Detections
Analytics

Fedora 22 : php-5.6.20-1.fc22 (2016-9282d83bee)

high Nessus Plugin ID 90465

Language:

Synopsis

The remote Fedora host is missing a security update.

Description

31 Mar 2016, **PHP 5.6.20** **CLI Server:** * Fixed bug php#69953 (Support MKCALENDAR request method). (Christoph) **Core:** * Fixed bug php#71596 (Segmentation fault on ZTS with date function (setlocale)).
(Anatol) **Curl:**

 - Fixed bug php#71694 (Support constant CURLM_ADDED_ALREADY). (mpyw) **Date:**

 - Fixed bug php#71635 (DatePeriod::getEndDate segfault).
 (Thomas Punt) **Fileinfo:** * Fixed bug php#71527 (Buffer over-write in finfo_open with malformed magic file). (Anatol) **Mbstring:** * Fixed bug php#71906 (AddressSanitizer: negative-size-param (-1) in mbfl_strcut). (Stas) **ODBC:**

 - Fixed bug php#47803, php#69526 (Executing prepared statements is succesfull only for the first two statements). (einavitamar, Anatol) * Fixed bug php#71860 (Invalid memory write in phar on filename with \0 in name). (Stas) **PDO_DBlib:** * Fixed bug php#54648 (PDO::MSSQL forces format of datetime fields). (steven, Anatol) **Phar:** * Fixed bug php#71625 (Crash in php7.dll with bad phar filename). (Anatol) * Fixed bug php#71504 (Parsing of tar file with duplicate filenames causes memory leak). (Jos Elstgeest) **SNMP:** * Fixed bug php#71704 (php_snmp_error() Format String Vulnerability). (andrew) **Standard** * Fixed bug php#71798 (Integer Overflow in php_raw_url_encode).
 (taoguangchen, Stas)

Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

Solution

Update the affected php package.

See Also

https://bugzilla.redhat.com/show_bug.cgi?id=1323103

https://bugzilla.redhat.com/show_bug.cgi?id=1323106

https://bugzilla.redhat.com/show_bug.cgi?id=1323108

https://bugzilla.redhat.com/show_bug.cgi?id=1323114

https://bugzilla.redhat.com/show_bug.cgi?id=1323118

http://www.nessus.org/u?047f56bc

Plugin Details

Severity: High

ID: 90465

File Name: fedora_2016-9282d83bee.nasl

Version: 2.3

Type: local

Agent: unix

Published: 4/13/2016

Updated: 1/11/2021

Supported Sensors: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

Vulnerability Information

CPE: cpe:/o:fedoraproject:fedora:22, p-cpe:/a:fedoraproject:fedora:php

Required KB Items: Host/local_checks_enabled, Host/RedHat/release, Host/RedHat/rpm-list

Patch Publication Date: 4/9/2016

Reference Information