lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <E1ZUyev-0001q4-33@pool.mine.nu>
Date: Thu, 27 Aug 2015 17:00:09 +0200
From: Sebastien Delafond <seb@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3344-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3344-1                   security@...ian.org
https://www.debian.org/security/                       Sebastien Delafond
August 27, 2015                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
CVE ID         : CVE-2015-4598 CVE-2015-4643 CVE-2015-4644 CVE-2015-5589 
                 CVE-2015-5590

Multiple vulnerabilities have been discovered in the PHP language:

CVE-2015-4598

    thoger at redhat dot com discovered that paths containing a NUL
    character were improperly handled, thus allowing an attacker to
    manipulate unexpected files on the server.

CVE-2015-4643

    Max Spelsberg discovered an integer overflow flaw leading to a
    heap-based buffer overflow in PHP's FTP extension, when parsing
    listings in FTP server responses. This could lead to a a crash or
    execution of arbitrary code.

CVE-2015-4644

    A denial of service through a crash could be caused by a segfault
    in the php_pgsql_meta_data function.

CVE-2015-5589

    kwrnel at hotmail dot com discovered that PHP could crash when
    processing an invalid phar file, thus leading to a denial of
    service.

CVE-2015-5590

    jared at enhancesoft dot com discovered a buffer overflow in the
    phar_fix_filepath function, that could causes a crash or execution
    of arbitrary code.

Additionally, several other vulnerabilites were fixed:

    sean dot heelan at gmail dot com discovered a problem in the
    unserialization of some items, that could lead to arbitrary code
    execution.

    stewie at mail dot ru discovered that the phar extension improperly
    handled zip archives with relative paths, which would allow an
    attacker to overwrite files outside of the destination directory.

    taoguangchen at icloud dot com discovered several use-after-free
    vulnerabilities that could lead to arbitrary code execution.

For the oldstable distribution (wheezy), these problems have been fixed
in version 5.4.44-0+deb7u1.

For the stable distribution (jessie), these problems have been fixed in
version 5.6.12+dfsg-0+deb8u1.

For the unstable distribution (sid), these problems have been fixed in
version 5.6.12+dfsg-1.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQEcBAEBCgAGBQJV3t20AAoJEBC+iYPz1Z1kPWgIAKa4oEs0lHk2z/kWhdbPodRR
i5QpFWjxD0MMC7ey8MZ2zyQFmC/YMnWtlxG98L4EBrMM9hgoWt/ZP1+WNANKX/4n
nhtb587OxTNjjIDZ/tu81419HubGzsy5eqKA880KZqIGLBRNC0KBTe2SuEZxA/oG
lJqWHFktUQfC6Z2JJwUe8Yy1nrxUsd/P/5y5igGoRrFNiskUoE0KsPLcqAXmxSp4
h4qJ+9MjlvnHJocYTBOdJOn9Sob3kviORO+5zXcE+UOTtdkSlWLykXkzSykM9g9d
a2nu6CPYZN9UO3BsLT2SBJ/LOdTZXSoPjXsUK5SyxqXpgAp/XVJrJZJBH77xBv8=
=QjTz
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ