Fedora 21 : php-5.6.11-1.fc21 (2015-11581)

Critical Nessus Plugin ID 85061

Synopsis

The remote Fedora host is missing a security update.

Description

10 Jul 2015, **PHP 5.6.11**

**Core:**

- Fixed bug #69768 (escapeshell*() doesn't cater to !).
(cmb)

- Fixed bug #69703 (Use __builtin_clzl on PowerPC). (dja at axtens dot net, Kalle)

- Fixed bug #69732 (can induce segmentation fault with basic php code). (Dmitry)

- Fixed bug #69642 (Windows 10 reported as Windows 8).
(Christian Wenz, Anatol Belski)

- Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation fault). (Christoph M.
Becker)

- Fixed bug #69781 (phpinfo() reports Professional Editions of Windows 7/8/8.1/10 as 'Business').
(Christian Wenz)

- Fixed bug #69740 (finally in generator (yield) swallows exception in iteration). (Nikita)

- Fixed bug #69835 (phpinfo() does not report many Windows SKUs). (Christian Wenz)

- Fixed bug #69892 (Different arrays compare indentical due to integer key truncation). (Nikita)

- Fixed bug #69874 (Can't set empty additional_headers for mail()), regression from fix to bug #68776.
(Yasuo)

**GD:**

- Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)

**GMP:**

- Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP number). (Nikita)

**PCRE:**

- Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the string). (cmb)

- Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)

**PDO_pgsql:**

- Fixed bug #69752 (PDOStatement::execute() leaks memory with DML Statements when closeCuror() is u). (Philip Hofstetter)

- Fixed bug #69362 (PDO-pgsql fails to connect if password contains a leading single quote). (Matteo)

- Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps). (Matteo)

**SimpleXML:**

- Refactored the fix for bug #66084 (simplexml_load_string() mangles empty node name).
(Christoph Michael Becker)

**SPL:**

- Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error). (Stas)

- Fixed bug #67805 (SplFileObject setMaxLineLength).
(Willian Gustavo Veiga).

- Fixed bug #69970 (Use-after-free vulnerability in spl_recursive_it_move_forward_ex()). (Laruence)

**Sqlite3:**

- Fixed bug #69972 (Use-after-free vulnerability in sqlite3SafetyCheckSickOrOk()). (Laruence)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1245236

https://bugzilla.redhat.com/show_bug.cgi?id=1245242

http://www.nessus.org/u?12ddc91a

Plugin Details

Severity: Critical

ID: 85061

File Name: fedora_2015-11581.nasl

Version: Revision: 2.5

Type: local

Agent: unix

Published: 2015/07/29

Updated: 2016/10/18

Dependencies: 12634

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:21

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 2015/07/14

Reference Information

CVE: CVE-2015-5589, CVE-2015-5590

FEDORA: 2015-11581