail dot ru discovered that the phar extension improperly
handled zip archives with relative paths, which would allow an
attacker to overwrite files outside of the destination directory.
taoguangchen at icloud dot com discovered several use-after-free
vulnerabilities that could lead to arbitrary code execution.
For the oldstable distribution (wheezy), these problems have been fixed
in version 5.4.44-0+deb7u1.
For the stable distribution (jessie), these problems have been fixed in
version 5.6.12+dfsg-0+deb8u1.
For the unstable distribution (sid), these problems have been fixed in
version 5.6.12+dfsg-1.
We recommend that you upgrade your php5 packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQEcBAEBCgAGBQJV3t20AAoJEBC+iYPz1Z1kPWgIAKa4oEs0lHk2z/kWhdbPodRR
i5QpFWjxD0MMC7ey8MZ2zyQFmC/YMnWtlxG98L4EBrMM9hgoWt/ZP1+WNANKX/4n
nhtb587OxTNjjIDZ/tu81419HubGzsy5eqKA880KZqIGLBRNC0KBTe2SuEZxA/oG
lJqWHFktUQfC6Z2JJwUe8Yy1nrxUsd/P/5y5igGoRrFNiskUoE0KsPLcqAXmxSp4
h4qJ+9MjlvnHJocYTBOdJOn9Sob3kviORO+5zXcE+UOTtdkSlWLykXkzSykM9g9d
a2nu6CPYZN9UO3BsLT2SBJ/LOdTZXSoPjXsUK5SyxqXpgAp/XVJrJZJBH77xBv8=
=QjTz
-----END PGP SIGNATURE-----
Powered by blists - more mailing lists