Overview

File _patchinfo of Package patchinfo.290

<patchinfo incident="290">
  <packager>lijews</packager>
  <issue tracker="bnc" id="880905">VUL-1: CVE-2014-0237: php53: Performance degradation by too many file_printf calls</issue>
  <issue tracker="cve" id="CVE-2014-0237"></issue>
  <issue tracker="bnc" id="880904">VUL-0: CVE-2014-0238: php53: DoS in Fileinfo component</issue>
  <issue tracker="cve" id="CVE-2014-0238"></issue>
  <issue tracker="bnc" id="868624">VUL-1: CVE-2014-2497: php53,php5,gd: NULL ptr deref in GD XPM decoder</issue>
  <issue tracker="cve" id="CVE-2014-2497"></issue>
  <issue tracker="bnc" id="875826">VUL-1: CVE-2014-0185: php53: php-fpm: privilege escalation due to insecure default config</issue>
  <issue tracker="cve" id="CVE-2014-0185"></issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>php5: Update fixes several security issues</summary>
  <description>php5 was updated to fix several security issues.

These issues were fixed:
* Performance degradation by too many file_printf calls (CVE-2014-0237)
* DoS in Fileinfo component (CVE-2014-0238)
* NULL pointer dereference in GD XPM decoder (CVE-2014-2497)
* Privilege escalation due to insecure default config (CVE-2014-0185)</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places