19368 – PHP 5.6.26

Bug 19368 - PHP 5.6.26

Summary: PHP 5.6.26

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	5
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	http://lwn.net/Vulnerabilities/701138/
Whiteboard:	MGA5-64-OK mga5-32-ok
Keywords:	validated_update

Depends on:
Blocks:

Reported:	2016-09-15 19:15 CEST by David Walser
Modified:	2016-09-25 17:46 CEST (History)
CC List:	4 users (show)

See Also:
Source RPM:	php-5.6.25-1.mga5.src.rpm
CVE:
Status comment:

Attachments
reads the gutenberg free book The Admirals Daughter (171 bytes, application/x-php) 2016-09-25 02:40 CEST, Brian Rockwell	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description David Walser 2016-09-15 19:15:15 CEST

PHP 5.6.26 should be available soon (tarball isn't yet).  CVE assignments:
http://www.openwall.com/lists/oss-security/2016/09/15/10

Comment 1 David Walser 2016-09-16 18:09:00 CEST

Updated packages uploaded for Mageia 5 and Cauldron.

Advisory:
========================

Updated php packages fix security vulnerabilities:

Memory Corruption in During Deserialized-object Destruction) (CVE-2016-7411).

Heap overflow in mysqlnd related to BIT fields) (CVE-2016-7412).

wddx_deserialize use-after-free (CVE-2016-7413).

Out of bound when verify signature of zip phar in phar_parse_zipfile)
(CVE-2016-7414).

Missing locale length check in php-intl (CVE-2016-7416).

Missing type check when unserializing SplArray) (CVE-2016-7417).

Out-Of-Bounds Read in php_wddx_push_element) (CVE-2016-7418).

The php package has been updated to version 5.6.26, which fixes these issues
and other bugs.  See the upstream ChangeLog for more details.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7411
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7413
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7414
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7416
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7417
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7418
http://www.php.net/ChangeLog-5.php#5.6.26
http://www.openwall.com/lists/oss-security/2016/09/15/10
========================

Updated packages in core/updates_testing:
========================
php-ini-5.6.26-1.mga5
apache-mod_php-5.6.26-1.mga5
php-cli-5.6.26-1.mga5
php-cgi-5.6.26-1.mga5
libphp5_common5-5.6.26-1.mga5
php-devel-5.6.26-1.mga5
php-openssl-5.6.26-1.mga5
php-zlib-5.6.26-1.mga5
php-doc-5.6.26-1.mga5
php-bcmath-5.6.26-1.mga5
php-bz2-5.6.26-1.mga5
php-calendar-5.6.26-1.mga5
php-ctype-5.6.26-1.mga5
php-curl-5.6.26-1.mga5
php-dba-5.6.26-1.mga5
php-dom-5.6.26-1.mga5
php-enchant-5.6.26-1.mga5
php-exif-5.6.26-1.mga5
php-fileinfo-5.6.26-1.mga5
php-filter-5.6.26-1.mga5
php-ftp-5.6.26-1.mga5
php-gd-5.6.26-1.mga5
php-gettext-5.6.26-1.mga5
php-gmp-5.6.26-1.mga5
php-hash-5.6.26-1.mga5
php-iconv-5.6.26-1.mga5
php-imap-5.6.26-1.mga5
php-interbase-5.6.26-1.mga5
php-intl-5.6.26-1.mga5
php-json-5.6.26-1.mga5
php-ldap-5.6.26-1.mga5
php-mbstring-5.6.26-1.mga5
php-mcrypt-5.6.26-1.mga5
php-mssql-5.6.26-1.mga5
php-mysql-5.6.26-1.mga5
php-mysqli-5.6.26-1.mga5
php-mysqlnd-5.6.26-1.mga5
php-odbc-5.6.26-1.mga5
php-opcache-5.6.26-1.mga5
php-pcntl-5.6.26-1.mga5
php-pdo-5.6.26-1.mga5
php-pdo_dblib-5.6.26-1.mga5
php-pdo_firebird-5.6.26-1.mga5
php-pdo_mysql-5.6.26-1.mga5
php-pdo_odbc-5.6.26-1.mga5
php-pdo_pgsql-5.6.26-1.mga5
php-pdo_sqlite-5.6.26-1.mga5
php-pgsql-5.6.26-1.mga5
php-phar-5.6.26-1.mga5
php-posix-5.6.26-1.mga5
php-readline-5.6.26-1.mga5
php-recode-5.6.26-1.mga5
php-session-5.6.26-1.mga5
php-shmop-5.6.26-1.mga5
php-snmp-5.6.26-1.mga5
php-soap-5.6.26-1.mga5
php-sockets-5.6.26-1.mga5
php-sqlite3-5.6.26-1.mga5
php-sybase_ct-5.6.26-1.mga5
php-sysvmsg-5.6.26-1.mga5
php-sysvsem-5.6.26-1.mga5
php-sysvshm-5.6.26-1.mga5
php-tidy-5.6.26-1.mga5
php-tokenizer-5.6.26-1.mga5
php-xml-5.6.26-1.mga5
php-xmlreader-5.6.26-1.mga5
php-xmlrpc-5.6.26-1.mga5
php-xmlwriter-5.6.26-1.mga5
php-xsl-5.6.26-1.mga5
php-wddx-5.6.26-1.mga5
php-zip-5.6.26-1.mga5
php-fpm-5.6.26-1.mga5
phpdbg-5.6.26-1.mga5

from php-5.6.26-1.mga5.src.rpm

Version: Cauldron => 5
Assignee: bugsquad => qa-bugs

Comment 2 Lewis Smith 2016-09-19 20:55:56 CEST

Testing Mageia 5 x64  real H/W.

Updated 45 PHP modules from the list above to 5.6.26-1.

Tried minimally the following PHP-based applications:
Bugzilla, Cacti, Drupal, MediaWiki, Moodle, PHPmyadmin, PHPpgadmin.
All looked normal (except Cacti CPU usage graph was absent; I have seen this before, it is permanent on my system. If somebody else with Cacti could confirm that the CPU graph is correctly shown, so much the better).

Notwithstanding, I give this the OK.

CC: (none) => lewyssmith
Whiteboard: (none) => MGA5-64-OK

David Walser 2016-09-19 22:17:13 CEST

URL: (none) => http://lwn.net/Vulnerabilities/701138/

Comment 3 Brian Rockwell 2016-09-25 02:38:35 CEST

The following 116 packages are going to be installed:

- apache-2.4.10-16.4.mga5.i586
- apache-mod_php-5.6.26-1.mga5.i586
- autoconf-2.69-6.mga5.noarch
- automake-1.14.1-3.mga5.noarch
- bison-3.0.4-1.mga5.i586
- byacc-20141128-1.mga5.i586
- chrpath-0.16-3.mga5.i586
- dos2unix-6.0.6-3.mga5.i586
- flex-2.5.39-3.mga5.i586
- glibc-devel-2.20-23.mga5.i586
- kernel-userspace-headers-4.4.21-2.mga5.i586
- libaudit-devel-2.4.4-1.mga5.i586
- libc-client0-2007f-6.mga5.i586
- libfbclient2-2.5.3.26778-4.mga5.i586
- libfreetds0-0.91-8.mga5.i586
- libgcrypt-devel-1.5.4-5.3.mga5.i586
- libgpg-error-devel-1.13-3.mga5.i586
- liblzma-devel-5.2.0-1.mga5.i586
- libmbfl1-1.2.0-12.mga5.i586
- libmcrypt-2.5.8-18.mga5.i586
- libmcrypt4-2.5.8-18.mga5.i586
- libonig2-5.9.5-3.mga5.i586
- libopenssl-devel-1.0.2i-1.mga5.i586
- libopenssl-engines1.0.0-1.0.2i-1.mga5.i586
- libopenssl1.0.0-1.0.2i-1.mga5.i586
- libpam-devel-1.1.8-10.1.mga5.i586
- libpcre-devel-8.38-1.mga5.i586
- libpcre32_0-8.38-1.mga5.i586
- libphp5_common5-5.6.26-1.mga5.i586
- libpq5-9.4.9-1.mga5.i586
- libstdc++5-3.3.6-11.mga5.i586
- libstdc++5-devel-3.3.6-11.mga5.i586
- libtool-2.4.2-13.mga5.i586
- libtool-base-2.4.2-13.mga5.i586
- libxml2-devel-2.9.4-1.1.mga5.i586
- libxmlrpc-epi0-0.54.2-5.1.mga5.i586
- libxslt-devel-1.1.29-1.mga5.i586
- libzlib-devel-1.2.8-7.mga5.i586
- m4-1.4.17-4.mga5.i586
- net-snmp-mibs-5.7.2-23.mga5.i586
- openssl-1.0.2i-1.mga5.i586
- php-bcmath-5.6.26-1.mga5.i586
- php-bz2-5.6.26-1.mga5.i586
- php-calendar-5.6.26-1.mga5.i586
- php-cgi-5.6.26-1.mga5.i586
- php-cli-5.6.26-1.mga5.i586
- php-ctype-5.6.26-1.mga5.i586
- php-curl-5.6.26-1.mga5.i586
- php-dba-5.6.26-1.mga5.i586
- php-devel-5.6.26-1.mga5.i586
- php-doc-5.6.26-1.mga5.noarch
- php-dom-5.6.26-1.mga5.i586
- php-enchant-5.6.26-1.mga5.i586
- php-exif-5.6.26-1.mga5.i586
- php-fileinfo-5.6.26-1.mga5.i586
- php-filter-5.6.26-1.mga5.i586
- php-fpm-5.6.26-1.mga5.i586
- php-ftp-5.6.26-1.mga5.i586
- php-gettext-5.6.26-1.mga5.i586
- php-gmp-5.6.26-1.mga5.i586
- php-hash-5.6.26-1.mga5.i586
- php-iconv-5.6.26-1.mga5.i586
- php-imap-5.6.26-1.mga5.i586
- php-ini-5.6.26-1.mga5.i586
- php-interbase-5.6.26-1.mga5.i586
- php-intl-5.6.26-1.mga5.i586
- php-json-5.6.26-1.mga5.i586
- php-ldap-5.6.26-1.mga5.i586
- php-mbstring-5.6.26-1.mga5.i586
- php-mcrypt-5.6.26-1.mga5.i586
- php-mssql-5.6.26-1.mga5.i586
- php-mysql-5.6.26-1.mga5.i586
- php-mysqli-5.6.26-1.mga5.i586
- php-mysqlnd-5.6.26-1.mga5.i586
- php-odbc-5.6.26-1.mga5.i586
- php-opcache-5.6.26-1.mga5.i586
- php-openssl-5.6.26-1.mga5.i586
- php-pcntl-5.6.26-1.mga5.i586
- php-pdo-5.6.26-1.mga5.i586
- php-pdo_dblib-5.6.26-1.mga5.i586
- php-pdo_firebird-5.6.26-1.mga5.i586
- php-pdo_mysql-5.6.26-1.mga5.i586
- php-pdo_odbc-5.6.26-1.mga5.i586
- php-pdo_pgsql-5.6.26-1.mga5.i586
- php-pdo_sqlite-5.6.26-1.mga5.i586
- php-pgsql-5.6.26-1.mga5.i586
- php-phar-5.6.26-1.mga5.i586
- php-posix-5.6.26-1.mga5.i586
- php-readline-5.6.26-1.mga5.i586
- php-recode-5.6.26-1.mga5.i586
- php-session-5.6.26-1.mga5.i586
- php-shmop-5.6.26-1.mga5.i586
- php-snmp-5.6.26-1.mga5.i586
- php-soap-5.6.26-1.mga5.i586
- php-sockets-5.6.26-1.mga5.i586
- php-sqlite3-5.6.26-1.mga5.i586
- php-suhosin-0.9.37.1-1.mga5.i586
- php-sybase_ct-5.6.26-1.mga5.i586
- php-sysvmsg-5.6.26-1.mga5.i586
- php-sysvsem-5.6.26-1.mga5.i586
- php-sysvshm-5.6.26-1.mga5.i586
- php-tcpdf-6.0.098-1.mga5.noarch
- php-tidy-5.6.26-1.mga5.i586
- php-timezonedb-2016.6-1.mga5.i586
- php-tokenizer-5.6.26-1.mga5.i586
- php-wddx-5.6.26-1.mga5.i586
- php-xml-5.6.26-1.mga5.i586
- php-xmlreader-5.6.26-1.mga5.i586
- php-xmlrpc-5.6.26-1.mga5.i586
- php-xmlwriter-5.6.26-1.mga5.i586
- php-xsl-5.6.26-1.mga5.i586
- php-zip-5.6.26-1.mga5.i586
- php-zlib-5.6.26-1.mga5.i586
- phpdbg-5.6.26-1.mga5.i586
- re2c-0.13.6-3.mga5.i586
- webserver-base-2.0-8.mga5.i586

190MB of additional disk space will be used.

47MB of packages will be retrieved.

Is it ok to continue?

$php info.php
Current PHP version: 5.6.26

$ php read.php | wc -l
9242

CC: (none) => brtians1

Comment 4 Brian Rockwell 2016-09-25 02:40:06 CEST

Created attachment 8446 [details]
reads the gutenberg free book The Admirals Daughter

Brian Rockwell 2016-09-25 02:40:45 CEST

Whiteboard: MGA5-64-OK => MGA5-64-OK mga5-32-ok

Comment 5 Lewis Smith 2016-09-25 09:13:20 CEST

Validating this update; advisory to follow.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Nicolas Lécureuil 2016-09-25 17:30:12 CEST

i did the .adv file using #1.

Please verify and fix if needed, i will push the update in some hours .

CC: (none) => mageia

Comment 7 Mageia Robot 2016-09-25 17:46:06 CEST

An update for this issue has been pushed to the Mageia Updates repository.

http://advisories.mageia.org/MGASA-2016-0319.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.