Detections
Analytics

Fedora 23 : php-5.6.19-1.fc23 (2016-c0853ea24e)

high Nessus Plugin ID 89703

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

03 Mar 2016, **PHP 5.6.19** **CLI server:** * Fixed bug php#71559 (Built-in HTTP server, we can download file in web by bug). (Johannes, Anatol) **CURL:**

 - Fixed bug php#71523 (Copied handle with new option CURLOPT_HTTPHEADER crashes while curl_multi_exec).
 (Laruence) **Date:** * Fixed bug php#68078 (Datetime comparisons ignore microseconds). (Willem-Jan Zijderveld) * Fixed bug php#71525 (Calls to date_modify will mutate timelib_rel_time, causing date_date_set issues). (Sean DuBois) **Fileinfo:** * Fixed bug php#71434 (finfo throws notice for specific python file). (Laruence) **FPM:** * Fixed bug php#62172 (FPM not working with Apache httpd 2.4 balancer/fcgi setup).
 (Matt Haught, Remi) **Opcache:** * Fixed bug php#71584 (Possible use-after-free of ZCG(cwd) in Zend Opcache).
 (Yussuf Khalil) **PDO MySQL:** * Fixed bug php#71569 (#70389 fix causes segmentation fault). (Nikita)
 **Phar:** * Fixed bug php#71498 (Out- of-Bound Read in phar_parse_zipfile()). (Stas) **Standard:** * Fixed bug php#70720 (strip_tags improper php code parsing).
 (Julien) **WDDX:** * Fixed bug php#71587 (Use-After-Free / Double-Free in WDDX Deserialize). (Stas) **XSL:** * Fixed bug php#71540 (NULL pointer dereference in xsl_ext_function_php()). (Stas) **Zip:** * Fixed bug php#71561 (NULL pointer dereference in Zip::ExtractTo).
 (Laruence)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

http://www.nessus.org/u?76d8890b

Plugin Details

Severity: High

ID: 89703

File Name: fedora_2016-c0853ea24e.nasl

Version: 2.3

Type: local

Agent: unix

Published: 3/7/2016

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:23

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 3/5/2016

Reference Information