patchinfo.290 - openSUSE Build Service

php5: Update fixes several security issues

php5 was updated to fix several security issues.

These issues were fixed:
* Performance degradation by too many file_printf calls (CVE-2014-0237)
* DoS in Fileinfo component (CVE-2014-0238)
* NULL pointer dereference in GD XPM decoder (CVE-2014-2497)
* Privilege escalation due to insecure default config (CVE-2014-0185)

Submitted by Stefan Lijewski (lijews)

Fixed bugs

VUL-1: CVE-2014-0237: php53: Performance degradation by too many file_printf calls

CVE-CVE-2014-0237

VUL-0: CVE-2014-0238: php53: DoS in Fileinfo component

CVE-CVE-2014-0238

VUL-1: CVE-2014-2497: php53,php5,gd: NULL ptr deref in GD XPM decoder

CVE-CVE-2014-2497

VUL-1: CVE-2014-0185: php53: php-fpm: privilege escalation due to insecure default config

CVE-CVE-2014-0185

Selected Binaries

openSUSE Build Service is sponsored by