SuSE 11.2 Security Update : PHP5 (SAT Patch Number 6440)
High Nessus Plugin ID 64104
The remote SuSE 11 host is missing one or more security updates.
PHP5 was updated with incremental fixes to the previous update. - Additional unsafe cgi wrapper scripts are also fixed now. (CVE-2012-2335) - Even more commandline option handling is filtered, which could lead to crashes of the php interpreter. (CVE-2012-2336) - heap-based buffer overflow in php's phar extension. (CVE-2012-2386) - The crypt() implementation ignored wide characters, leading to shorter effective password lengths. Note: With this update applied affected passwords will no longer work and need to be set again. (CVE-2012-2143)