SUSE: 2016:2408-1 Important: Php5 Buffer Overflow Security Update

suse

September 28, 2016

An update that fixes 24 vulnerabilities is now available

Summary

This update for php5 fixes the following security issues: * CVE-2016-6128: Invalid color index not properly handled [bsc#987580] * CVE-2016-6161: global out of bounds read when encoding gif from malformed input withgd2togif [bsc#988032] * CVE-2016-6292: Null pointer dereference in exif_process_user_comment [bsc#991422] * CVE-2016-6295: Use after free in SNMP with GC and unserialize() [bsc#991424] * CVE-2016-6297: Stack-based buffer overflow vulnerability in php_stream_zip_opener [bsc#991426] * CVE-2016-6291: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE [bsc#991427] * CVE-2016-6289: Integer overflow leads to buffer overflow in virtual_file_ex [bsc#991428] * CVE-2016-6290: Use after free in unserialize() with Unexpected Session Deserialization [bsc#991429]

Topics Covered

security advisory security update buffer overflow important SUSE php5 access issues

References

#987530 #987580 #988032 #991422 #991424 #991426

#991427 #991428 #991429 #991430 #991433 #991434

#991437 #997206 #997207 #997208 #997210 #997211

#997220 #997225 #997230 #997248 #997257

Cross- CVE-2014-3587 CVE-2016-3587 CVE-2016-5399

CVE-2016-6128 CVE-2016-6161 CVE-2016-6207

CVE-2016-6288 CVE-2016-6289 CVE-2016-6290

CVE-2016-6291 CVE-2016-6292 CVE-2016-6295

CVE-2016-6296 CVE-2016-6297 CVE-2016-7124

CVE-2016-7125 CVE-2016-7126 CVE-2016-7127

CVE-2016-7128 CVE-2016-7129 CVE-2016-7130

CVE-2016-7131 CVE-2016-7132 CVE-2016-7134

Affected Products:

SUSE Linux Enterprise Software Development Kit 12-SP1

SUSE Linux Enterprise Module for Web Scripting 12

https://www.suse.com/security/cve/CVE-2014-3587.html

https://www.suse.com/security/...

Read the Full Advisory

Severity

important

Lowest

Low

Medium

High

Critical

Announcement ID: SUSE-SU-2016:2408-1

Rating: important

Topics Covered

security advisory security update buffer overflow important SUSE php5 access issues

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Like staying secure? So do we.
Sign up for updates, tips, and alerts!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:2408-1 Important: Php5 Buffer Overflow Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Topics Covered

Topics Covered

Search News & Updates

Recent Searches

Search Advisories & Updates

Recent Searches

Get the latest News and Insights

Our Top Picks

SUSE: 2016:2408-1 Important: Php5 Buffer Overflow Security Update

Summary

Topics Covered

References

Topics Covered

Get the latest News and Insights

Related Articles

Related News

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!