| Summary: | PHP 5.6.24 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | QA Team <qa-bugs> |
| Status: | RESOLVED FIXED | QA Contact: | Sec team <security> |
| Severity: | normal | ||
| Priority: | Normal | CC: | davidwhodgins, sysadmin-bugs |
| Version: | 5 | Keywords: | validated_update |
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://lwn.net/Vulnerabilities/695556/ | ||
| Whiteboard: | MGA5-32-OK advisory | ||
| Source RPM: | php-5.6.23-1.mga5.src.rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | 18938, 18991 | ||
| Bug Blocks: | |||
|
Description
David Walser
2016-07-21 18:41:08 CEST
Updated packages uploaded for Mageia 5 and Cauldron. Holding this until the libgd 2.2.3 update is available. Updated packages in core/updates_testing: ======================== php-ini-5.6.24-1.mga5 apache-mod_php-5.6.24-1.mga5 php-cli-5.6.24-1.mga5 php-cgi-5.6.24-1.mga5 libphp5_common5-5.6.24-1.mga5 php-devel-5.6.24-1.mga5 php-openssl-5.6.24-1.mga5 php-zlib-5.6.24-1.mga5 php-doc-5.6.24-1.mga5 php-bcmath-5.6.24-1.mga5 php-bz2-5.6.24-1.mga5 php-calendar-5.6.24-1.mga5 php-ctype-5.6.24-1.mga5 php-curl-5.6.24-1.mga5 php-dba-5.6.24-1.mga5 php-dom-5.6.24-1.mga5 php-enchant-5.6.24-1.mga5 php-exif-5.6.24-1.mga5 php-fileinfo-5.6.24-1.mga5 php-filter-5.6.24-1.mga5 php-ftp-5.6.24-1.mga5 php-gd-5.6.24-1.mga5 php-gettext-5.6.24-1.mga5 php-gmp-5.6.24-1.mga5 php-hash-5.6.24-1.mga5 php-iconv-5.6.24-1.mga5 php-imap-5.6.24-1.mga5 php-interbase-5.6.24-1.mga5 php-intl-5.6.24-1.mga5 php-json-5.6.24-1.mga5 php-ldap-5.6.24-1.mga5 php-mbstring-5.6.24-1.mga5 php-mcrypt-5.6.24-1.mga5 php-mssql-5.6.24-1.mga5 php-mysql-5.6.24-1.mga5 php-mysqli-5.6.24-1.mga5 php-mysqlnd-5.6.24-1.mga5 php-odbc-5.6.24-1.mga5 php-opcache-5.6.24-1.mga5 php-pcntl-5.6.24-1.mga5 php-pdo-5.6.24-1.mga5 php-pdo_dblib-5.6.24-1.mga5 php-pdo_firebird-5.6.24-1.mga5 php-pdo_mysql-5.6.24-1.mga5 php-pdo_odbc-5.6.24-1.mga5 php-pdo_pgsql-5.6.24-1.mga5 php-pdo_sqlite-5.6.24-1.mga5 php-pgsql-5.6.24-1.mga5 php-phar-5.6.24-1.mga5 php-posix-5.6.24-1.mga5 php-readline-5.6.24-1.mga5 php-recode-5.6.24-1.mga5 php-session-5.6.24-1.mga5 php-shmop-5.6.24-1.mga5 php-snmp-5.6.24-1.mga5 php-soap-5.6.24-1.mga5 php-sockets-5.6.24-1.mga5 php-sqlite3-5.6.24-1.mga5 php-sybase_ct-5.6.24-1.mga5 php-sysvmsg-5.6.24-1.mga5 php-sysvsem-5.6.24-1.mga5 php-sysvshm-5.6.24-1.mga5 php-tidy-5.6.24-1.mga5 php-tokenizer-5.6.24-1.mga5 php-xml-5.6.24-1.mga5 php-xmlreader-5.6.24-1.mga5 php-xmlrpc-5.6.24-1.mga5 php-xmlwriter-5.6.24-1.mga5 php-xsl-5.6.24-1.mga5 php-wddx-5.6.24-1.mga5 php-zip-5.6.24-1.mga5 php-fpm-5.6.24-1.mga5 phpdbg-5.6.24-1.mga5 from php-5.6.24-1.mga5.src.rpm Version:
Cauldron =>
5 libgd update is available, pushing to QA. Package list in Comment 1. Advisory: ======================== Updated php packages fix security vulnerabilities: The php package has been updated to version 5.6.24, which fixes several security issues and other bugs. See the upstream ChangeLog for more details. References: http://www.php.net/ChangeLog-5.php#5.6.24 Depends on:
(none) =>
18991 Tested fine with my usual apache/php/libgd test case, Mageia 5 i586. Whiteboard:
(none) =>
MGA5-32-OK CVE request: http://openwall.com/lists/oss-security/2016/07/24/1 CVE assignments: http://openwall.com/lists/oss-security/2016/07/24/2 Those revealed that one of the fixes is actually in the xmlrpc-epi library. We build against the system one, so I had to patch that too. I've also updated the timezone packages due to a request from a user. Testing procedure for timezone: https://bugs.mageia.org/show_bug.cgi?id=11559#c1 Advisory: ======================== Updated php and xmlrpc-epi packages fix security vulnerabilities: Stack-based buffer overflow vulnerability in virtual_file_ex() (CVE-2016-6289). Use After Free in unserialize() with Unexpected Session Deserialization (CVE-2016-6290). Out of bound read in exif_process_IFD_in_MAKERNOTE() (CVE-2016-6291). NULL Pointer Dereference in exif_process_user_comment() (CVE-2016-6292). locale_accept_from_http() out-of-bounds access (CVE-2016-6294). Use After Free Vulnerability in SNMP with GC and unserialize() (CVE-2016-6295). heap-buffer-overflow (write) simplestring_addn() simplestring.c in php-xmlrpc (CVE-2016-6296). Stack-based buffer overflow vulnerability in php_stream_zip_opener() (CVE-2016-6297). The php package has been updated to version 5.6.24, fixing these issues and several other bugs. See the upstream ChangeLog for details. The CVE-2016-6296 issue was in the xmlrpc-epi library, which has been patched. Additionally, the timezone and php-timezonedb packages have been updated with the latest timezone data. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6289 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6290 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6291 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6292 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6294 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6295 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6296 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6297 http://www.php.net/ChangeLog-5.php#5.6.24 http://mm.icann.org/pipermail/tz-announce/2016-March/000036.html http://mm.icann.org/pipermail/tz-announce/2016-March/000037.html http://mm.icann.org/pipermail/tz-announce/2016-April/000038.html http://mm.icann.org/pipermail/tz-announce/2016-June/000039.html http://mm.icann.org/pipermail/tz-announce/2016-July/000040.html ======================== Updated packages in core/updates_testing: ======================== php-ini-5.6.24-1.mga5 apache-mod_php-5.6.24-1.mga5 php-cli-5.6.24-1.mga5 php-cgi-5.6.24-1.mga5 libphp5_common5-5.6.24-1.mga5 php-devel-5.6.24-1.mga5 php-openssl-5.6.24-1.mga5 php-zlib-5.6.24-1.mga5 php-doc-5.6.24-1.mga5 php-bcmath-5.6.24-1.mga5 php-bz2-5.6.24-1.mga5 php-calendar-5.6.24-1.mga5 php-ctype-5.6.24-1.mga5 php-curl-5.6.24-1.mga5 php-dba-5.6.24-1.mga5 php-dom-5.6.24-1.mga5 php-enchant-5.6.24-1.mga5 php-exif-5.6.24-1.mga5 php-fileinfo-5.6.24-1.mga5 php-filter-5.6.24-1.mga5 php-ftp-5.6.24-1.mga5 php-gd-5.6.24-1.mga5 php-gettext-5.6.24-1.mga5 php-gmp-5.6.24-1.mga5 php-hash-5.6.24-1.mga5 php-iconv-5.6.24-1.mga5 php-imap-5.6.24-1.mga5 php-interbase-5.6.24-1.mga5 php-intl-5.6.24-1.mga5 php-json-5.6.24-1.mga5 php-ldap-5.6.24-1.mga5 php-mbstring-5.6.24-1.mga5 php-mcrypt-5.6.24-1.mga5 php-mssql-5.6.24-1.mga5 php-mysql-5.6.24-1.mga5 php-mysqli-5.6.24-1.mga5 php-mysqlnd-5.6.24-1.mga5 php-odbc-5.6.24-1.mga5 php-opcache-5.6.24-1.mga5 php-pcntl-5.6.24-1.mga5 php-pdo-5.6.24-1.mga5 php-pdo_dblib-5.6.24-1.mga5 php-pdo_firebird-5.6.24-1.mga5 php-pdo_mysql-5.6.24-1.mga5 php-pdo_odbc-5.6.24-1.mga5 php-pdo_pgsql-5.6.24-1.mga5 php-pdo_sqlite-5.6.24-1.mga5 php-pgsql-5.6.24-1.mga5 php-phar-5.6.24-1.mga5 php-posix-5.6.24-1.mga5 php-readline-5.6.24-1.mga5 php-recode-5.6.24-1.mga5 php-session-5.6.24-1.mga5 php-shmop-5.6.24-1.mga5 php-snmp-5.6.24-1.mga5 php-soap-5.6.24-1.mga5 php-sockets-5.6.24-1.mga5 php-sqlite3-5.6.24-1.mga5 php-sybase_ct-5.6.24-1.mga5 php-sysvmsg-5.6.24-1.mga5 php-sysvsem-5.6.24-1.mga5 php-sysvshm-5.6.24-1.mga5 php-tidy-5.6.24-1.mga5 php-tokenizer-5.6.24-1.mga5 php-xml-5.6.24-1.mga5 php-xmlreader-5.6.24-1.mga5 php-xmlrpc-5.6.24-1.mga5 php-xmlwriter-5.6.24-1.mga5 php-xsl-5.6.24-1.mga5 php-wddx-5.6.24-1.mga5 php-zip-5.6.24-1.mga5 php-fpm-5.6.24-1.mga5 phpdbg-5.6.24-1.mga5 libxmlrpc-epi0-0.54.2-5.1.mga5 libxmlrpc-epi-devel-0.54.2-5.1.mga5 timezone-2016f-1.mga5 timezone-java-2016f-1.mga5 php-timezonedb-2016.6-1.mga5 from SRPMS: php-5.6.24-1.mga5.src.rpm xmlrpc-epi-0.54.2-5.1.mga5.src.rpm timezone-2016f-1.mga5.src.rpm php-timezonedb-2016.6-1.mga5.src.rpm
Dave Hodgins
2016-07-26 23:48:07 CEST
Keywords:
(none) =>
validated_update An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0267.html Status:
NEW =>
RESOLVED
David Walser
2016-07-27 18:50:01 CEST
URL:
(none) =>
http://lwn.net/Vulnerabilities/695556/ |