Fedora 23 : php-5.6.13-1.fc23 (2015-14978)

critical Nessus Plugin ID 86030

Synopsis

The remote Fedora host is missing a security update.

Description

03 Sep 2015, **PHP 5.6.13** **Core:** * Fixed bug #69900 (Too long timeout on pipes). (Anatol) * Fixed bug #69487 (SAPI may truncate POST data). (cmb) * Fixed bug #70198 (Checking liveness does not work as expected). (Shafreeck Sea, Anatol Belski) * Fixed bug #70172 (Use After Free Vulnerability in unserialize()). (Stas) * Fixed bug #70219 (Use after free vulnerability in session deserializer). (taoguangchen at icloud dot com) **CLI server:** * Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE). (wusuopu, cmb) * Fixed bug #70264 (CLI server directory traversal). (cmb) **Date:** * Fixed bug #70266 (DateInterval::__construct.interval_spec is not supposed to be optional). (cmb)

- Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after null byte). (cmb) **EXIF:** * Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes). (Stas) **hash:** * Fixed bug #70312 (HAVAL gives wrong hashes in specific cases).
(letsgolee at naver dot com) **MCrypt:** * Fixed bug #69833 (mcrypt fd caching not working). (Anatol)
**Opcache:** * Fixed bug #70237 (Empty while and do-while segmentation fault with opcode on CLI enabled).
(Dmitry, Laruence) **PCRE:** * Fixed bug #70232 (Incorrect bump-along behavior with \K and empty string match). (cmb) * Fixed bug #70345 (Multiple vulnerabilities related to PCRE functions). (Anatol Belski) **SOAP:** * Fixed bug #70388 (SOAP serialize_function_call() type confusion / RCE). (Stas)
**SPL:** * Fixed bug #70290 (NULL pointer deref (segfault) in spl_autoload via ob_start). (hugh at allthethings dot co dot nz) * Fixed bug #70303 (Incorrect constructor reflection for ArrayObject).
(cmb) * Fixed bug #70365 (Use-after-free vulnerability in unserialize() with SplObjectStorage). (taoguangchen at icloud dot com) * Fixed bug #70366 (Use-after-free vulnerability in unserialize() with SplDoublyLinkedList). (taoguangchen at icloud dot com)
**Standard:** * Fixed bug #70052 (getimagesize() fails for very large and very small WBMP). (cmb) * Fixed bug #70157 (parse_ini_string() segmentation fault with INI_SCANNER_TYPED). (Tjerk) **XSLT:** * Fixed bug #69782 (NULL pointer dereference). (Stas)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1260642

https://bugzilla.redhat.com/show_bug.cgi?id=1260647

https://bugzilla.redhat.com/show_bug.cgi?id=1260667

https://bugzilla.redhat.com/show_bug.cgi?id=1260671

https://bugzilla.redhat.com/show_bug.cgi?id=1260674

https://bugzilla.redhat.com/show_bug.cgi?id=1260683

https://bugzilla.redhat.com/show_bug.cgi?id=1260695

https://bugzilla.redhat.com/show_bug.cgi?id=1260707

https://bugzilla.redhat.com/show_bug.cgi?id=1260711

https://bugzilla.redhat.com/show_bug.cgi?id=1260734

https://bugzilla.redhat.com/show_bug.cgi?id=1260741

https://bugzilla.redhat.com/show_bug.cgi?id=1260748

http://www.nessus.org/u?bfa72a25

Plugin Details

Severity: Critical

ID: 86030

File Name: fedora_2015-14978.nasl

Version: 2.9

Type: local

Agent: unix

Published: 9/21/2015

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 6.7

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: Critical

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Vulnerability Information

CPE: p-cpe:/a:fedoraproject:fedora:php, cpe:/o:fedoraproject:fedora:23

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 9/18/2015

Reference Information

CVE: CVE-2015-6834, CVE-2015-6835, CVE-2015-6836, CVE-2015-6837, CVE-2015-6838

FEDORA: 2015-14978