Overview
php5: security update

This php5 update fixes:
- CVE-2011-0421: CVSS v2 Base Score: 2.6
(AV:N/AC:H/Au:N/C:N/I:N/A:P): Input Validation (CWE-20)
- CVE-2011-1092: CVSS v2 Base Score: 5.1
(AV:N/AC:H/Au:N/C:P/I:P/A:P): Numeric Errors (CWE-189)
- CVE-2011-1148: CVSS v2 Base Score: 4.3
(AV:N/AC:M/Au:N/C:N/I:N/A:P): Resource Management Errors
(CWE-399)
- CVE-2011-1464: CVSS v2 Base Score: 2.1
(AV:L/AC:L/Au:N/C:N/I:N/A:P): Buffer Errors (CWE-119)
- CVE-2011-1467: CVSS v2 Base Score: 5.0
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
- CVE-2011-1468: CVSS v2 Base Score: 4.3
(AV:N/AC:M/Au:N/C:N/I:N/A:P): Resource Management Errors
(CWE-399)
- CVE-2011-1469: CVSS v2 Base Score: 4.3
(AV:N/AC:M/Au:N/C:N/I:N/A:P)
- CVE-2011-1470: CVSS v2 Base Score: 4.3
(AV:N/AC:M/Au:N/C:N/I:N/A:P): Input Validation (CWE-20)
- CVE-2011-1471: CVSS v2 Base Score: 4.3
(AV:N/AC:M/Au:N/C:N/I:N/A:P): Numeric Errors (CWE-189)
- CVE-2011-1938: CVSS v2 Base Score: 2.6
(AV:N/AC:H/Au:N/C:N/I:N/A:P)

Fixed bugs
bnc#677782
VUL-1: php: shmop_read integer overflow
bnc#681214
VUL-1: php5: zip extension crash via stream_get_contents
bnc#681194
VUL-0: php5 overflow in strval
bnc#681197
VUL-1: php5: memleak in openssl_encrypt/openssl_decrypt
bnc#681195
VUL-1: php5: NumberFormatter::setSymbol crash
bnc#681291
VUL-1: php5: libzip NULL deref
bnc#681210
VUL-1: php5: crash via ftp url
bnc#679278
VUL-0: php5: substr_replace() use-after-free
bnc#695689
VUL-0: php5: socket_connect() - stack buffer overflow
CVE#CVE-2011-1470
CVE#CVE-2011-1471
CVE#CVE-2011-1092
CVE#CVE-2011-1464
CVE#CVE-2011-1468
CVE#CVE-2011-1467
CVE#CVE-2011-0421
CVE#CVE-2011-1469
CVE#CVE-2011-1148
CVE#CVE-2011-1938
Selected Binaries
openSUSE Build Service is sponsored by
Places