php-5.4.16-42.el7
エラータID: AXSA:2016-1118:03
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.
Security issues fixed with this release:
CVE-2016-5399
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2016-5766
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD
Graphics Library (aka libgd) before 2.2.3, as used in PHP before
5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote
attackers to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via
crafted chunk dimensions in an image.
CVE-2016-5767
Integer overflow in the gdImageCreate function in gd.c in the GD
Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before
5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote
attackers to cause a denial of service (heap-based buffer overflow and
application crash) or possibly have unspecified other impact via a
crafted image dimensions.
CVE-2016-5768
Double free vulnerability in the _php_mb_regex_ereg_replace_exec
function in php_mbregex.c in the mbstring extension in PHP before
5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote
attackers to execute arbitrary code or cause a denial of service
(application crash) by leveraging a callback exception.
Additional Changes:
Update packages.
The bzread function in ext/bz2/bz2.c in PHP before 5.5.38, 5.6.x before 5.6.24, and 7.x before 7.0.9 allows remote attackers to cause a denial of service (out-of-bounds write) or execute arbitrary code via a crafted bz2 archive.
Integer overflow in the _gd2GetHeader function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.3, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via crafted chunk dimensions in an image.
Integer overflow in the gdImageCreate function in gd.c in the GD Graphics Library (aka libgd) before 2.0.34RC1, as used in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8, allows remote attackers to cause a denial of service (heap-based buffer overflow and application crash) or possibly have unspecified other impact via a crafted image dimensions.
Double free vulnerability in the _php_mb_regex_ereg_replace_exec function in php_mbregex.c in the mbstring extension in PHP before 5.5.37, 5.6.x before 5.6.23, and 7.x before 7.0.8 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by leveraging a callback exception.
N/A
SRPMS
- php-5.4.16-42.el7.src.rpm
MD5: fd401b0e9eac1998bf8af2c3183484b4
SHA-256: ae4c083db12ce2c6651c02398ac20373b570ea2b41dc4ea9ebacecd5f083612d
Size: 11.40 MB
Asianux Server 7 for x86_64
- php-5.4.16-42.el7.x86_64.rpm
MD5: 9d46934b2d9d696a36f2b0114be80996
SHA-256: 795ae4c51f356fd833dc3fafc03c650ffc072990fb5432c408eba2b56a846000
Size: 1.35 MB - php-bcmath-5.4.16-42.el7.x86_64.rpm
MD5: f63300da67c9705cdc4e9b2945e4c1f6
SHA-256: 705b86403a1ec1baf546b6f37b114f160ef9364f5f8d9c7771434ea648059629
Size: 56.21 kB - php-cli-5.4.16-42.el7.x86_64.rpm
MD5: 6b853b4e8915ca8a99d2b8508640eaca
SHA-256: 75794f03aceda6c7a07b2eb6d54e13298512a45666c01a7502f249408b386266
Size: 2.74 MB - php-common-5.4.16-42.el7.x86_64.rpm
MD5: cc7162b08af693f3293c3b6a79140e9f
SHA-256: 07be607057f93975072d71768dee875ba3be41295796c92c6a7395820d27e369
Size: 563.41 kB - php-gd-5.4.16-42.el7.x86_64.rpm
MD5: 336dc91fe293eabb40dcd072148a2ada
SHA-256: 23bd3f489dd523ed61e60d44f5e316eef63ad0c3bec97970f8adbc7cded9429c
Size: 126.08 kB - php-ldap-5.4.16-42.el7.x86_64.rpm
MD5: 74245fa2cdb13eb467af12d8a084038c
SHA-256: 71d741170345405434d4a56038b9c8a8e891d82d06df5c5454d22943dd1c4c58
Size: 51.16 kB - php-mbstring-5.4.16-42.el7.x86_64.rpm
MD5: 4e578447359f905ca39b193a14d368f3
SHA-256: 17710e9637c7003a002216ec5cab462406ec64daba1208aa49485b8bdca31898
Size: 503.55 kB - php-mysql-5.4.16-42.el7.x86_64.rpm
MD5: 86203c2737f8585522e72e0d9478197f
SHA-256: f4a73dae7d5c6dd8dcae787076e079da2d4ed8896d15d16d0f150508f6bcd594
Size: 99.81 kB - php-odbc-5.4.16-42.el7.x86_64.rpm
MD5: adcf76aee1be4054db3d455d3b72d927
SHA-256: 4c4755b7252e4a988e0cce1e5e61b89414164aca88d386aedaf23e4a1aff1caf
Size: 64.06 kB - php-pdo-5.4.16-42.el7.x86_64.rpm
MD5: e29a146b145fe0956b7acd225cd7c5a7
SHA-256: 885dc055c80b76c16f0eac956023456b7716d65fd492fdd2cb512da0c1767d42
Size: 97.43 kB - php-pgsql-5.4.16-42.el7.x86_64.rpm
MD5: 2cc2bf0e0395cdb05acb4671684444fb
SHA-256: 23950784faeb533a1032b12b228fc463da91fa24d5bb02fcb0de036254a745a8
Size: 84.71 kB - php-process-5.4.16-42.el7.x86_64.rpm
MD5: ee6c54bcefd198ecd3e0048e06116682
SHA-256: 5121273005086f9825bf3a52a4840e732f97733880d1dad1d995f116c1ce8c20
Size: 54.48 kB - php-recode-5.4.16-42.el7.x86_64.rpm
MD5: ff325d68f6b8a5ffe06797a104611b07
SHA-256: 0717396b9af802277d8d5d8b7f79a48f25eaf6d161ca7dd2d47c3c0453dc2263
Size: 37.13 kB - php-soap-5.4.16-42.el7.x86_64.rpm
MD5: 2fa84182fabba90a4b8bcb3ee24ad841
SHA-256: 96dcdce25378e21bc7da68e121302a1e927a0b8c4b92f246fe524cf4b210c5b4
Size: 157.29 kB - php-xml-5.4.16-42.el7.x86_64.rpm
MD5: 9b365ba50571a191f5e50a48a480fe6d
SHA-256: 201141f7ba9f7d5944a7ca8ae73eea76f2e7700be1e4b1da3f30f6131608db46
Size: 124.36 kB - php-xmlrpc-5.4.16-42.el7.x86_64.rpm
MD5: 9ff8c18df9975b8564984d5f62327bdd
SHA-256: 8f86b388080cd9370725ead59cdfa6c0b62a8e325257fad157f3e9a2bba641b7
Size: 66.68 kB
日本語