SUSE: 2015:1253-2 Important: php5 Remote DoS Type Confusion Issue

suse

July 17, 2015

An update that fixes 15 vulnerabilities is now available

Summary

This security update of PHP fixes the following issues: Security issues fixed: * CVE-2015-4024 [bnc#931421]: Fixed multipart/form-data remote DOS Vulnerability. * CVE-2015-4026 [bnc#931776]: pcntl_exec() did not check path validity. * CVE-2015-4022 [bnc#931772]: Fixed and overflow in ftp_genlist() that resulted in a heap overflow. * CVE-2015-4021 [bnc#931769]: Fixed memory corruption in phar_parse_tarfile when entry filename starts with NULL. * CVE-2015-4148 [bnc#933227]: Fixed SoapClient's do_soap_call() type confusion after unserialize() information disclosure. * CVE-2015-4602 [bnc#935224]: Fixed an incomplete Class unserialization type confusion. * CVE-2015-4599, CVE-2015-4600, CVE-2015-4601 [bnc#935226]: Fixed type confusion issues in unserialize() with various SOAP methods.

Topics Covered

security advisory update remote DoS patch SUSE Linux php5 type confusion

References

#919080 #927147 #931421 #931769 #931772 #931776

#933227 #935224 #935226 #935227 #935232 #935234

#935274 #935275

Cross- CVE-2015-3411 CVE-2015-3412 CVE-2015-4021

CVE-2015-4022 CVE-2015-4024 CVE-2015-4026

CVE-2015-4148 CVE-2015-4598 CVE-2015-4599

CVE-2015-4600 CVE-2015-4601 CVE-2015-4602

CVE-2015-4603 CVE-2015-4643 CVE-2015-4644

Affected Products:

SUSE Linux Enterprise Module for Web Scripting 12

https://www.suse.com/security/cve/CVE-2015-3411.html

https://www.suse.com/security/cve/CVE-2015-3412.html

https://www.suse.com/security/cve/CVE-2015-4021.html

https://www.suse.com/security/cve/CVE-2015-4022.html

https://www.suse.com/security/cve/CVE-2015-4024.html

https://www.suse.com/security/cve/CVE-2015-4026.html

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1253-2

Rating: important

Topics Covered

security advisory update remote DoS patch SUSE Linux php5 type confusion

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1253-2 Important: php5 Remote DoS Type Confusion Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1253-2 Important: php5 Remote DoS Type Confusion Issue

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!