File _patchinfo of Package patchinfo.1125

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.1125

<patchinfo incident="1125">
  <issue id="945428" tracker="bnc">VUL-0: CVE-2015-6836: php53, php5: SOAP serialize_function_call() type confusion / RCE</issue>
  <issue id="945402" tracker="bnc">VUL-0: CVE-2015-6835: php5 , php53: Use after free vulnerability in session deserializer</issue>
  <issue id="945403" tracker="bnc">VUL-0: CVE-2015-6834: php5, php53: Use After Free Vulnerability in unserialize()</issue>
  <issue id="945412" tracker="bnc">VUL-0: CVE-2015-6837 CVE-2015-6838: php5, php53: NULL pointer dereference in XSLTProcessor class</issue>
  <issue id="944302" tracker="bnc">php5 and openhpi fails to build if MD5 and DES support disabled in net-snmp</issue>
  <issue id="935074" tracker="bnc">L3: Bugfix request for PHP bug 61387 (segfault in odbc_fetch_array)</issue>
  <issue id="942293" tracker="bnc">VUL-0: php5,php53:  Dangling pointer in the unserialization of ArrayObject items</issue>
  <issue id="942291" tracker="bnc">VUL-0: CVE-2015-6831: php5,php53: Use After Free Vulnerability in unserialize() with SPLArrayObject</issue>
  <issue id="942296" tracker="bnc">VUL-1: php5,php53: phar: Files extracted from archive may be placed outside of destination directory</issue>
  <issue id="942294" tracker="bnc">VUL-0: php5,php53: Use After Free Vulnerability in unserialize() with SplObjectStorage</issue>
  <issue id="942295" tracker="bnc">VUL-0: php5,php53: Use After Free Vulnerability in unserialize() with SplDoublyLinkedList</issue>
  <issue id="CVE-2015-6831" tracker="cve" />
  <issue id="CVE-2015-6832" tracker="cve" />
  <issue id="CVE-2015-6833" tracker="cve" />
  <issue id="CVE-2015-6834" tracker="cve" />
  <issue id="CVE-2015-6835" tracker="cve" />
  <issue id="CVE-2015-6836" tracker="cve" />
  <issue id="CVE-2015-6837" tracker="cve" />
  <issue id="CVE-2015-6838" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>
This update of PHP5 brings several security fixes.

Security fixes:
* CVE-2015-6831: A use after free vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295]
* CVE-2015-6832: A dangling pointer in the unserialization of ArrayObject items could be used to crash php or potentially execute code. [bnc#942293]
* CVE-2015-6833: A directory traversal when extracting ZIP files could be used to overwrite files outside of intended area. [bnc#942296]
* CVE-2015-6834: A Use After Free Vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#945403] 
* CVE-2015-6835: A Use After Free Vulnerability in session unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#945402]
* CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428]
* CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412]

Bugfixes:
* Compare with SQL_NULL_DATA correctly [bnc#935074]
* If MD5 was disabled in net-snmp we have to disable the used MD5
  function in ext/snmp/snmp.c as well. (bsc#944302)

Also the Suhosin framework was updated to 0.9.38. [fate#319325]
</description>
  <summary>Security update for php5</summary>
</patchinfo>

Places

File _patchinfo of Package patchinfo.1125

Places