Fedora 18 : php-5.4.19-1.fc18 (2013-14985)

This script is Copyright (C) 2013-2015 Tenable Network Security, Inc.


Synopsis :

The remote Fedora host is missing a security update.

Description :

Version 5.4.19, 22-Aug-2013

Core :

- Fixed bug #64503 (Compilation fails with error:
conflicting types for 'zendparse'). (Laruence)

Openssl :

- Fixed UMR in fix for CVE-2013-4248.

Version 5.4.18, 15-Aug-2013

Core :

- Fixed value of FILTER_SANITIZE_FULL_SPECIAL_CHARS
constant (previously was erroneously set to
FILTER_SANITIZE_SPECIAL_CHARS value).

- Fixed bug #65254 (Exception not catchable when
exception thrown in autoload with a namespace).

- Fixed bug #65108 (is_callable() triggers Fatal Error).

- Fixed bug #65088 (Generated configure script is
malformed on OpenBSD).

- Fixed bug #62964 (Possible XSS on 'Registered stream
filters' info).

- Fixed bug #62672 (Error on serialize of ArrayObject).

- Fixed bug #62475 (variant_* functions causes crash
when null given as an argument).

- Fixed bug #60732 (php_error_docref links to invalid
pages).

- Fixed bug #65226 (chroot() does not get enabled).

CLI server :

- Fixed bug #65066 (Cli server not responsive when
responding with 422 http status code).

CURL :

- Fixed bug #62665 (curl.cainfo doesn't appear in
php.ini).

FTP :

- Fixed bug #65228 (FTPs memory leak with SSL).

GMP :

- Fixed bug #65227 (Memory leak in gmp_cmp second
parameter).

Imap :

- Fixed bug #64467 (Segmentation fault after imap_reopen
failure).

Intl :

- Fixed bug #62759 (Buggy grapheme_substr() on edge case).
Fixed bug #61860 (Offsets may be wrong for
grapheme_stri* functions).

mysqlnd :

- Fixed segfault in mysqlnd when doing long prepare.

ODBC :

- Fixed bug #61387 (NULL valued anonymous column causes
segfault in odbc_fetch_array).

Openssl :

- Fixed handling null bytes in subjectAltName
(CVE-2013-4248).

PDO_dblib :

- Fixed bug #65219 (PDO/dblib not working anymore ('use
dbName' not sent)).

PDO_pgsql :

- Fixed meta data retrieve when OID is larger than 2^31.

Session :

- Fixed bug #62535 ($_SESSION[$key]['cancel_upload']
doesn't work as documented).

- Fixed bug #35703 (when session_name('123') consist
only digits, should warning).

- Fixed bug #49175 (mod_files.sh does not support hash
bits).

Sockets :

- Implemented FR #63472 (Setting SO_BINDTODEVICE with
socket_set_option).

SPL :

- Fixed bug #65136 (RecursiveDirectoryIterator segfault).

- Fixed bug #61828 (Memleak when calling
Directory(Recursive)Iterator /Spl(Temp)FileObject ctor
twice).

- Fixed bug #60560 (SplFixedArray un-/serialize,
getSize(), count() return 0, keys are strings).

Note that Tenable Network Security has extracted the preceding
description block directly from the Fedora security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

https://bugzilla.redhat.com/show_bug.cgi?id=997097
http://www.nessus.org/u?40464961

Solution :

Update the affected php package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N)
CVSS Temporal Score : 3.7
(CVSS2#E:ND/RL:OF/RC:C)
Public Exploit Available : true

Family: Fedora Local Security Checks

Nessus Plugin ID: 69815 ()

Bugtraq ID: 61776

CVE ID: CVE-2013-4248

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now