Alerts This Week
Warning Icon 1 537
Alerts This Week
Warning Icon 1 537

SUSE Linux: 2015:0436-1 Important: PHP 5.3 Critical Issues

suse
Calendar Grey March 5, 2015
Dist Suse Esm H88
SUSE Linux has released a vital security patch for PHP 5.3, targeting essential vulnerabilities. Safeguard your systems!
An update that fixes two vulnerabilities is now available

Summary

php5 has been updated to fix two security issues: * CVE-2014-9652: Out of bounds read in mconvert() (bnc#917150). * CVE-2015-0273: Use after free vulnerability in unserialize() with DateTimeZone (bnc#918768). Security Issues: * CVE-2014-9652 * CVE-2013-6501 Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11 SP3: zypper in -t patch sdksp3-apache2-mod_php53=10370 - SUSE Linux Enterprise Server 11 SP3 for VMware: zypper in -t patch slessp3-apache2-mod_php53=10370 - SUSE Linux Enterprise Server 11 SP3:

Topics%20covered

Topics Covered

security advisory critical issue software update server SUSE PHP development kit

References

#917150 #918768

Cross- CVE-2013-6501 CVE-2014-9652

Affected Products:

SUSE Linux Enterprise Software Development Kit 11 SP3

SUSE Linux Enterprise Server 11 SP3 for VMware

SUSE Linux Enterprise Server 11 SP3

https://www.suse.com/security/cve/CVE-2013-6501.html

https://www.suse.com/security/cve/CVE-2014-9652.html

https://bugzilla.suse.com/show_bug.cgi?id=917150

https://bugzilla.suse.com/show_bug.cgi?id=918768

https://scc.suse.com:443/patches/

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2015:0436-1
Rating: important

Topics%20covered

Topics Covered

security advisory critical issue software update server SUSE PHP development kit

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here