SUSE: 2013:1351-1 Important: PHP5 Denial Of Service Issues

suse

August 16, 2013

An update that solves 27 vulnerabilities and has one errata An update that solves 27 vulnerabilities and has one errata An update that solves 27 vulnerabilities and has one errata ...

Summary

php5 has been updated to roll up all pending security fixes for Long Term Service Pack Support. The Following security issues have been fixed: * CVE-2013-4635: Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP allowed context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function. * CVE-2013-1635: ext/soap/soap.c in PHP did not validate the relationship between the soap.wsdl_cache_dir directive and the open_basedir directive, which allowed remote attackers to bypass intended access restrictions by triggering the creation of cached SOAP WSDL files in an arbitrary directory. * CVE-2013-1643: The SOAP parser in PHP allowed remote attackers to read arbitrary files via a SOAP WSDL file

Topics Covered

security advisory security update software update Denial of Service security issues SUSE Linux PHP5

References

#699711 #709549 #713652 #728671 #733590 #735613

#736169 #738221 #741520 #741859 #742273 #742806

#743308 #744966 #746661 #749111 #752030 #753778

#760536 #761631 #772580 #772582 #775852 #778003

#783239 #807707 #828020 #829207

Cross- CVE-2011-1072 CVE-2011-1398 CVE-2011-1466

CVE-2011-2202 CVE-2011-3182 CVE-2011-4153

CVE-2011-4388 CVE-2011-4566 CVE-2011-4885

CVE-2012-0057 CVE-2012-0781 CVE-2012-0788

CVE-2012-0789 CVE-2012-0807 CVE-2012-0830

CVE-2012-0831 CVE-2012-1172 CVE-2012-1823

CVE-2012-2311 CVE-2012-2335 CVE-2012-2336

CVE-2012-2688 CVE-2012-3365 CVE-2013-1635

CVE-2013-1643 CVE-2013-4113 CVE-2013-4635

Affected Products:

SUSE Linux Enterprise Server 10 SP3 LTSS

https://www.suse.com/security/cve/CVE-2011-107...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2013:1351-1

Rating: important

Topics Covered

security advisory security update software update Denial of Service security issues SUSE Linux PHP5

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2013:1351-1 Important: PHP5 Denial Of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2013:1351-1 Important: PHP5 Denial Of Service Issues

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!