Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories» Fedora » php 5.6.23 updates

php 5.6.23 updates

23 Jun 2016, **PHP 5.6.23** **Core:** * Fixed bug php#72275 (Integer Overflow in json_encode()/json_decode()/json_utf8_to_utf16()). (Stas) * Fixed bug php#72400 (Integer Overflow in addcslashes/addslashes). (Stas) * Fixed bug php#72403 (Integer Overflow in Length of String-typed ZVAL). (Stas) **GD:** * Fixed bug php#72298 (pass2_no_dither out-of-bounds access). (Stas) * Fixed bug php#72337 (invalid dimensions can lead to crash) (Pierre) * Fixed bug php#72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow). (Pierre) * Fixed bug php#72407 (NULL Pointer Dereference at _gdScaleVert). (Stas) * Fixed bug php#72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow). (Pierre) **Intl:** * Fixed bug php#70484 (selectordinal doesn't work with named parameters). (Anatol) **mbstring:** * Fixed bug php#72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas) **mcrypt:** * Fixed bug php#72455 (Heap Overflow due to integer overflows). (Stas) **Phar:** * Fixed bug php#72321 (invalid free in phar_extract_file()). (hji at dyntopia dot com) **SPL:** * Fixed bug php#72262 (int/size_t confusion in SplFileObject::fread). (Stas) * Fixed bug php#72433 (Use After Free Vulnerability in PHP's GC algorithm and unserialize). (Dmitry) **OpenSSL:** * Fixed bug php#72140 (segfault after calling ERR_free_strings()). (Jakub Zelenka) **WDDX:** * Fixed bug php#72340 (Double Free Courruption in wddx_deserialize). (Stas)

  • Vendor: Fedora
  • Vendor ID: FEDORA-2016-99fbdc5c34
  • Date: July 02, 2016


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-99fbdc5c34
2016-07-02 13:22:22.108452
--------------------------------------------------------------------------------

Name : php
Product : Fedora 22
Version : 5.6.23
Release : 1.fc22
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

--------------------------------------------------------------------------------
Update Information:

23 Jun 2016, **PHP 5.6.23** **Core:** * Fixed bug php#72275 (Integer Overflow
in json_encode()/json_decode()/json_utf8_to_utf16()). (Stas) * Fixed bug
php#72400 (Integer Overflow in addcslashes/addslashes). (Stas) * Fixed bug
php#72403 (Integer Overflow in Length of String-typed ZVAL). (Stas) **GD:** *
Fixed bug php#72298 (pass2_no_dither out-of-bounds access). (Stas) * Fixed bug
php#72337 (invalid dimensions can lead to crash) (Pierre) * Fixed bug php#72339
(Integer Overflow in _gd2GetHeader() resulting in heap overflow). (Pierre) *
Fixed bug php#72407 (NULL Pointer Dereference at _gdScaleVert). (Stas) * Fixed
bug php#72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap
overflow). (Pierre) **Intl:** * Fixed bug php#70484 (selectordinal doesn't
work with named parameters). (Anatol) **mbstring:** * Fixed bug php#72402
(_php_mb_regex_ereg_replace_exec - double free). (Stas) **mcrypt:** * Fixed
bug php#72455 (Heap Overflow due to integer overflows). (Stas) **Phar:** *
Fixed bug php#72321 (invalid free in phar_extract_file()). (hji at dyntopia dot
com) **SPL:** * Fixed bug php#72262 (int/size_t confusion in
SplFileObject::fread). (Stas) * Fixed bug php#72433 (Use After Free
Vulnerability in PHP's GC algorithm and unserialize). (Dmitry) **OpenSSL:** *
Fixed bug php#72140 (segfault after calling ERR_free_strings()). (Jakub Zelenka)
**WDDX:** * Fixed bug php#72340 (Double Free Courruption in wddx_deserialize).
(Stas)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #1351175 - CVE-2016-5772 php: Double Free Corruption in wddx_deserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351175
[ 2 ] Bug #1351173 - CVE-2016-5771 php: Use After Free Vulnerability in PHP's GC algorithm and
unserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351173
[ 3 ] Bug #1351171 - CVE-2016-5770 php: Int/size_t confusion in SplFileObject::fread
https://bugzilla.redhat.com/show_bug.cgi?id=1351171
[ 4 ] Bug #1351168 - CVE-2016-5768 php: Double free in _php_mb_regex_ereg_replace_exec
https://bugzilla.redhat.com/show_bug.cgi?id=1351168
[ 5 ] Bug #1351070 - CVE-2016-5769 php: Integer Overflows in mcrypt_generic() and
mdecrypt_generic() resulting in heap overflows
https://bugzilla.redhat.com/show_bug.cgi?id=1351070
[ 6 ] Bug #1351069 - CVE-2016-5767 php: Integer Overflow in gdImagePaletteToTrueColor() resulting
in heap overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1351069
[ 7 ] Bug #1351068 - CVE-2016-5766 php: Integer Overflow in _gd2GetHeader() resulting in heap
overflow
https://bugzilla.redhat.com/show_bug.cgi?id=1351068
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program. Use
su -c 'yum update php' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
[email protected]
https://lists.fedoraproject.org/admin/lists/package-annou...

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »