Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for php5

This update for php5 fixes the following security issues:

* CVE-2016-7124: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
* CVE-2016-7125: PHP Session Data Injection Vulnerability
* CVE-2016-7126: select_colors write out-of-bounds
* CVE-2016-7127: imagegammacorrect allowed arbitrary write access
* CVE-2016-7128: Memory Leakage In exif_process_IFD_in_TIFF
* CVE-2016-7129: wddx_deserialize allowed illegal memory access
* CVE-2016-7130: wddx_deserialize null dereference
* CVE-2016-7131: wddx_deserialize null dereference with invalid xml
* CVE-2016-7132: wddx_deserialize null dereference in php_wddx_pop_element
* CVE-2016-7134: Heap overflow in the function curl_escape

Fixed bugs
bnc#997210
VUL-0: CVE-2016-7127: php7: imagegammacorrect allows arbitrary write access
bnc#997257
VUL-0: CVE-2016-7130: php5, php7: wddx_deserialize null dereference
bnc#997248
VUL-0: CVE-2016-7134: php5, php7: Heap overflow in the function curl_escape
bnc#997225
VUL-0: CVE-2016-7131: php7: wddx_deserialize null dereference with invalid xml
bnc#997211
VUL-0: CVE-2016-7128: php7: Memory Leakage In exif_process_IFD_in_TIFF
bnc#997220
VUL-0: CVE-2016-7129: php5, php7: wddx_deserialize allows illegal memory access
bnc#997230
VUL-0: CVE-2016-7132: php5, php7: wddx_deserialize null dereference in php_wddx_pop_element
bnc#997208
VUL-0: CVE-2016-7126: php7: select_colors write out-of-bounds
bnc#997207
VUL-0: CVE-2016-7125: php5, php7: PHP Session Data Injection Vulnerability
bnc#997206
VUL-0: CVE-2016-7124: php5: Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization
CVE-2016-7134
CVE-2016-7128
CVE-2016-7130
CVE-2016-7131
CVE-2016-7132
CVE-2016-7125
CVE-2016-7129
CVE-2016-7124
CVE-2016-7127
CVE-2016-7126
Selected Binaries
openSUSE Build Service is sponsored by
Places