Red Hat Security Advisory: php54 security and bug fix update
🔗 CVE IDs covered (29)
📋 Description
CVE-2014-8142 — php: use after free vulnerability in unserialize() CVE-2014-9427 — php: out of bounds read when parsing a crafted .php file CVE-2014-9652 — file: out of bounds read in mconvert() CVE-2014-9705 — php: heap buffer overflow in enchant_broker_request_dict() CVE-2014-9709 — gd: buffer read overflow in gd_gif_in.c CVE-2015-0231 — php: use after free vulnerability in unserialize() (incomplete fix of CVE-2014-8142) CVE-2015-0232 — php: Free called on unitialized pointer in exif.c CVE-2015-0273 — php: use after free vulnerability in unserialize() with DateTimeZone CVE-2015-1351 — php: use after free in opcache extension CVE-2015-2301 — php: use after free in phar_object.c CVE-2015-2305 — regex: heap overflow in regcomp() on 32-bit architectures CVE-2015-2348 — php: move_uploaded_file() NUL byte injection in file name CVE-2015-2783 — php: buffer over-read in Phar metadata parsing CVE-2015-2787 — php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re CVE-2015-3307 — php: invalid pointer free() in phar_tar_process_metadata() CVE-2015-3329 — php: buffer overflow in phar_set_inode() CVE-2015-3330 — php: pipelined request executed in deinitialized interpreter under httpd 2.4 CVE-2015-3411 — php: missing null byte checks for paths in various PHP extensions CVE-2015-3412 — php: missing null byte checks for paths in various PHP extensions CVE-2015-4147 — php: SoapClient's __call() type confusion through unserialize() CVE-2015-4148 — php: SoapClient's do_soap_call() type confusion after unserialize() CVE-2015-4599 — php: type confusion issue in unserialize() with various SOAP methods CVE-2015-4600 — php: type confusion issue in unserialize() with various SOAP methods CVE-2015-4601 — php: type confusion issue in unserialize() with various SOAP methods CVE-2015-4602 — php: Incomplete Class unserialization type confusion CVE-2015-4603 — php: exception:: getTraceAsString type confusion issue after unserialize CVE-2015-4604 — php: denial of service when processing a crafted file with Fileinfo CVE-2015-4605 — php: denial of service when processing a crafted file with Fileinfo CVE-2015-8935 — php: HTTP response splitting in header() function
🔗 References (23)
- selfhttps://access.redhat.com/errata/RHSA-2015:1066
- externalhttps://access.redhat.com/security/updates/classification/#important
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1055927
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1175718
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1178736
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1185397
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1185472
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1185900
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1188599
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1188639
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1191049
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1194730
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1194737
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1194747
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1204868
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1207676
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1207682
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1213394
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1213446
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1213449
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1223441
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1226916
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2015/rhsa-2015_1066.json