Debian DLA-533-1 : php5 security update
High Nessus Plugin ID 91900
SynopsisThe remote Debian host is missing a security update.
Description- CVE-2016-5093.patch Absence of null character causes unexpected zend_string length and leaks heap memory. The test script uses locale_get_primary_language to reach get_icu_value_internal but there are some other functions that also trigger this issue:
locale_canonicalize, locale_filter_matches, locale_lookup, locale_parse
- CVE-2016-5094.patch don't create strings with lengths outside int range
- CVE-2016-5095.patch similar to CVE-2016-5094 don't create strings with lengths outside int range
- CVE-2016-5096.patch int/size_t confusion in fread
- CVE-TEMP-bug-70661.patch bug70661: Use After Free Vulnerability in WDDX Packet Deserialization
- CVE-TEMP-bug-70728.patch bug70728: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()
- CVE-TEMP-bug-70741.patch bug70741: Session WDDX Packet Deserialization Type Confusion Vulnerability
- CVE-TEMP-bug-70480-raw.patch bug70480:
php_url_parse_ex() buffer overflow read
For Debian 7 'Wheezy', these problems have been fixed in version 5.4.45-0+deb7u4.
We recommend that you upgrade your php5 packages.
NOTE: Tenable Network Security has extracted the preceding description block directly from the DLA security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
SolutionUpgrade the affected packages.