Security update for php5
This update for php5 fixes on issues.
This security issue was fixed:
- CVE-2017-12933: The finish_nested_data function in ext/standard/var_unserializer.re was prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue could have had an unspecified impact on the integrity of PHP (bsc#1054430)
This update was imported from the SUSE:SLE-12:Update update project.
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1054430
VUL-0: CVE-2017-12933: php5,php7,php53: The finish_nested_data function in ext/standard/var_unserializer.re in PHPbefore 5.6.31, 7.0.x before 7.0.21, and 7.1.x before 7.1.7 is prone to a bufferover-read while unserializing untrusted data.
