Detections
Analytics

Fedora 22 : php-5.6.17-1.fc22 (2016-5207e0c1a1)

high Nessus Plugin ID 89542

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

07 Jan 2016, **PHP 5.6.17** **Core:** * Fixed bug php#66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky) * Fixed bug php#70958 (Invalid opcode while using ::class as trait method paramater default value). (Laruence) * Fixed bug php#70957 (self::class can not be resolved with reflection for abstract class). (Laruence) * Fixed bug php#70944 (try{ } finally{} can create infinite chains of exceptions).
(Laruence) * Fixed bug php#61751 (SAPI build problem on AIX: Undefined symbol: php_register_internal_extensions). (Lior Kaplan) **FPM:** * Fixed bug php#70755 (fpm_log.c memory leak and buffer overflow).
(Stas) **GD:** * Fixed bug php#70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds). (emmanuel dot law at gmail dot com). **Mysqlnd:** * Fixed bug php#68077 (LOAD DATA LOCAL INFILE / open_basedir restriction). (Laruence) **SOAP:** * Fixed bug php#70900 (SoapClient systematic out of memory error). (Dmitry)
**Standard:** * Fixed bug php#70960 (ReflectionFunction for array_unique returns wrong number of parameters). (Laruence)
**PDO_Firebird:** * Fixed bug php#60052 (Integer returned as a 64bit integer on X64_86). (Mariuz) **WDDX:** * Fixed bug php#70661 (Use After Free Vulnerability in WDDX Packet Deserialization).
(taoguangchen at icloud dot com) * Fixed bug php#70741 (Session WDDX Packet Deserialization Type Confusion Vulnerability). (taoguangchen at icloud dot com) **XMLRPC:** * Fixed bug php#70728 (Type Confusion Vulnerability in PHP_to_XMLRPC_worker()). (Julien)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1297710

https://bugzilla.redhat.com/show_bug.cgi?id=1297720

https://bugzilla.redhat.com/show_bug.cgi?id=1297726

https://bugzilla.redhat.com/show_bug.cgi?id=1297730

http://www.nessus.org/u?a7ab47e9

Plugin Details

Severity: High

ID: 89542

File Name: fedora_2016-5207e0c1a1.nasl

Version: 1.3

Type: local

Agent: unix

Published: 3/4/2016

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:22

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 1/16/2016

Reference Information