Overview Details Repositories Revisions Requests Users Attributes Meta
Security update for php5

This update for php5 fixes the following issues:

Security issues fixed:

- CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter (bsc#1067441).
- CVE-2017-4025: Fix pathname truncation in set_include_path, tempnam, rmdir, and readlink (bsc#1067090).
- CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range() during regex compilation (bsc#1069606).
- CVE-2017-9229: Fix invalid pointer dereference in left_adjust_char_head() (bsc#1069631).

This update was imported from the SUSE:SLE-12:Update update project.

Fixed bugs
bnc#1067441
VUL-1: CVE-2017-16642: php5,php7,php53: timelib_meridian error could be used to leak information from the interpreter
bnc#1067090
VUL-0: CVE-2015-4025: php5,php53: pathname truncation in (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink.
bnc#1069606
VUL-0: CVE-2017-9228: php5,php53,php7: heap out-of-bounds write occurs in bitset_set_range() during regex compilation
bnc#1069631
VUL-0: CVE-2017-9229: php5,php7,php53: oniguruma: Invalid pointer dereference in left_adjust_char_head()
CVE-2017-16642
CVE-2017-4025
CVE-2017-9228
CVE-2017-9229
Selected Binaries
openSUSE Build Service is sponsored by
Places