Overview

File _patchinfo of Package patchinfo.879

<patchinfo incident="879">
  <issue id="938721" tracker="bnc">VUL-0: CVE-2015-5589: php5,php53: segmentation fault in Phar::convertToData</issue>
  <issue id="938719" tracker="bnc">VUL-0: CVE-2015-5590: php5,php53: buffer overflow in phar_fix_filepath</issue>
  <issue id="940807" tracker="bnc">FATE#319034:Ship php5-opcache as part of Web Scripting Module</issue>
  <issue id="319034" tracker="fate">FATE#319034:Ship php5-opcache as part of Web Scripting Module</issue>
  <issue id="319094" tracker="fate">FATE#319094: Enable OwnCloud on Web Scripting module</issue>
  <issue id="940821" tracker="bnc">FATE#319094: Enable OwnCloud on Web Scripting module</issue>
  <issue id="CVE-2015-5589" tracker="cve" />
  <issue id="CVE-2015-5590" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>pgajdos</packager>
  <description>PHP was updated to fix two security issues.

The following vulnerabilities were fixed:

* CVE-2015-5589: PHP could be crashed when processing an invalid file with the "phar" extension with a segfault in Phar::convertToData, leading to Denial of Service (DOS) (bsc#938721)
* CVE-2015-5590: PHP could be crashed or have unspecified other impact due to a buffer overlow in phar_fix_filepath (bsc#938719)

This update ships the php5-opcache package (FATE#319034 bsc#940807) and the php5-posix package. (FATE#319094 bsc#940821)
</description>
  <summary>Security update for php5</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places