Bug 20185

Summary: PHP 5.6.30
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: brtians1, lewyssmith, sysadmin-bugs
Version: 5Keywords: validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
URL: https://lwn.net/Vulnerabilities/713785/
Whiteboard: MGA5-64-OK mga5-32-ok advisory
Source RPM: php-5.6.29-1.mga5.src.rpm CVE:
Status comment:

Description David Walser 2017-01-26 00:08:12 CET 
Upstream has released PHP 5.6.30 on January 19:
http://php.net/archive/2017.php#id2017-01-19-3

It fixes several security issues:
http://php.net/ChangeLog-5.php#5.6.30

The GD issues are most likely handled in Bug 20171 (libgd update to 2.2.4).

Update checked into SVN for Mageia 5 and Cauldron.  Freeze push requested.
Comment 1 David Walser 2017-01-26 01:57:24 CET 
Updated packages uploaded for Mageia 5 and Cauldron.

Advisory:
========================

Updated php packages fix security vulnerabilities:

Floating-point exception in php-exif when parsing a tag format (CVE-2016-10158).

Crash in php-phar while loading hostile phar archive (CVE-2016-10159).

Memory corruption in php-phar when loading hostile phar (CVE-2016-10160).

Heap out of bounds read on unserialize in finish_nested_data() (CVE-2016-10161).

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10158
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10159
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10160
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-10161
http://php.net/ChangeLog-5.php#5.6.30
========================

Updated packages in core/updates_testing:
========================
php-ini-5.6.30-1.mga5
apache-mod_php-5.6.30-1.mga5
php-cli-5.6.30-1.mga5
php-cgi-5.6.30-1.mga5
libphp5_common5-5.6.30-1.mga5
php-devel-5.6.30-1.mga5
php-openssl-5.6.30-1.mga5
php-zlib-5.6.30-1.mga5
php-doc-5.6.30-1.mga5
php-bcmath-5.6.30-1.mga5
php-bz2-5.6.30-1.mga5
php-calendar-5.6.30-1.mga5
php-ctype-5.6.30-1.mga5
php-curl-5.6.30-1.mga5
php-dba-5.6.30-1.mga5
php-dom-5.6.30-1.mga5
php-enchant-5.6.30-1.mga5
php-exif-5.6.30-1.mga5
php-fileinfo-5.6.30-1.mga5
php-filter-5.6.30-1.mga5
php-ftp-5.6.30-1.mga5
php-gd-5.6.30-1.mga5
php-gettext-5.6.30-1.mga5
php-gmp-5.6.30-1.mga5
php-hash-5.6.30-1.mga5
php-iconv-5.6.30-1.mga5
php-imap-5.6.30-1.mga5
php-interbase-5.6.30-1.mga5
php-intl-5.6.30-1.mga5
php-json-5.6.30-1.mga5
php-ldap-5.6.30-1.mga5
php-mbstring-5.6.30-1.mga5
php-mcrypt-5.6.30-1.mga5
php-mssql-5.6.30-1.mga5
php-mysql-5.6.30-1.mga5
php-mysqli-5.6.30-1.mga5
php-mysqlnd-5.6.30-1.mga5
php-odbc-5.6.30-1.mga5
php-opcache-5.6.30-1.mga5
php-pcntl-5.6.30-1.mga5
php-pdo-5.6.30-1.mga5
php-pdo_dblib-5.6.30-1.mga5
php-pdo_firebird-5.6.30-1.mga5
php-pdo_mysql-5.6.30-1.mga5
php-pdo_odbc-5.6.30-1.mga5
php-pdo_pgsql-5.6.30-1.mga5
php-pdo_sqlite-5.6.30-1.mga5
php-pgsql-5.6.30-1.mga5
php-phar-5.6.30-1.mga5
php-posix-5.6.30-1.mga5
php-readline-5.6.30-1.mga5
php-recode-5.6.30-1.mga5
php-session-5.6.30-1.mga5
php-shmop-5.6.30-1.mga5
php-snmp-5.6.30-1.mga5
php-soap-5.6.30-1.mga5
php-sockets-5.6.30-1.mga5
php-sqlite3-5.6.30-1.mga5
php-sybase_ct-5.6.30-1.mga5
php-sysvmsg-5.6.30-1.mga5
php-sysvsem-5.6.30-1.mga5
php-sysvshm-5.6.30-1.mga5
php-tidy-5.6.30-1.mga5
php-tokenizer-5.6.30-1.mga5
php-xml-5.6.30-1.mga5
php-xmlreader-5.6.30-1.mga5
php-xmlrpc-5.6.30-1.mga5
php-xmlwriter-5.6.30-1.mga5
php-xsl-5.6.30-1.mga5
php-wddx-5.6.30-1.mga5
php-zip-5.6.30-1.mga5
php-fpm-5.6.30-1.mga5
phpdbg-5.6.30-1.mga5

from php-5.6.30-1.mga5.src.rpm

Assignee: bugsquad => qa-bugs

Comment 2 Lewis Smith 2017-01-27 21:54:26 CET 
Testing M5_64

Updated to:
apache-mod_php-5.6.30-1.mga5
lib64php5_common5-5.6.30-1.mga5
php-bcmath-5.6.30-1.mga5
php-bz2-5.6.30-1.mga5
php-cli-5.6.30-1.mga5
php-ctype-5.6.30-1.mga5
php-curl-5.6.30-1.mga5
php-dom-5.6.30-1.mga5
php-fileinfo-5.6.30-1.mga5
php-filter-5.6.30-1.mga5
php-ftp-5.6.30-1.mga5
php-gd-5.6.30-1.mga5
php-gettext-5.6.30-1.mga5
php-hash-5.6.30-1.mga5
php-iconv-5.6.30-1.mga5
php-ini-5.6.30-1.mga5
php-intl-5.6.30-1.mga5
php-json-5.6.30-1.mga5
php-ldap-5.6.30-1.mga5
php-mbstring-5.6.30-1.mga5
php-mcrypt-5.6.30-1.mga5
php-mysql-5.6.30-1.mga5
php-mysqli-5.6.30-1.mga5
php-mysqlnd-5.6.30-1.mga5
php-openssl-5.6.30-1.mga5
php-pdo-5.6.30-1.mga5
php-pdo_mysql-5.6.30-1.mga5
php-pdo_pgsql-5.6.30-1.mga5
php-pdo_sqlite-5.6.30-1.mga5
php-pgsql-5.6.30-1.mga5
php-posix-5.6.30-1.mga5
php-session-5.6.30-1.mga5
php-snmp-5.6.30-1.mga5
php-soap-5.6.30-1.mga5
php-sockets-5.6.30-1.mga5
php-sqlite3-5.6.30-1.mga5
php-sysvsem-5.6.30-1.mga5
php-sysvshm-5.6.30-1.mga5
php-tidy-5.6.30-1.mga5
php-tokenizer-5.6.30-1.mga5
php-xml-5.6.30-1.mga5
php-xmlreader-5.6.30-1.mga5
php-xmlrpc-5.6.30-1.mga5
php-xmlwriter-5.6.30-1.mga5
php-zip-5.6.30-1.mga5
php-zlib-5.6.30-1.mga5

Played with:
- Bugzilla
- Cacti
- Drupal
- MediaWiki
- Moodle
All behaved normally. This updated deemed OK.

Whiteboard: (none) => MGA5-64-OK
CC: (none) => lewyssmith

Lewis Smith 2017-02-01 10:35:56 CET

Whiteboard: MGA5-64-OK => MGA5-64-OK advisory

Comment 3 Brian Rockwell 2017-02-04 19:16:21 CET 
$ uname -a
Linux localhost 4.4.39-desktop-1.mga5 #1 SMP Fri Dec 16 18:52:20 UTC 2016 i686 i686 i686 GNU/Linux



The following 151 packages are going to be installed:

- apache-2.4.10-16.4.mga5.i586
- apache-mod_php-5.6.30-1.mga5.i586
- autoconf-2.69-6.mga5.noarch
- automake-1.14.1-3.mga5.noarch
- bison-3.0.4-1.mga5.i586
- byacc-20141128-1.mga5.i586
- chrpath-0.16-3.mga5.i586
- dos2unix-6.0.6-3.mga5.i586
- flex-2.5.39-3.1.mga5.i586
- glibc-devel-2.20-23.mga5.i586
- kernel-userspace-headers-4.4.45-1.mga5.i586
- libapr-util1_0-1.5.4-4.mga5.i586
- libapr1_0-1.5.1-3.mga5.i586
- libaudit-devel-2.4.4-1.mga5.i586
- libc-client0-2007f-6.mga5.i586
- libfbclient2-2.5.3.26778-4.mga5.i586
- libfreetds0-0.91-8.mga5.i586
- libgcrypt-devel-1.5.4-5.3.mga5.i586
- libgpg-error-devel-1.13-3.mga5.i586
- liblzma-devel-5.2.0-1.mga5.i586
- libmbfl1-1.2.0-12.mga5.i586
- libmcrypt-2.5.8-18.mga5.i586
- libmcrypt4-2.5.8-18.mga5.i586
- libonig2-5.9.5-3.mga5.i586
- libopenssl-devel-1.0.2k-1.mga5.i586
- libopenssl-engines1.0.0-1.0.2k-1.mga5.i586
- libopenssl1.0.0-1.0.2k-1.mga5.i586
- libpam-devel-1.1.8-10.1.mga5.i586
- libpcre-devel-8.38-1.mga5.i586
- libpcre16_0-8.38-1.mga5.i586
- libpcre32_0-8.38-1.mga5.i586
- libphp5_common5-5.6.30-1.mga5.i586
- libpq5-9.4.9-1.mga5.i586
- libstdc++5-3.3.6-11.mga5.i586
- libstdc++5-devel-3.3.6-11.mga5.i586
- libt1lib5-5.1.2-18.mga5.i586
- libtidy0.99_0-20090904-9.mga5.i586
- libtool-2.4.2-13.mga5.i586
- libtool-base-2.4.2-13.mga5.i586
- libxml2-devel-2.9.4-1.1.mga5.i586
- libxmlrpc-epi0-0.54.2-5.1.mga5.i586
- libxslt-devel-1.1.29-1.1.mga5.i586
- libzip2-0.11.2-4.mga5.i586
- libzlib-devel-1.2.8-7.1.mga5.i586
- m4-1.4.17-4.mga5.i586
- net-snmp-mibs-5.7.2-23.mga5.i586
- openssl-1.0.2k-1.mga5.i586
- php-bcmath-5.6.30-1.mga5.i586
- php-bz2-5.6.30-1.mga5.i586
- php-calendar-5.6.30-1.mga5.i586
- php-cgi-5.6.30-1.mga5.i586
- php-cli-5.6.30-1.mga5.i586
- php-ctype-5.6.30-1.mga5.i586
- php-curl-5.6.30-1.mga5.i586
- php-dba-5.6.30-1.mga5.i586
- php-devel-5.6.30-1.mga5.i586
- php-doc-5.6.30-1.mga5.noarch
- php-dom-5.6.30-1.mga5.i586
- php-enchant-5.6.30-1.mga5.i586
- php-exif-5.6.30-1.mga5.i586
- php-fileinfo-5.6.30-1.mga5.i586
- php-filter-5.6.30-1.mga5.i586
- php-fpm-5.6.30-1.mga5.i586
- php-ftp-5.6.30-1.mga5.i586
- php-gd-5.6.30-1.mga5.i586
- php-gettext-5.6.30-1.mga5.i586
- php-gmp-5.6.30-1.mga5.i586
- php-hash-5.6.30-1.mga5.i586
- php-iconv-5.6.30-1.mga5.i586
- php-imap-5.6.30-1.mga5.i586
- php-ini-5.6.30-1.mga5.i586
- php-interbase-5.6.30-1.mga5.i586
- php-intl-5.6.30-1.mga5.i586
- php-json-5.6.30-1.mga5.i586
- php-ldap-5.6.30-1.mga5.i586
- php-mbstring-5.6.30-1.mga5.i586
- php-mcrypt-5.6.30-1.mga5.i586
- php-mssql-5.6.30-1.mga5.i586
- php-mysql-5.6.30-1.mga5.i586
- php-mysqli-5.6.30-1.mga5.i586
- php-mysqlnd-5.6.30-1.mga5.i586
- php-odbc-5.6.30-1.mga5.i586
- php-opcache-5.6.30-1.mga5.i586
- php-openssl-5.6.30-1.mga5.i586
- php-pcntl-5.6.30-1.mga5.i586
- php-pdo-5.6.30-1.mga5.i586
- php-pdo_dblib-5.6.30-1.mga5.i586
- php-pdo_firebird-5.6.30-1.mga5.i586
- php-pdo_mysql-5.6.30-1.mga5.i586
- php-pdo_odbc-5.6.30-1.mga5.i586
- php-pdo_pgsql-5.6.30-1.mga5.i586
- php-pdo_sqlite-5.6.30-1.mga5.i586
- php-pear-1.9.5-8.mga5.noarch
- php-pear-Auth-1.6.4-5.mga5.noarch
- php-pear-Auth_RADIUS-1.0.7-7.mga5.noarch
- php-pear-Auth_SASL-1.0.6-5.mga5.noarch
- php-pear-Console_ProgressBar-0.5.2beta-8.mga5.noarch
- php-pear-Crypt_CHAP-1.5.0-5.mga5.noarch
- php-pear-DB-1.8.2-1.mga5.noarch
- php-pear-File_Passwd-1.1.7-8.mga5.noarch
- php-pear-File_SMBPasswd-1.0.3-8.mga5.noarch
- php-pear-HTTP_Client-1.2.1-9.mga5.noarch
- php-pear-HTTP_Request-1.4.4-9.mga5.noarch
- php-pear-Log-1.12.8-3.mga5.noarch
- php-pear-Mail-1.2.0-5.mga5.noarch
- php-pear-Mail_mimeDecode-1.5.5-6.mga5.noarch
- php-pear-MDB2-2.5.0-0.0.b9.mga5.noarch
- php-pear-MDB2_Driver_mysql-1.5.0-0.0.b8.mga5.noarch
- php-pear-MDB2_Driver_mysqli-1.5.0-0.0.b8.mga5.noarch
- php-pear-MDB2_Driver_pgsql-1.5.0-0.0.b8.mga5.noarch
- php-pear-Net_DIME-1.0.2-5.mga5.noarch
- php-pear-Net_POP3-1.3.8-5.mga5.noarch
- php-pear-Net_Server-1.0.3-5.mga5.noarch
- php-pear-Net_SMTP-1.6.2-4.mga5.noarch
- php-pear-Net_Socket-1.0.14-4.mga5.noarch
- php-pear-Net_URL-1.0.15-9.mga5.noarch
- php-pear-Net_Vpopmaild-0.3.2-7.mga5.noarch
- php-pear-PHP_Fork-0.3.2-8.mga5.noarch
- php-pear-SOAP-0.13.0-7.mga5.noarch
- php-pgsql-5.6.30-1.mga5.i586
- php-phar-5.6.30-1.mga5.i586
- php-posix-5.6.30-1.mga5.i586
- php-radius-1.2.7-8.mga5.i586
- php-readline-5.6.30-1.mga5.i586
- php-recode-5.6.30-1.mga5.i586
- php-session-5.6.30-1.mga5.i586
- php-shmop-5.6.30-1.mga5.i586
- php-snmp-5.6.30-1.mga5.i586
- php-soap-5.6.30-1.mga5.i586
- php-sockets-5.6.30-1.mga5.i586
- php-sqlite3-5.6.30-1.mga5.i586
- php-suhosin-0.9.37.1-1.mga5.i586
- php-sybase_ct-5.6.30-1.mga5.i586
- php-sysvmsg-5.6.30-1.mga5.i586
- php-sysvsem-5.6.30-1.mga5.i586
- php-sysvshm-5.6.30-1.mga5.i586
- php-tidy-5.6.30-1.mga5.i586
- php-timezonedb-2016.6-1.mga5.i586
- php-tokenizer-5.6.30-1.mga5.i586
- php-wddx-5.6.30-1.mga5.i586
- php-xml-5.6.30-1.mga5.i586
- php-xmlreader-5.6.30-1.mga5.i586
- php-xmlrpc-5.6.30-1.mga5.i586
- php-xmlwriter-5.6.30-1.mga5.i586
- php-xsl-5.6.30-1.mga5.i586
- php-zip-5.6.30-1.mga5.i586
- php-zlib-5.6.30-1.mga5.i586
- phpdbg-5.6.30-1.mga5.i586
- re2c-0.13.6-3.mga5.i586
- t1lib-config-5.1.2-18.mga5.i586
- webserver-base-2.0-8.mga5.i586

170MB of additional disk space will be used.

36MB of packages will be retrieved.

Is it ok to continue?




Testing

[brian@localhost sf_vmshare]$ php php12.php

<html>
 <head>
  <title>PHP Test</title>
 </head>
 <body>
//error class begin
5.6.30<br>Outer try
<br>  Middle try<br>  Middle finally<br>    Inner try<br>
    Inner finally<br>
Outer catch
<br>Outer finally
<br><br>



my usual tests work

I tried heap unserializable test

$ php php_unserial.php
PHP Warning:  Bad unserialize data in /media/sf_vmshare/php_unserial.php on line 2
PHP Notice:  unserialize(): Error at offset 13 of 15 bytes in /media/sf_vmshare/php_unserial.php on line 2

--------------------
Looks to be working.

CC: (none) => brtians1
Whiteboard: MGA5-64-OK advisory => MGA5-64-OK mga5-32-ok advisory

Brian Rockwell 2017-02-04 19:17:01 CET

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 4 Mageia Robot 2017-02-04 19:41:51 CET 
An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2017-0040.html

Resolution: (none) => FIXED
Status: NEW => RESOLVED

David Walser 2017-02-07 12:11:43 CET

URL: (none) => https://lwn.net/Vulnerabilities/713785/