Red Hat: 2015:1218-01: php: Moderate Advisory

    Date09 Jul 2015
    CategoryRed Hat
    792
    Posted ByAnthony Pell
    Updated php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security [More...]
    =====================================================================
                       Red Hat Security Advisory
    
    Synopsis:          Moderate: php security update
    Advisory ID:       RHSA-2015:1218-01
    Product:           Red Hat Enterprise Linux
    Advisory URL:      https://rhn.redhat.com/errata/RHSA-2015-1218.html
    Issue date:        2015-07-09
    CVE Names:         CVE-2014-9425 CVE-2014-9705 CVE-2014-9709 
                       CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 
                       CVE-2015-2783 CVE-2015-2787 CVE-2015-3307 
                       CVE-2015-3329 CVE-2015-3411 CVE-2015-3412 
                       CVE-2015-4021 CVE-2015-4022 CVE-2015-4024 
                       CVE-2015-4026 CVE-2015-4147 CVE-2015-4148 
                       CVE-2015-4598 CVE-2015-4599 CVE-2015-4600 
                       CVE-2015-4601 CVE-2015-4602 CVE-2015-4603 
    =====================================================================
    
    1. Summary:
    
    Updated php packages that fix multiple security issues are now available
    for Red Hat Enterprise Linux 6.
    
    Red Hat Product Security has rated this update as having Moderate security
    impact. Common Vulnerability Scoring System (CVSS) base scores, which give
    detailed severity ratings, are available for each vulnerability from the
    CVE links in the References section.
    
    2. Relevant releases/architectures:
    
    Red Hat Enterprise Linux Desktop Optional (v. 6) - i386, x86_64
    Red Hat Enterprise Linux HPC Node (v. 6) - x86_64
    Red Hat Enterprise Linux HPC Node Optional (v. 6) - x86_64
    Red Hat Enterprise Linux Server (v. 6) - i386, ppc64, s390x, x86_64
    Red Hat Enterprise Linux Server Optional (v. 6) - i386, ppc64, s390x, x86_64
    Red Hat Enterprise Linux Workstation (v. 6) - i386, x86_64
    Red Hat Enterprise Linux Workstation Optional (v. 6) - i386, x86_64
    
    3. Description:
    
    PHP is an HTML-embedded scripting language commonly used with the Apache
    HTTP Server.
    
    A flaw was found in the way PHP parsed multipart HTTP POST requests. A
    specially crafted request could cause PHP to use an excessive amount of CPU
    time. (CVE-2015-4024)
    
    An uninitialized pointer use flaw was found in PHP's Exif extension. A
    specially crafted JPEG or TIFF file could cause a PHP application using the
    exif_read_data() function to crash or, possibly, execute arbitrary code
    with the privileges of the user running that PHP application.
    (CVE-2015-0232)
    
    An integer overflow flaw leading to a heap-based buffer overflow was found
    in the way PHP's FTP extension parsed file listing FTP server responses. A
    malicious FTP server could use this flaw to cause a PHP application to
    crash or, possibly, execute arbitrary code. (CVE-2015-4022)
    
    Multiple flaws were discovered in the way PHP performed object
    unserialization. Specially crafted input processed by the unserialize()
    function could cause a PHP application to crash or, possibly, execute
    arbitrary code. (CVE-2015-0273, CVE-2015-2787, CVE-2015-4147,
    CVE-2015-4148, CVE-2015-4599, CVE-2015-4600, CVE-2015-4601, CVE-2015-4602,
    CVE-2015-4603)
    
    It was found that certain PHP functions did not properly handle file names
    containing a NULL character. A remote attacker could possibly use this flaw
    to make a PHP script access unexpected files and bypass intended file
    system access restrictions. (CVE-2015-4026, CVE-2015-3411, CVE-2015-3412,
    CVE-2015-4598)
    
    Multiple flaws were found in the way the way PHP's Phar extension parsed
    Phar archives. A specially crafted archive could cause PHP to crash or,
    possibly, execute arbitrary code when opened. (CVE-2015-2301,
    CVE-2015-2783, CVE-2015-3307, CVE-2015-3329, CVE-2015-4021)
    
    A heap buffer overflow flaw was found in the enchant_broker_request_dict()
    function of PHP's enchant extension. An attacker able to make a PHP
    application enchant dictionaries could possibly cause it to crash.
    (CVE-2014-9705)
    
    A buffer over-read flaw was found in the GD library used by the PHP gd
    extension. A specially crafted GIF file could cause a PHP application using
    the imagecreatefromgif() function to crash. (CVE-2014-9709)
    
    A double free flaw was found in zend_ts_hash_graceful_destroy() function in
    the PHP ZTS module. This flaw could possibly cause a PHP application to
    crash. (CVE-2014-9425)
    
    All php users are advised to upgrade to these updated packages, which
    contain backported patches to correct these issues. After installing the
    updated packages, the httpd daemon must be restarted for the update to
    take effect.
    
    4. Solution:
    
    Before applying this update, make sure all previously released errata
    relevant to your system have been applied.
    
    For details on how to apply this update, refer to:
    
    https://access.redhat.com/articles/11258
    
    5. Bugs fixed (https://bugzilla.redhat.com/):
    
    1177734 - CVE-2014-9425 php: Double-free in zend_ts_hash_graceful_destroy()
    1185472 - CVE-2015-0232 php: Free called on unitialized pointer in exif.c
    1188639 - CVE-2014-9709 gd: buffer read overflow in gd_gif_in.c
    1194730 - CVE-2015-0273 php: use after free vulnerability in unserialize() with DateTimeZone
    1194737 - CVE-2014-9705 php: heap buffer overflow in enchant_broker_request_dict()
    1194747 - CVE-2015-2301 php: use after free in phar_object.c
    1204868 - CVE-2015-4147 php: SoapClient's __call() type confusion through unserialize()
    1207676 - CVE-2015-2787 php: use-after-free vulnerability in the process_nested_data function in ext/standard/var_unserializer.re
    1213407 - CVE-2015-3411 php: missing null byte checks for paths in various PHP extensions
    1213446 - CVE-2015-2783 php: buffer over-read in Phar metadata parsing
    1213449 - CVE-2015-3329 php: buffer overflow in phar_set_inode()
    1222485 - CVE-2015-4024 php: multipart/form-data request parsing CPU usage DoS
    1222538 - CVE-2015-4599 CVE-2015-4600 CVE-2015-4601 php: type confusion issue in unserialize() with various SOAP methods
    1223412 - CVE-2015-4022 php: integer overflow leading to heap overflow when reading FTP file listing
    1223422 - CVE-2015-4026 php: pcntl_exec() accepts paths with NUL character
    1223425 - CVE-2015-4021 php: memory corruption in phar_parse_tarfile caused by empty entry file name
    1223441 - CVE-2015-3307 php: invalid pointer free() in phar_tar_process_metadata()
    1226916 - CVE-2015-4148 php: SoapClient's do_soap_call() type confusion after unserialize()
    1232823 - CVE-2015-3412 php: missing null byte checks for paths in various PHP extensions
    1232897 - CVE-2015-4598 php: missing null byte checks for paths in DOM and GD extensions
    1232918 - CVE-2015-4603 php: exception::getTraceAsString type confusion issue after unserialize
    1232923 - CVE-2015-4602 php: Incomplete Class unserialization type confusion
    
    6. Package List:
    
    Red Hat Enterprise Linux Desktop Optional (v. 6):
    
    Source:
    php-5.3.3-46.el6_6.src.rpm
    
    i386:
    php-5.3.3-46.el6_6.i686.rpm
    php-bcmath-5.3.3-46.el6_6.i686.rpm
    php-cli-5.3.3-46.el6_6.i686.rpm
    php-common-5.3.3-46.el6_6.i686.rpm
    php-dba-5.3.3-46.el6_6.i686.rpm
    php-debuginfo-5.3.3-46.el6_6.i686.rpm
    php-devel-5.3.3-46.el6_6.i686.rpm
    php-embedded-5.3.3-46.el6_6.i686.rpm
    php-enchant-5.3.3-46.el6_6.i686.rpm
    php-fpm-5.3.3-46.el6_6.i686.rpm
    php-gd-5.3.3-46.el6_6.i686.rpm
    php-imap-5.3.3-46.el6_6.i686.rpm
    php-intl-5.3.3-46.el6_6.i686.rpm
    php-ldap-5.3.3-46.el6_6.i686.rpm
    php-mbstring-5.3.3-46.el6_6.i686.rpm
    php-mysql-5.3.3-46.el6_6.i686.rpm
    php-odbc-5.3.3-46.el6_6.i686.rpm
    php-pdo-5.3.3-46.el6_6.i686.rpm
    php-pgsql-5.3.3-46.el6_6.i686.rpm
    php-process-5.3.3-46.el6_6.i686.rpm
    php-pspell-5.3.3-46.el6_6.i686.rpm
    php-recode-5.3.3-46.el6_6.i686.rpm
    php-snmp-5.3.3-46.el6_6.i686.rpm
    php-soap-5.3.3-46.el6_6.i686.rpm
    php-tidy-5.3.3-46.el6_6.i686.rpm
    php-xml-5.3.3-46.el6_6.i686.rpm
    php-xmlrpc-5.3.3-46.el6_6.i686.rpm
    php-zts-5.3.3-46.el6_6.i686.rpm
    
    x86_64:
    php-5.3.3-46.el6_6.x86_64.rpm
    php-bcmath-5.3.3-46.el6_6.x86_64.rpm
    php-cli-5.3.3-46.el6_6.x86_64.rpm
    php-common-5.3.3-46.el6_6.x86_64.rpm
    php-dba-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    php-devel-5.3.3-46.el6_6.x86_64.rpm
    php-embedded-5.3.3-46.el6_6.x86_64.rpm
    php-enchant-5.3.3-46.el6_6.x86_64.rpm
    php-fpm-5.3.3-46.el6_6.x86_64.rpm
    php-gd-5.3.3-46.el6_6.x86_64.rpm
    php-imap-5.3.3-46.el6_6.x86_64.rpm
    php-intl-5.3.3-46.el6_6.x86_64.rpm
    php-ldap-5.3.3-46.el6_6.x86_64.rpm
    php-mbstring-5.3.3-46.el6_6.x86_64.rpm
    php-mysql-5.3.3-46.el6_6.x86_64.rpm
    php-odbc-5.3.3-46.el6_6.x86_64.rpm
    php-pdo-5.3.3-46.el6_6.x86_64.rpm
    php-pgsql-5.3.3-46.el6_6.x86_64.rpm
    php-process-5.3.3-46.el6_6.x86_64.rpm
    php-pspell-5.3.3-46.el6_6.x86_64.rpm
    php-recode-5.3.3-46.el6_6.x86_64.rpm
    php-snmp-5.3.3-46.el6_6.x86_64.rpm
    php-soap-5.3.3-46.el6_6.x86_64.rpm
    php-tidy-5.3.3-46.el6_6.x86_64.rpm
    php-xml-5.3.3-46.el6_6.x86_64.rpm
    php-xmlrpc-5.3.3-46.el6_6.x86_64.rpm
    php-zts-5.3.3-46.el6_6.x86_64.rpm
    
    Red Hat Enterprise Linux HPC Node (v. 6):
    
    Source:
    php-5.3.3-46.el6_6.src.rpm
    
    x86_64:
    php-cli-5.3.3-46.el6_6.x86_64.rpm
    php-common-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    
    Red Hat Enterprise Linux HPC Node Optional (v. 6):
    
    x86_64:
    php-5.3.3-46.el6_6.x86_64.rpm
    php-bcmath-5.3.3-46.el6_6.x86_64.rpm
    php-dba-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    php-devel-5.3.3-46.el6_6.x86_64.rpm
    php-embedded-5.3.3-46.el6_6.x86_64.rpm
    php-enchant-5.3.3-46.el6_6.x86_64.rpm
    php-fpm-5.3.3-46.el6_6.x86_64.rpm
    php-gd-5.3.3-46.el6_6.x86_64.rpm
    php-imap-5.3.3-46.el6_6.x86_64.rpm
    php-intl-5.3.3-46.el6_6.x86_64.rpm
    php-ldap-5.3.3-46.el6_6.x86_64.rpm
    php-mbstring-5.3.3-46.el6_6.x86_64.rpm
    php-mysql-5.3.3-46.el6_6.x86_64.rpm
    php-odbc-5.3.3-46.el6_6.x86_64.rpm
    php-pdo-5.3.3-46.el6_6.x86_64.rpm
    php-pgsql-5.3.3-46.el6_6.x86_64.rpm
    php-process-5.3.3-46.el6_6.x86_64.rpm
    php-pspell-5.3.3-46.el6_6.x86_64.rpm
    php-recode-5.3.3-46.el6_6.x86_64.rpm
    php-snmp-5.3.3-46.el6_6.x86_64.rpm
    php-soap-5.3.3-46.el6_6.x86_64.rpm
    php-tidy-5.3.3-46.el6_6.x86_64.rpm
    php-xml-5.3.3-46.el6_6.x86_64.rpm
    php-xmlrpc-5.3.3-46.el6_6.x86_64.rpm
    php-zts-5.3.3-46.el6_6.x86_64.rpm
    
    Red Hat Enterprise Linux Server (v. 6):
    
    Source:
    php-5.3.3-46.el6_6.src.rpm
    
    i386:
    php-5.3.3-46.el6_6.i686.rpm
    php-cli-5.3.3-46.el6_6.i686.rpm
    php-common-5.3.3-46.el6_6.i686.rpm
    php-debuginfo-5.3.3-46.el6_6.i686.rpm
    php-gd-5.3.3-46.el6_6.i686.rpm
    php-ldap-5.3.3-46.el6_6.i686.rpm
    php-mysql-5.3.3-46.el6_6.i686.rpm
    php-odbc-5.3.3-46.el6_6.i686.rpm
    php-pdo-5.3.3-46.el6_6.i686.rpm
    php-pgsql-5.3.3-46.el6_6.i686.rpm
    php-soap-5.3.3-46.el6_6.i686.rpm
    php-xml-5.3.3-46.el6_6.i686.rpm
    php-xmlrpc-5.3.3-46.el6_6.i686.rpm
    
    ppc64:
    php-5.3.3-46.el6_6.ppc64.rpm
    php-cli-5.3.3-46.el6_6.ppc64.rpm
    php-common-5.3.3-46.el6_6.ppc64.rpm
    php-debuginfo-5.3.3-46.el6_6.ppc64.rpm
    php-gd-5.3.3-46.el6_6.ppc64.rpm
    php-ldap-5.3.3-46.el6_6.ppc64.rpm
    php-mysql-5.3.3-46.el6_6.ppc64.rpm
    php-odbc-5.3.3-46.el6_6.ppc64.rpm
    php-pdo-5.3.3-46.el6_6.ppc64.rpm
    php-pgsql-5.3.3-46.el6_6.ppc64.rpm
    php-soap-5.3.3-46.el6_6.ppc64.rpm
    php-xml-5.3.3-46.el6_6.ppc64.rpm
    php-xmlrpc-5.3.3-46.el6_6.ppc64.rpm
    
    s390x:
    php-5.3.3-46.el6_6.s390x.rpm
    php-cli-5.3.3-46.el6_6.s390x.rpm
    php-common-5.3.3-46.el6_6.s390x.rpm
    php-debuginfo-5.3.3-46.el6_6.s390x.rpm
    php-gd-5.3.3-46.el6_6.s390x.rpm
    php-ldap-5.3.3-46.el6_6.s390x.rpm
    php-mysql-5.3.3-46.el6_6.s390x.rpm
    php-odbc-5.3.3-46.el6_6.s390x.rpm
    php-pdo-5.3.3-46.el6_6.s390x.rpm
    php-pgsql-5.3.3-46.el6_6.s390x.rpm
    php-soap-5.3.3-46.el6_6.s390x.rpm
    php-xml-5.3.3-46.el6_6.s390x.rpm
    php-xmlrpc-5.3.3-46.el6_6.s390x.rpm
    
    x86_64:
    php-5.3.3-46.el6_6.x86_64.rpm
    php-cli-5.3.3-46.el6_6.x86_64.rpm
    php-common-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    php-gd-5.3.3-46.el6_6.x86_64.rpm
    php-ldap-5.3.3-46.el6_6.x86_64.rpm
    php-mysql-5.3.3-46.el6_6.x86_64.rpm
    php-odbc-5.3.3-46.el6_6.x86_64.rpm
    php-pdo-5.3.3-46.el6_6.x86_64.rpm
    php-pgsql-5.3.3-46.el6_6.x86_64.rpm
    php-soap-5.3.3-46.el6_6.x86_64.rpm
    php-xml-5.3.3-46.el6_6.x86_64.rpm
    php-xmlrpc-5.3.3-46.el6_6.x86_64.rpm
    
    Red Hat Enterprise Linux Server Optional (v. 6):
    
    i386:
    php-bcmath-5.3.3-46.el6_6.i686.rpm
    php-dba-5.3.3-46.el6_6.i686.rpm
    php-debuginfo-5.3.3-46.el6_6.i686.rpm
    php-devel-5.3.3-46.el6_6.i686.rpm
    php-embedded-5.3.3-46.el6_6.i686.rpm
    php-enchant-5.3.3-46.el6_6.i686.rpm
    php-fpm-5.3.3-46.el6_6.i686.rpm
    php-imap-5.3.3-46.el6_6.i686.rpm
    php-intl-5.3.3-46.el6_6.i686.rpm
    php-mbstring-5.3.3-46.el6_6.i686.rpm
    php-process-5.3.3-46.el6_6.i686.rpm
    php-pspell-5.3.3-46.el6_6.i686.rpm
    php-recode-5.3.3-46.el6_6.i686.rpm
    php-snmp-5.3.3-46.el6_6.i686.rpm
    php-tidy-5.3.3-46.el6_6.i686.rpm
    php-zts-5.3.3-46.el6_6.i686.rpm
    
    ppc64:
    php-bcmath-5.3.3-46.el6_6.ppc64.rpm
    php-dba-5.3.3-46.el6_6.ppc64.rpm
    php-debuginfo-5.3.3-46.el6_6.ppc64.rpm
    php-devel-5.3.3-46.el6_6.ppc64.rpm
    php-embedded-5.3.3-46.el6_6.ppc64.rpm
    php-enchant-5.3.3-46.el6_6.ppc64.rpm
    php-fpm-5.3.3-46.el6_6.ppc64.rpm
    php-imap-5.3.3-46.el6_6.ppc64.rpm
    php-intl-5.3.3-46.el6_6.ppc64.rpm
    php-mbstring-5.3.3-46.el6_6.ppc64.rpm
    php-process-5.3.3-46.el6_6.ppc64.rpm
    php-pspell-5.3.3-46.el6_6.ppc64.rpm
    php-recode-5.3.3-46.el6_6.ppc64.rpm
    php-snmp-5.3.3-46.el6_6.ppc64.rpm
    php-tidy-5.3.3-46.el6_6.ppc64.rpm
    php-zts-5.3.3-46.el6_6.ppc64.rpm
    
    s390x:
    php-bcmath-5.3.3-46.el6_6.s390x.rpm
    php-dba-5.3.3-46.el6_6.s390x.rpm
    php-debuginfo-5.3.3-46.el6_6.s390x.rpm
    php-devel-5.3.3-46.el6_6.s390x.rpm
    php-embedded-5.3.3-46.el6_6.s390x.rpm
    php-enchant-5.3.3-46.el6_6.s390x.rpm
    php-fpm-5.3.3-46.el6_6.s390x.rpm
    php-imap-5.3.3-46.el6_6.s390x.rpm
    php-intl-5.3.3-46.el6_6.s390x.rpm
    php-mbstring-5.3.3-46.el6_6.s390x.rpm
    php-process-5.3.3-46.el6_6.s390x.rpm
    php-pspell-5.3.3-46.el6_6.s390x.rpm
    php-recode-5.3.3-46.el6_6.s390x.rpm
    php-snmp-5.3.3-46.el6_6.s390x.rpm
    php-tidy-5.3.3-46.el6_6.s390x.rpm
    php-zts-5.3.3-46.el6_6.s390x.rpm
    
    x86_64:
    php-bcmath-5.3.3-46.el6_6.x86_64.rpm
    php-dba-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    php-devel-5.3.3-46.el6_6.x86_64.rpm
    php-embedded-5.3.3-46.el6_6.x86_64.rpm
    php-enchant-5.3.3-46.el6_6.x86_64.rpm
    php-fpm-5.3.3-46.el6_6.x86_64.rpm
    php-imap-5.3.3-46.el6_6.x86_64.rpm
    php-intl-5.3.3-46.el6_6.x86_64.rpm
    php-mbstring-5.3.3-46.el6_6.x86_64.rpm
    php-process-5.3.3-46.el6_6.x86_64.rpm
    php-pspell-5.3.3-46.el6_6.x86_64.rpm
    php-recode-5.3.3-46.el6_6.x86_64.rpm
    php-snmp-5.3.3-46.el6_6.x86_64.rpm
    php-tidy-5.3.3-46.el6_6.x86_64.rpm
    php-zts-5.3.3-46.el6_6.x86_64.rpm
    
    Red Hat Enterprise Linux Workstation (v. 6):
    
    Source:
    php-5.3.3-46.el6_6.src.rpm
    
    i386:
    php-5.3.3-46.el6_6.i686.rpm
    php-cli-5.3.3-46.el6_6.i686.rpm
    php-common-5.3.3-46.el6_6.i686.rpm
    php-debuginfo-5.3.3-46.el6_6.i686.rpm
    php-gd-5.3.3-46.el6_6.i686.rpm
    php-ldap-5.3.3-46.el6_6.i686.rpm
    php-mysql-5.3.3-46.el6_6.i686.rpm
    php-odbc-5.3.3-46.el6_6.i686.rpm
    php-pdo-5.3.3-46.el6_6.i686.rpm
    php-pgsql-5.3.3-46.el6_6.i686.rpm
    php-soap-5.3.3-46.el6_6.i686.rpm
    php-xml-5.3.3-46.el6_6.i686.rpm
    php-xmlrpc-5.3.3-46.el6_6.i686.rpm
    
    x86_64:
    php-5.3.3-46.el6_6.x86_64.rpm
    php-cli-5.3.3-46.el6_6.x86_64.rpm
    php-common-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    php-gd-5.3.3-46.el6_6.x86_64.rpm
    php-ldap-5.3.3-46.el6_6.x86_64.rpm
    php-mysql-5.3.3-46.el6_6.x86_64.rpm
    php-odbc-5.3.3-46.el6_6.x86_64.rpm
    php-pdo-5.3.3-46.el6_6.x86_64.rpm
    php-pgsql-5.3.3-46.el6_6.x86_64.rpm
    php-soap-5.3.3-46.el6_6.x86_64.rpm
    php-xml-5.3.3-46.el6_6.x86_64.rpm
    php-xmlrpc-5.3.3-46.el6_6.x86_64.rpm
    
    Red Hat Enterprise Linux Workstation Optional (v. 6):
    
    i386:
    php-bcmath-5.3.3-46.el6_6.i686.rpm
    php-dba-5.3.3-46.el6_6.i686.rpm
    php-debuginfo-5.3.3-46.el6_6.i686.rpm
    php-devel-5.3.3-46.el6_6.i686.rpm
    php-embedded-5.3.3-46.el6_6.i686.rpm
    php-enchant-5.3.3-46.el6_6.i686.rpm
    php-fpm-5.3.3-46.el6_6.i686.rpm
    php-imap-5.3.3-46.el6_6.i686.rpm
    php-intl-5.3.3-46.el6_6.i686.rpm
    php-mbstring-5.3.3-46.el6_6.i686.rpm
    php-process-5.3.3-46.el6_6.i686.rpm
    php-pspell-5.3.3-46.el6_6.i686.rpm
    php-recode-5.3.3-46.el6_6.i686.rpm
    php-snmp-5.3.3-46.el6_6.i686.rpm
    php-tidy-5.3.3-46.el6_6.i686.rpm
    php-zts-5.3.3-46.el6_6.i686.rpm
    
    x86_64:
    php-bcmath-5.3.3-46.el6_6.x86_64.rpm
    php-dba-5.3.3-46.el6_6.x86_64.rpm
    php-debuginfo-5.3.3-46.el6_6.x86_64.rpm
    php-devel-5.3.3-46.el6_6.x86_64.rpm
    php-embedded-5.3.3-46.el6_6.x86_64.rpm
    php-enchant-5.3.3-46.el6_6.x86_64.rpm
    php-fpm-5.3.3-46.el6_6.x86_64.rpm
    php-imap-5.3.3-46.el6_6.x86_64.rpm
    php-intl-5.3.3-46.el6_6.x86_64.rpm
    php-mbstring-5.3.3-46.el6_6.x86_64.rpm
    php-process-5.3.3-46.el6_6.x86_64.rpm
    php-pspell-5.3.3-46.el6_6.x86_64.rpm
    php-recode-5.3.3-46.el6_6.x86_64.rpm
    php-snmp-5.3.3-46.el6_6.x86_64.rpm
    php-tidy-5.3.3-46.el6_6.x86_64.rpm
    php-zts-5.3.3-46.el6_6.x86_64.rpm
    
    These packages are GPG signed by Red Hat for security.  Our key and
    details on how to verify the signature are available from
    https://access.redhat.com/security/team/key/
    
    7. References:
    
    https://access.redhat.com/security/cve/CVE-2014-9425
    https://access.redhat.com/security/cve/CVE-2014-9705
    https://access.redhat.com/security/cve/CVE-2014-9709
    https://access.redhat.com/security/cve/CVE-2015-0232
    https://access.redhat.com/security/cve/CVE-2015-0273
    https://access.redhat.com/security/cve/CVE-2015-2301
    https://access.redhat.com/security/cve/CVE-2015-2783
    https://access.redhat.com/security/cve/CVE-2015-2787
    https://access.redhat.com/security/cve/CVE-2015-3307
    https://access.redhat.com/security/cve/CVE-2015-3329
    https://access.redhat.com/security/cve/CVE-2015-3411
    https://access.redhat.com/security/cve/CVE-2015-3412
    https://access.redhat.com/security/cve/CVE-2015-4021
    https://access.redhat.com/security/cve/CVE-2015-4022
    https://access.redhat.com/security/cve/CVE-2015-4024
    https://access.redhat.com/security/cve/CVE-2015-4026
    https://access.redhat.com/security/cve/CVE-2015-4147
    https://access.redhat.com/security/cve/CVE-2015-4148
    https://access.redhat.com/security/cve/CVE-2015-4598
    https://access.redhat.com/security/cve/CVE-2015-4599
    https://access.redhat.com/security/cve/CVE-2015-4600
    https://access.redhat.com/security/cve/CVE-2015-4601
    https://access.redhat.com/security/cve/CVE-2015-4602
    https://access.redhat.com/security/cve/CVE-2015-4603
    https://access.redhat.com/security/updates/classification/#moderate
    
    8. Contact:
    
    The Red Hat security contact is . More contact
    details at https://access.redhat.com/security/team/contact/
    
    Copyright 2015 Red Hat, Inc.
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    Do you read our distribution advisories on a regular basis?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /component/communitypolls/?task=poll.vote&format=json
    23
    radio
    [{"id":"84","title":"Yes, for a single distribution","votes":"0","type":"x","order":"1","pct":0,"resources":[]},{"id":"85","title":"Yes, for multiple distributions","votes":"4","type":"x","order":"2","pct":66.67,"resources":[]},{"id":"86","title":"No","votes":"2","type":"x","order":"3","pct":33.33,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.