Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
SUSE:SLE-12-SP1:Update
patchinfo.639
_patchinfo
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _patchinfo of Package patchinfo.639
<patchinfo incident="639"> <issue id="931769" tracker="bnc">CVE-2015-4021: php5, php53: memory corruption in phar_parse_tarfile when entry filename starts with NULL</issue> <issue id="931421" tracker="bnc">CVE-2015-4024: php5, php53: Multipart/form-data remote dos Vulnerability</issue> <issue id="931772" tracker="bnc">CVE-2015-4022: php5, php53: overflow in ftp_genlist() resulting in heap overflow</issue> <issue id="931776" tracker="bnc">CVE-2015-4026: php: pcntl_exec() does not check path validity</issue> <issue id="927147" tracker="bnc">configure php-fpm with --localstatedir=/var</issue> <issue id="919080" tracker="bnc">fix timezone map</issue> <issue id="933227" tracker="bnc">CVE-2015-4148: SoapClient's do_soap_call() type confusion after unserialize() information disclosure</issue> <issue id="CVE-2015-4021" tracker="cve" /> <issue id="CVE-2015-4022" tracker="cve" /> <issue id="CVE-2015-4024" tracker="cve" /> <issue id="CVE-2015-4026" tracker="cve" /> <issue id="CVE-2015-4148" tracker="cve" /> <issue tracker="bnc" id="935224"/> <issue tracker="bnc" id="935226"/> <issue tracker="bnc" id="935232"/> <issue tracker="bnc" id="935234"/> <issue tracker="bnc" id="935274"/> <issue tracker="bnc" id="935275"/> <issue tracker="bnc" id="935227"/> <issue tracker="cve" id="CVE-2015-3411"/> <issue tracker="cve" id="CVE-2015-3412"/> <issue tracker="cve" id="CVE-2015-4598"/> <issue tracker="cve" id="CVE-2015-4599"/> <issue tracker="cve" id="CVE-2015-4600"/> <issue tracker="cve" id="CVE-2015-4601"/> <issue tracker="cve" id="CVE-2015-4602"/> <issue tracker="cve" id="CVE-2015-4603"/> <issue tracker="cve" id="CVE-2015-4643"/> <issue tracker="cve" id="CVE-2015-4644"/> <category>security</category> <rating>important</rating> <packager>pgajdos</packager> <description>This security update of PHP fixes the following issues: Security issues fixed: * CVE-2015-4024 [bnc#931421]: Fixed multipart/form-data remote DOS Vulnerability. * CVE-2015-4026 [bnc#931776]: pcntl_exec() did not check path validity. * CVE-2015-4022 [bnc#931772]: Fixed and overflow in ftp_genlist() that resulted in a heap overflow. * CVE-2015-4021 [bnc#931769]: Fixed memory corruption in phar_parse_tarfile when entry filename starts with NULL. * CVE-2015-4148 [bnc#933227]: Fixed SoapClient's do_soap_call() type confusion after unserialize() information disclosure. * CVE-2015-4602 [bnc#935224]: Fixed an incomplete Class unserialization type confusion. * CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 [bnc#935226]: Fixed type confusion issues in unserialize() with various SOAP methods. * CVE-2015-4603 [bnc#935234]: Fixed exception::getTraceAsString type confusion issue after unserialize. * CVE-2015-4644 [bnc#935274]: Fixed a crash in php_pgsql_meta_data. * CVE-2015-4643 [bnc#935275]: Fixed an integer overflow in ftp_genlist() that could result in a heap overflow. * CVE-2015-3411, CVE-2015-3412, CVE-2015-4598 [bnc#935227], [bnc#935232]: Added missing null byte checks for paths in various PHP extensions. Bugs fixed: * configure php-fpm with --localstatedir=/var [bnc#927147] * fix timezone map [bnc#919080] </description> <summary>Security update for php5</summary> </patchinfo>
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor