PHP 5.6.9 and 5.5.25 have been released on May 14: http://php.net/ChangeLog-5.php#5.5.25 http://php.net/ChangeLog-5.php#5.6.9 There are several apparent security issues fixed, but no CVEs posted yet. Updates checked into Mageia 4 and Cauldron SVN. Freeze push requested for Cauldron. Reproducible: Steps to Reproduce:
For Mageia 4, I can also include an updated php-timezonedb with this update.
Whiteboard: (none) => MGA5TOO, MGA4TOO
As there currently appear to be no CVE assignments, for now this will be the advisory and package list. Advisory: ======================== Updated php packages fix security vulnerabilities: PHP has been updated to version 5.5.24, which fixes multiple bugs and potential security issues. Please see the upstream ChangeLog for details. References: http://php.net/ChangeLog-5.php#5.5.25 ======================== Updated packages in core/updates_testing: ======================== php-ini-5.5.25-1.mga4 apache-mod_php-5.5.25-1.mga4 php-cli-5.5.25-1.mga4 php-cgi-5.5.25-1.mga4 libphp5_common5-5.5.25-1.mga4 php-devel-5.5.25-1.mga4 php-openssl-5.5.25-1.mga4 php-zlib-5.5.25-1.mga4 php-doc-5.5.25-1.mga4 php-bcmath-5.5.25-1.mga4 php-bz2-5.5.25-1.mga4 php-calendar-5.5.25-1.mga4 php-ctype-5.5.25-1.mga4 php-curl-5.5.25-1.mga4 php-dba-5.5.25-1.mga4 php-dom-5.5.25-1.mga4 php-enchant-5.5.25-1.mga4 php-exif-5.5.25-1.mga4 php-fileinfo-5.5.25-1.mga4 php-filter-5.5.25-1.mga4 php-ftp-5.5.25-1.mga4 php-gd-5.5.25-1.mga4 php-gettext-5.5.25-1.mga4 php-gmp-5.5.25-1.mga4 php-hash-5.5.25-1.mga4 php-iconv-5.5.25-1.mga4 php-imap-5.5.25-1.mga4 php-interbase-5.5.25-1.mga4 php-intl-5.5.25-1.mga4 php-json-5.5.25-1.mga4 php-ldap-5.5.25-1.mga4 php-mbstring-5.5.25-1.mga4 php-mcrypt-5.5.25-1.mga4 php-mssql-5.5.25-1.mga4 php-mysql-5.5.25-1.mga4 php-mysqli-5.5.25-1.mga4 php-mysqlnd-5.5.25-1.mga4 php-odbc-5.5.25-1.mga4 php-opcache-5.5.25-1.mga4 php-pcntl-5.5.25-1.mga4 php-pdo-5.5.25-1.mga4 php-pdo_dblib-5.5.25-1.mga4 php-pdo_firebird-5.5.25-1.mga4 php-pdo_mysql-5.5.25-1.mga4 php-pdo_odbc-5.5.25-1.mga4 php-pdo_pgsql-5.5.25-1.mga4 php-pdo_sqlite-5.5.25-1.mga4 php-pgsql-5.5.25-1.mga4 php-phar-5.5.25-1.mga4 php-posix-5.5.25-1.mga4 php-readline-5.5.25-1.mga4 php-recode-5.5.25-1.mga4 php-session-5.5.25-1.mga4 php-shmop-5.5.25-1.mga4 php-snmp-5.5.25-1.mga4 php-soap-5.5.25-1.mga4 php-sockets-5.5.25-1.mga4 php-sqlite3-5.5.25-1.mga4 php-sybase_ct-5.5.25-1.mga4 php-sysvmsg-5.5.25-1.mga4 php-sysvsem-5.5.25-1.mga4 php-sysvshm-5.5.25-1.mga4 php-tidy-5.5.25-1.mga4 php-tokenizer-5.5.25-1.mga4 php-xml-5.5.25-1.mga4 php-xmlreader-5.5.25-1.mga4 php-xmlrpc-5.5.25-1.mga4 php-xmlwriter-5.5.25-1.mga4 php-xsl-5.5.25-1.mga4 php-wddx-5.5.25-1.mga4 php-zip-5.5.25-1.mga4 php-fpm-5.5.25-1.mga4 php-apc-3.1.15-4.15.mga4 php-apc-admin-3.1.15-4.15.mga4 php-timezonedb-2015.4-1.mga4 from SRPMS: php-5.5.25-1.mga4.src.rpm php-apc-3.1.15-4.15.mga4.src.rpm php-timezonedb-2015.4-1.mga4.src.rpm
Updated packages uploaded for Mageia 4 and Cauldron. See Comment 2 for the advisory (for now) and the package list.
Version: Cauldron => 4Assignee: bugsquad => qa-bugsWhiteboard: MGA5TOO, MGA4TOO => (none)
Testing complete mga4 32 Tested with phpmyadmin, php-apc & wordpress
Whiteboard: (none) => has_procedure mga4-32-ok
CVE requests: http://openwall.com/lists/oss-security/2015/05/18/2 http://openwall.com/lists/oss-security/2015/05/18/3
Testing complete mga4 64
Whiteboard: has_procedure mga4-32-ok => has_procedure mga4-32-ok mga4-64-ok
Validating. Advisory uploaded. Please push to 4 updates Thanks
Keywords: (none) => validated_updateWhiteboard: has_procedure mga4-32-ok mga4-64-ok => has_procedure advisory mga4-32-ok mga4-64-okCC: (none) => sysadmin-bugs
An update for this issue has been pushed to Mageia Updates repository. http://advisories.mageia.org/MGASA-2015-0231.html
Status: NEW => RESOLVEDResolution: (none) => FIXED
URL: (none) => http://lwn.net/Vulnerabilities/645054/
CVE assignments were made public. Here's the real advisory. Can someone update it in SVN? Advisory: ======================== Updated php packages fix security vulnerabilities: Memory Corruption in phar_parse_tarfile when entry filename starts with null (CVE-2015-4021). Integer overflow in ftp_genlist() resulting in heap overflow, potentially exploitable by a hostile FTP server (CVE-2015-4022). PHP Multipart/form-data parsing remote DoS Vulnerability (CVE-2015-4024). Various functions allow \0 in paths where they shouldn't. In theory, that could lead to security failure for path-based access controls if the user injects a string with \0 in it. These functions include set_include_path(), tempnam(), rmdir(), and readlink() (CVE-2015-4025), as well as pcntl_exec() (CVE-2015-4026). References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4021 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4024 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4025 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4026 http://php.net/ChangeLog-5.php#5.5.25 http://openwall.com/lists/oss-security/2015/05/20/3
Updated in SVN.