Overview

File _patchinfo of Package patchinfo.2112

<patchinfo incident="2112">
  <issue id="968284" tracker="bnc">VUL-0: CVE-2016-2554: php5, php53: Stack overflow vulnerability when decompressing tar phar archives</issue>
  <issue id="969821" tracker="bnc">VUL-1: CVE-2016-3141: php5: PHP Bugfix (71587) - Use-After-Free / Double-Free in WDDX Deserialize</issue>
  <issue id="971912" tracker="bnc">VUL-0: CVE-2016-3142: php5: Out-of-bounds read in phar_parse_zipfile()</issue>
  <issue id="971612" tracker="bnc">VUL-0: CVE-2014-9767: php5: ZipArchive::extractTo allows for directory traversal when creating directories</issue>
  <issue id="971611" tracker="bnc">VUL-0: CVE-2016-3185: php5: Type confusion vulnerability in nake_http_soap_request()</issue>
  <issue id="973351" tracker="bnc">VUL-0: CVE-2015-8835: php5,php53: SoapClient s __call   method suffers from type confusion issue</issue>
  <issue id="973792" tracker="bnc">VUL-0: CVE-2015-8838: php5,php53: mysqlnd is vulnerable to BACKRONYM</issue>
  <issue id="CVE-2015-8838" tracker="cve" />
  <issue id="CVE-2015-8835" tracker="cve" />
  <issue id="CVE-2016-2554" tracker="cve" />
  <issue id="CVE-2016-3141" tracker="cve" />
  <issue id="CVE-2016-3142" tracker="cve" />
  <issue id="CVE-2014-9767" tracker="cve" />
  <issue id="CVE-2016-3185" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>pgajdos</packager>
  <description>
This update for php5 fixes the following security issues:

- CVE-2015-8838: mysqlnd was vulnerable to BACKRONYM (bnc#973792).
- CVE-2015-8835: SoapClient s_call method suffered from a type confusion issue that could have lead to crashes [bsc#973351]
- CVE-2016-2554: A NULL pointer dereference in phar_get_fp_offset could lead to crashes. [bsc#968284]
  Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2016-3141: A use-after-free / double-free in the WDDX
  deserialization could lead to crashes or potential code
  execution. [bsc#969821]
- CVE-2016-3142: An Out-of-bounds read in phar_parse_zipfile() could lead to crashes. [bsc#971912]
  Note: we do not ship the phar extension currently, so we are not affected.
- CVE-2014-9767: A directory traversal when extracting zip files was fixed that could lead to
  overwritten files. [bsc#971612]
- CVE-2016-3185: A type confusion vulnerability in
  make_http_soap_request() could lead to crashes or potentially code
  execution. [bsc#971611]
</description>
  <summary>Security update for php5</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places