Fedora 20 : php-5.5.22-1.fc20 (2015-2328)

High Nessus Plugin ID 81612

Synopsis

The remote Fedora host is missing a security update.

Description

19 Feb 2015, PHP 5.5.22

Core :

- Fixed bug #67068 (getClosure returns somethings that's not a closure). (Danack at basereality dot com)

- Fixed bug #68925 (Mitigation for CVE-2015-0235 ' GHOST: glibc gethostbyname buffer overflow). (Stas)

- Fixed bug #68942 (Use after free vulnerability in unserialize() with DateTimeZone). (CVE-2015-0273) (Stas)

- Added NULL byte protection to exec, system and passthru. (Yasuo)

- Removed support for multi-line headers, as the are deprecated by RFC 7230. (Stas)

Date :

- Fixed bug #45081 (strtotime incorrectly interprets SGT time zone). (Derick)

Dba :

- Fixed bug #68711 (useless comparisons). (bugreports at internot dot info)

Enchant :

- Fixed bug #6855 (heap buffer overflow in enchant_broker_request_dict()). (Antony)

Fileinfo :

- Fixed bug #68827 (Double free with disabled ZMM).
(Joshua Rogers)

FPM :

- Fixed bug #66479 (Wrong response to FCGI_GET_VALUES).
(Frank Stolle)

- Fixed bug #68571 (core dump when webserver close the socket). (redfoxli069 at gmail dot com, Laruence)

Libxml :

- Fixed bug #64938 (libxml_disable_entity_loader setting is shared between threads). (Martin Jansen)

OpenSSL :

- Fixed bug #55618 (use case-insensitive cert name matching). (Daniel Lowrey)

PDO_mysql :

- Fixed bug #68750 (PDOMysql with mysqlnd does not allow the usage of named pipes). (steffenb198 at aol.com)

Phar :

- Fixed bug #68901 (use after free). (bugreports at internot dot info)

Pgsql :

- Fixed Bug #65199 'pg_copy_from() modifies input array variable). (Yasuo)

Sqlite3 :

- Fixed bug #68260 (SQLite3Result::fetchArray declares wrong required_num_args). (Julien)

Mysqli :

- Fixed bug #68114 (linker error on some OS X machines with fixed width decimal support) (Keyur Govande)

- Fixed bug #68657 (Reading 4 byte floats with Mysqli and libmysqlclient has rounding errors) (Keyur Govande)

Session :

- Fixed bug #68941 (mod_files.sh is a bash-script) (bugzilla at ii.nl, Yasuo)

- Fixed Bug #66623 (no EINTR check on flock) (Yasuo)

- Fixed bug #68063 (Empty session IDs do still start sessions) (Yasuo)

Standard :

- Fixed bug #65272 (flock() out parameter not set correctly in windows). (Daniel Lowrey)

- Fixed bug #69033 (Request may get env. variables from previous requests if PHP works as FastCGI)

Streams :

- Fixed bug which caused call after final close on streams filter. (Bob)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

http://www.nessus.org/u?3c7c73c8

Plugin Details

Severity: High

ID: 81612

File Name: fedora_2015-2328.nasl

Version: 1.9

Type: local

Agent: unix

Published: 2015/03/05

Updated: 2020/06/04

Dependencies: 12634

Risk Information

Risk Factor: High

CVSS v2.0

Base Score: 7.5

Temporal Score: 5.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:POC/RL:OF/RC:C

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:20

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 2015/02/20

Vulnerability Publication Date: 2015/02/20

Exploitable With

Metasploit (Exim GHOST (glibc gethostbyname) Buffer Overflow)

Reference Information

BID: 64225, 67118, 72325, 72701

FEDORA: 2015-2328