SUSE: 2015:1818-1 Important: php53 Remote Execution Threat Fix

suse

October 26, 2015

An update that solves 5 vulnerabilities and has two fixes An update that solves 5 vulnerabilities and has two fixes An update that solves 5 vulnerabilities and has two fixes is now...

Summary

This update of PHP5 brings several security fixes. Security fixes: * CVE-2015-6831: A use after free vulnerability in unserialize() has been fixed which could be used to crash php or potentially execute code. [bnc#942291] [bnc#942294] [bnc#942295] * CVE-2015-6836: A SOAP serialize_function_call() type confusion leading to remote code execution problem was fixed. [bnc#945428] * CVE-2015-6837 CVE-2015-6838: Two NULL pointer dereferences in the XSLTProcessor class were fixed. [bnc#945412] It also includes a bugfix for the odbc module: * compare with SQL_NULL_DATA correctly [bnc#935074] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 11-SP4:

Topics Covered

security advisory security update remote execution important software fix SUSE php53

References

#935074 #942291 #942294 #942295 #942296 #945412

#945428

Cross- CVE-2015-6831 CVE-2015-6833 CVE-2015-6836

CVE-2015-6837 CVE-2015-6838

Affected Products:

SUSE Linux Enterprise Software Development Kit 11-SP4

SUSE Linux Enterprise Software Development Kit 11-SP3

SUSE Linux Enterprise Server for VMWare 11-SP3

SUSE Linux Enterprise Server 11-SP4

SUSE Linux Enterprise Server 11-SP3

SUSE Linux Enterprise Debuginfo 11-SP4

SUSE Linux Enterprise Debuginfo 11-SP3

https://www.suse.com/security/cve/CVE-2015-6831.html

https://www.suse.com/security/cve/CVE-2015-6833.html

https://www.suse.com/security/cve/CVE-2015-6836.html

https://www.suse.com/security/cve/CVE-2015-6837.html

https://www.suse.com/security/cve/CVE-2015-6838.html

https://bugzilla.suse.com/935074

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2015:1818-1

Rating: important

Topics Covered

security advisory security update remote execution important software fix SUSE php53

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1818-1 Important: php53 Remote Execution Threat Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2015:1818-1 Important: php53 Remote Execution Threat Fix

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!