openSUSE Security Update : apache2-mod_php5 (apache2-mod_php5-593)
Medium Nessus Plugin ID 39916
SynopsisThe remote openSUSE host is missing a security update.
Descriptionphp 5.1.9 fixes among other things some security issues :
- Missing bounds checks of an error in the imageRotate function of the gd extension potentially allowed attackers to read portions of memory (CVE-2008-5498).
- the mbstring.func_overload in .htaccess was applied to other virtual hosts on th same machine (CVE-2009-0754).
SolutionUpdate the affected apache2-mod_php5 packages.