Alerts This Week
Warning Icon 1 631
Alerts This Week
Warning Icon 1 631

SUSE: 2012:1034-1 Important: PHP5 Buffer Overflow And Open_Basedir Issue

suse
Calendar Grey August 24, 2012
Dist Suse Esm H88
SUSE has unveiled a security patch for php5 addressing significant vulnerabilities, including open_basedir circumvention and additional concerns.
An update that fixes two vulnerabilities is now available

Summary

This update fixes two security issues of PHP5: * Potential overflow in _php_stream_scandir. (CVE-2012-2688 ) * open_basedir bypass via SQLite extension. (CVE-2012-3365 ) Indications: Everyone using PHP5 should update.. Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP2: zypper in -t patch sdksp1-apache2-mod_php5-6627 - SUSE Linux Enterprise Software Development Kit 11 SP1: zypper in -t patch sdksp1-apache2-mod_php5-6627 - SUSE Linux Enterprise Server 11 SP2:

Topics%20covered

Topics Covered

security advisory buffer overflow SUSE CVE reference php5 patch instructions open_basedir

References

#772580 #772582

Cross- CVE-2012-2688 CVE-2012-3365

Affected Products:

SUSE Linux Enterprise Software Development Kit 11 SP2

SUSE Linux Enterprise Software Development Kit 11 SP1

SUSE Linux Enterprise Server 11 SP2

SUSE Linux Enterprise Server 11 SP1 for VMware

SUSE Linux Enterprise Server 11 SP1

SUSE Linux Enterprise Server 10 SP4

SLE SDK 10 SP4

https://www.suse.com/security/cve/CVE-2012-2688.html

https://www.suse.com/security/cve/CVE-2012-3365.html

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2012:1034-1
Rating: important

Topics%20covered

Topics Covered

security advisory buffer overflow SUSE CVE reference php5 patch instructions open_basedir

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here