[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ MDVSA-2015:004 ] php



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:004
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : php
 Date    : January 5, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Updated php packages fix security vulnerability:
 
 A use-after-free flaw was found in PHP unserialize(). An untrusted
 input could cause PHP interpreter to crash or, possibly, execute
 arbitrary code when processed using unserialize() (CVE-2014-8142).
 
 PHP has been updated to version 5.5.20, which fixes these issues and
 other bugs.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8142
 http://advisories.mageia.org/MGASA-2014-0542.html
 _______________________________________________________________________

 Updated Packages:

 Mandriva Business Server 1/X86_64:
 5720285929fd2da4e5a2b811fbb82ab9  mbs1/x86_64/apache-mod_php-5.5.20-1.mbs1.x86_64.rpm
 800b3d577d711326623c8ccee0f01cd9  mbs1/x86_64/lib64php5_common5-5.5.20-1.mbs1.x86_64.rpm
 87a70568001565518de6ea72378019fc  mbs1/x86_64/php-apc-3.1.15-1.14.mbs1.x86_64.rpm
 f47356b51335e88748981c27d3b56101  mbs1/x86_64/php-apc-admin-3.1.15-1.14.mbs1.x86_64.rpm
 49b993225c5a894488a0fdfeb970296a  mbs1/x86_64/php-bcmath-5.5.20-1.mbs1.x86_64.rpm
 e49974dd72a4f9b5554e173e998269fe  mbs1/x86_64/php-bz2-5.5.20-1.mbs1.x86_64.rpm
 eaef3f62b6e1f9b1f1e2f2ae2604fbae  mbs1/x86_64/php-calendar-5.5.20-1.mbs1.x86_64.rpm
 bf47b18144bcbe4e03b8668bc286105b  mbs1/x86_64/php-cgi-5.5.20-1.mbs1.x86_64.rpm
 7b876372748f1e202631f5a6189813f6  mbs1/x86_64/php-cli-5.5.20-1.mbs1.x86_64.rpm
 62ec41210273cc5b4b3563c10e10fa77  mbs1/x86_64/php-ctype-5.5.20-1.mbs1.x86_64.rpm
 5388b6a9270f3787f25ec51debec5b66  mbs1/x86_64/php-curl-5.5.20-1.mbs1.x86_64.rpm
 514a74531b687c8c06466dd0540b8591  mbs1/x86_64/php-dba-5.5.20-1.mbs1.x86_64.rpm
 5d69d0cce490e833d96c028d60360db9  mbs1/x86_64/php-devel-5.5.20-1.mbs1.x86_64.rpm
 4ffcd00fba73c3d77fba861265361ee6  mbs1/x86_64/php-doc-5.5.20-1.mbs1.noarch.rpm
 4790a31844d8d02696a7534b335d9bbb  mbs1/x86_64/php-dom-5.5.20-1.mbs1.x86_64.rpm
 216b909ce39213db2c803844ae287446  mbs1/x86_64/php-enchant-5.5.20-1.mbs1.x86_64.rpm
 a1e0c36488c3d90f840b2e36b1fa416f  mbs1/x86_64/php-exif-5.5.20-1.mbs1.x86_64.rpm
 8d19a3d6776447d262ced0bb321a485a  mbs1/x86_64/php-fileinfo-5.5.20-1.mbs1.x86_64.rpm
 4cb4001e09da88dce211d2a8feb110b7  mbs1/x86_64/php-filter-5.5.20-1.mbs1.x86_64.rpm
 a3ca9f0ed4ff81e1af60350b410507ca  mbs1/x86_64/php-fpm-5.5.20-1.mbs1.x86_64.rpm
 57dab250e8e6eb0e34ddb5a46dab2bc2  mbs1/x86_64/php-ftp-5.5.20-1.mbs1.x86_64.rpm
 9b4a623cfee8a5a72adaf4fb4e9e555d  mbs1/x86_64/php-gd-5.5.20-1.mbs1.x86_64.rpm
 8d164897c9bc2cb30950c7b551d9a8e9  mbs1/x86_64/php-gettext-5.5.20-1.mbs1.x86_64.rpm
 36d16a8f36df64497f3c530e5569bb84  mbs1/x86_64/php-gmp-5.5.20-1.mbs1.x86_64.rpm
 9b88cac2d75811a7ff656768604123ab  mbs1/x86_64/php-hash-5.5.20-1.mbs1.x86_64.rpm
 4d8a0d5722859f2d710b6a26b2ee9727  mbs1/x86_64/php-iconv-5.5.20-1.mbs1.x86_64.rpm
 03e8ecb9f5429190f6c795b2b3b40499  mbs1/x86_64/php-imap-5.5.20-1.mbs1.x86_64.rpm
 f32cfb5b4d89f8025982bb3c840d9322  mbs1/x86_64/php-ini-5.5.20-1.mbs1.x86_64.rpm
 8a152756fb0ee74d89e7be069d2a6761  mbs1/x86_64/php-intl-5.5.20-1.mbs1.x86_64.rpm
 0192f7fb7b08469d9c7be09f427cff7d  mbs1/x86_64/php-json-5.5.20-1.mbs1.x86_64.rpm
 9e807b16221a8e3429bf2fc3b139aa94  mbs1/x86_64/php-ldap-5.5.20-1.mbs1.x86_64.rpm
 948cb86a4aadf969c55c97f70ec41035  mbs1/x86_64/php-mbstring-5.5.20-1.mbs1.x86_64.rpm
 872d498d32f0a16cef82fbfbc01a97ac  mbs1/x86_64/php-mcrypt-5.5.20-1.mbs1.x86_64.rpm
 0e2a96f402b827cbfcc871d25d59bc83  mbs1/x86_64/php-mssql-5.5.20-1.mbs1.x86_64.rpm
 e90d719e3adce6deb799fc7c14793b52  mbs1/x86_64/php-mysql-5.5.20-1.mbs1.x86_64.rpm
 96a9362a00ec884406ff0ac902bac3b0  mbs1/x86_64/php-mysqli-5.5.20-1.mbs1.x86_64.rpm
 51cabb52dfc7c58ff5d465f941647f8f  mbs1/x86_64/php-mysqlnd-5.5.20-1.mbs1.x86_64.rpm
 572ef3e40d7ea8161a8d86183e33ac1c  mbs1/x86_64/php-odbc-5.5.20-1.mbs1.x86_64.rpm
 b296ecac3dbb2ec75713425d72d1dbb8  mbs1/x86_64/php-opcache-5.5.20-1.mbs1.x86_64.rpm
 0463f6265233506f9ac65dd956f3ae22  mbs1/x86_64/php-openssl-5.5.20-1.mbs1.x86_64.rpm
 2cdc4b40d74dbcc315fa58606e92f03d  mbs1/x86_64/php-pcntl-5.5.20-1.mbs1.x86_64.rpm
 691c184466ab3b117c355fe9ca837928  mbs1/x86_64/php-pdo-5.5.20-1.mbs1.x86_64.rpm
 59a04a57c4390f2736922a790fbf3ca7  mbs1/x86_64/php-pdo_dblib-5.5.20-1.mbs1.x86_64.rpm
 47bd59fca9c287140a0e4f2185dd2af7  mbs1/x86_64/php-pdo_mysql-5.5.20-1.mbs1.x86_64.rpm
 78a5e31e3339d78ac0fc1d08162218da  mbs1/x86_64/php-pdo_odbc-5.5.20-1.mbs1.x86_64.rpm
 7c36cf025f789d85b4165614b86316db  mbs1/x86_64/php-pdo_pgsql-5.5.20-1.mbs1.x86_64.rpm
 831bfe268b87e0e3475a753c6cf7ec90  mbs1/x86_64/php-pdo_sqlite-5.5.20-1.mbs1.x86_64.rpm
 68dc439506b7ec890939dd1f23e82967  mbs1/x86_64/php-pgsql-5.5.20-1.mbs1.x86_64.rpm
 af39283b07cc7d0798c3affcd73a74f0  mbs1/x86_64/php-phar-5.5.20-1.mbs1.x86_64.rpm
 4fe7c35ed1d88b37eac93712dba14e72  mbs1/x86_64/php-posix-5.5.20-1.mbs1.x86_64.rpm
 271a18ea2eda0c0d2b0428b553b9140b  mbs1/x86_64/php-readline-5.5.20-1.mbs1.x86_64.rpm
 f9866dacaceb6cd9b07b14a0eaa8edad  mbs1/x86_64/php-recode-5.5.20-1.mbs1.x86_64.rpm
 840567d2df61e8c844f1d0a160073142  mbs1/x86_64/php-session-5.5.20-1.mbs1.x86_64.rpm
 c3cf612304ec416faa035c5e77b24cf4  mbs1/x86_64/php-shmop-5.5.20-1.mbs1.x86_64.rpm
 1b842f9d3bcccc58a5b6995ace6b7778  mbs1/x86_64/php-snmp-5.5.20-1.mbs1.x86_64.rpm
 a1c63cf4d861f6cb9de809fd978fb386  mbs1/x86_64/php-soap-5.5.20-1.mbs1.x86_64.rpm
 31ed20639db152f81374ccb7e84cc255  mbs1/x86_64/php-sockets-5.5.20-1.mbs1.x86_64.rpm
 1161f88d397130f37a2c2cb5ea1a1591  mbs1/x86_64/php-sqlite3-5.5.20-1.mbs1.x86_64.rpm
 faf741bbd816020c1232d24d43a88301  mbs1/x86_64/php-sybase_ct-5.5.20-1.mbs1.x86_64.rpm
 36622ce26efd04d2174bafb8c97cd6a0  mbs1/x86_64/php-sysvmsg-5.5.20-1.mbs1.x86_64.rpm
 32a1cd3801eb3d34deef3bf2b2eb175c  mbs1/x86_64/php-sysvsem-5.5.20-1.mbs1.x86_64.rpm
 e9901c9efb2fd42c44369fe16610dda2  mbs1/x86_64/php-sysvshm-5.5.20-1.mbs1.x86_64.rpm
 d1573514737e8cd8d3d9b93b0c6487c1  mbs1/x86_64/php-tidy-5.5.20-1.mbs1.x86_64.rpm
 ade13ce2344b5ad7e018157e13e29b7d  mbs1/x86_64/php-tokenizer-5.5.20-1.mbs1.x86_64.rpm
 9d1aeed50e19981be9bca6be88aad94a  mbs1/x86_64/php-wddx-5.5.20-1.mbs1.x86_64.rpm
 2a045a9b68b81cd05840b060b098840e  mbs1/x86_64/php-xml-5.5.20-1.mbs1.x86_64.rpm
 628772e293d6075ab5bb4165494ffc53  mbs1/x86_64/php-xmlreader-5.5.20-1.mbs1.x86_64.rpm
 ff722434dbc88d430481d67bab2bd6b1  mbs1/x86_64/php-xmlrpc-5.5.20-1.mbs1.x86_64.rpm
 a2386debfd20d4d3cb0d0e35a45aaa95  mbs1/x86_64/php-xmlwriter-5.5.20-1.mbs1.x86_64.rpm
 4d70cab1d42cd41318090d5e465dbe71  mbs1/x86_64/php-xsl-5.5.20-1.mbs1.x86_64.rpm
 b3b3a06cb942d8575ff494ef1ba36f67  mbs1/x86_64/php-zip-5.5.20-1.mbs1.x86_64.rpm
 d01068faa1c68ecf27853dd2a76be0aa  mbs1/x86_64/php-zlib-5.5.20-1.mbs1.x86_64.rpm 
 810dd39796955d28c83b42e917486537  mbs1/SRPMS/php-5.5.20-1.mbs1.src.rpm
 04608504f9981bfd981a1be5b537e1ea  mbs1/SRPMS/php-apc-3.1.15-1.14.mbs1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/en/support/security/advisories/

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFUqn96mqjQ0CJFipgRAlnaAKDW5GhSOvkltpdaL1xjc+v3N3hHewCgpJv2
Ba+V1qB+QyffKajCVzRo/C0=
=rqW0
-----END PGP SIGNATURE-----