rh-php56-php-5.6.5-7.el7
エラータID: AXSA:2016-130:01
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
This package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP 2.4 Server.
Security issues fixed with this release:
CVE-2015-2783
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x
before 5.6.8 allows remote attackers to obtain sensitive information
from process memory or cause a denial of service (buffer over-read and
application crash) via a crafted length value in conjunction with
crafted serialized data in a phar archive, related to the
phar_parse_metadata and phar_parse_pharfile functions.
CVE-2015-3307
The phar_parse_metadata function in ext/phar/phar.c in PHP before
5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote
attackers to cause a denial of service (heap metadata corruption) or
possibly have unspecified other impact via a crafted tar archive.
CVE-2015-3329
Multiple stack-based buffer overflows in the phar_set_inode function
in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and
5.6.x before 5.6.8 allow remote attackers to execute arbitrary code
via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
CVE-2015-3330
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP
before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the
Apache HTTP Server 2.4.x is used, allows remote attackers to cause a
denial of service (application crash) or possibly execute arbitrary
code via pipelined HTTP requests that result in a "deconfigured
interpreter."
CVE-2015-3411
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-3412
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4021
The phar_parse_tarfile function in ext/phar/tar.c in PHP before
5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify
that the first character of a filename is different from the \0
character, which allows remote attackers to cause a denial of service
(integer underflow and memory corruption) via a crafted entry in a tar
archive.
CVE-2015-4022
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP
before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows
remote FTP servers to execute arbitrary code via a long reply to a
LIST command, leading to a heap-based buffer overflow.
CVE-2015-4024
Algorithmic complexity vulnerability in the multipart_buffer_headers
function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25,
and 5.6.x before 5.6.9 allows remote attackers to cause a denial of
service (CPU consumption) via crafted form data that triggers an
improper order-of-growth outcome.
CVE-2015-4025
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9
truncates a pathname upon encountering a \x00 character in certain
situations, which allows remote attackers to bypass intended extension
restrictions and access files or directories with unexpected names via
a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or
(4) readlink. NOTE: this vulnerability exists because of an incomplete
fix for CVE-2006-7243.
CVE-2015-4026
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before
5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering
a \x00 character, which might allow remote attackers to bypass
intended extension restrictions and execute files with unexpected
names via a crafted first argument. NOTE: this vulnerability exists
because of an incomplete fix for CVE-2006-7243.
CVE-2015-4598
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4602
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4603
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4604
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4605
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4643
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
CVE-2015-4644
** RESERVED **
This candidate has been reserved by an organization or individual that
will use it when announcing a new security problem. When the
candidate has been publicized, the details for this candidate will be
provided.
Update packages.
ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to obtain sensitive information from process memory or cause a denial of service (buffer over-read and application crash) via a crafted length value in conjunction with crafted serialized data in a phar archive, related to the phar_parse_metadata and phar_parse_pharfile functions.
The phar_parse_metadata function in ext/phar/phar.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (heap metadata corruption) or possibly have unspecified other impact via a crafted tar archive.
Multiple stack-based buffer overflows in the phar_set_inode function in phar_internal.h in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allow remote attackers to execute arbitrary code via a crafted length value in a (1) tar, (2) phar, or (3) ZIP archive.
The php_handler function in sapi/apache2handler/sapi_apache2.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, when the Apache HTTP Server 2.4.x is used, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via pipelined HTTP requests that result in a "deconfigured interpreter."
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument load method, (2) the xmlwriter_open_uri function, (3) the finfo_file function, or (4) the hash_hmac_file function, as demonstrated by a filename\0.xml attack that bypasses an intended configuration in which client users may read only .xml files.
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the stream_resolve_include_path function in ext/standard/streamsfuncs.c, as demonstrated by a filename\0.extension attack that bypasses an intended configuration in which client users may read files with only one specific extension.
The phar_parse_tarfile function in ext/phar/tar.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 does not verify that the first character of a filename is different from the \0 character, which allows remote attackers to cause a denial of service (integer underflow and memory corruption) via a crafted entry in a tar archive.
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow.
Algorithmic complexity vulnerability in the multipart_buffer_headers function in main/rfc1867.c in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 allows remote attackers to cause a denial of service (CPU consumption) via crafted form data that triggers an improper order-of-growth outcome.
PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character in certain situations, which allows remote attackers to bypass intended extension restrictions and access files or directories with unexpected names via a crafted argument to (1) set_include_path, (2) tempnam, (3) rmdir, or (4) readlink. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
The pcntl_exec implementation in PHP before 5.4.41, 5.5.x before 5.5.25, and 5.6.x before 5.6.9 truncates a pathname upon encountering a \x00 character, which might allow remote attackers to bypass intended extension restrictions and execute files with unexpected names via a crafted first argument. NOTE: this vulnerability exists because of an incomplete fix for CVE-2006-7243.
PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read or write to arbitrary files via crafted input to an application that calls (1) a DOMDocument save method or (2) the GD imagepsloadfont function, as demonstrated by a filename\0.html attack that bypasses an intended configuration in which client users may write to only .html files.
The __PHP_Incomplete_Class function in ext/standard/incomplete_class.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
The exception::getTraceAsString function in Zend/zend_exceptions.c in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 allows remote attackers to execute arbitrary code via an unexpected data type, related to a "type confusion" issue.
The mget function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly maintain a certain pointer relationship, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
The mcopy function in softmagic.c in file 5.x, as used in the Fileinfo component in PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8, does not properly restrict a certain offset value, which allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted string that is mishandled by a "Python script text executable" rule.
Integer overflow in the ftp_genlist function in ext/ftp/ftp.c in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 allows remote FTP servers to execute arbitrary code via a long reply to a LIST command, leading to a heap-based buffer overflow. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-4022.
The php_pgsql_meta_data function in pgsql.c in the PostgreSQL (aka pgsql) extension in PHP before 5.4.42, 5.5.x before 5.5.26, and 5.6.x before 5.6.10 does not validate token extraction for table names, which might allow remote attackers to cause a denial of service (NULL pointer dereference and application crash) via a crafted name. NOTE: this vulnerability exists because of an incomplete fix for CVE-2015-1352.
N/A
SRPMS
- rh-php56-php-5.6.5-7.el7.src.rpm
MD5: 3f01fe4e0c888160f3fa24bee99913e2
SHA-256: a12ba4fcda0e3e50d9052a61338cb6d1496b54e1fcdcacc18d919d1e0aca6826
Size: 10.98 MB
Asianux Server 7 for x86_64
- rh-php56-php-5.6.5-7.el7.x86_64.rpm
MD5: 94687c55a320c66d09c9900ea2bdc294
SHA-256: 5f9e216a0ced6edaeb1591643744646073892aa707232cbe9f748c059c5e4899
Size: 1.29 MB - rh-php56-php-bcmath-5.6.5-7.el7.x86_64.rpm
MD5: 66ee4bc2636a390e799f13d861236272
SHA-256: 0d90b92be9b72b20afdde7ba3c79c6a725bfa233428ed3dd22633d8070062ea1
Size: 57.13 kB - rh-php56-php-cli-5.6.5-7.el7.x86_64.rpm
MD5: 3ae87c2e60334ed8ceb8c1b565c8ba78
SHA-256: bdcdb22ec560290b3dc3b4abf3debef633fc4c2f633a99d098f077c12cde8449
Size: 2.62 MB - rh-php56-php-common-5.6.5-7.el7.x86_64.rpm
MD5: eaedae33e9d65c16bc15f2eb09c36cde
SHA-256: b13c61ebd80963c9a20523641644e8d1687079cad1b5412a98c1db164a5deb24
Size: 727.78 kB - rh-php56-php-dba-5.6.5-7.el7.x86_64.rpm
MD5: a1fbdd84e1e8709665fb4460f626e643
SHA-256: 23f95ea3d8816bb0ece797bcd35bf252a7bf5b9478ee2652c43c2e3bed51857b
Size: 55.75 kB - rh-php56-php-dbg-5.6.5-7.el7.x86_64.rpm
MD5: dd8ebdffbdd2c6c3c800e7a7fd78cd94
SHA-256: 873aa0c2fab003f07b6fdeb5821dc0b0466550e974f7a4f72e18ddc801b59a6d
Size: 1.35 MB - rh-php56-php-devel-5.6.5-7.el7.x86_64.rpm
MD5: b71d661728c84a554597befe440be60a
SHA-256: 08e9477a96920e7946f47066b0d080ee5b45eaa96077c78fae01a2be060650e4
Size: 625.10 kB - rh-php56-php-embedded-5.6.5-7.el7.x86_64.rpm
MD5: 418ba21843f78fcae549c376118abde8
SHA-256: d73644634fc7566b9690049c9063abc1e5898c5095deab03b86152a61cb5f84c
Size: 1.28 MB - rh-php56-php-enchant-5.6.5-7.el7.x86_64.rpm
MD5: 3d73d6ccd1cd7eee8e97af3c678ac2d3
SHA-256: 9acf202ad00dc95c74c06af600dbc9d7802069f01ec57d643a5614c11cd2e14a
Size: 41.86 kB - rh-php56-php-fpm-5.6.5-7.el7.x86_64.rpm
MD5: 0a81159fdc98499e336d8955923a954d
SHA-256: a4fd1e14923423642216e7536226daabb12a8005dc9ac1c8ed990ed53affa628
Size: 1.36 MB - rh-php56-php-gd-5.6.5-7.el7.x86_64.rpm
MD5: d4f7ed0f2f59341280aff68bcd3a8c00
SHA-256: 4695ab6e3c1a5ede4d97d423e2dedf0e349e9fb3613c6983751f9167ca2fc07e
Size: 154.83 kB - rh-php56-php-gmp-5.6.5-7.el7.x86_64.rpm
MD5: 6cfdb141963db8ffdbe0e37eb12c61fd
SHA-256: 9f8a07d6b117238e8414db6817afc40730f113773b8537e211fd00cceda2da9b
Size: 53.84 kB - rh-php56-php-intl-5.6.5-7.el7.x86_64.rpm
MD5: 157620c4c184cae5afb015508337393f
SHA-256: b54042fcc187d4de2aa519115d679e4d19eb408fecc41ab32bcb855523e44c31
Size: 147.24 kB - rh-php56-php-ldap-5.6.5-7.el7.x86_64.rpm
MD5: 7e8420edea0152c68831358a89b507dd
SHA-256: 538365925507cb3fa73be8f073f9cf6e2b9ed781642dc341ba2c9994af8a210e
Size: 54.48 kB - rh-php56-php-mbstring-5.6.5-7.el7.x86_64.rpm
MD5: aab5d40f2967da3a4eb3c8bd782a9d2b
SHA-256: 734aac42b65370f7faaaedd758da3a8db5551f2cd5222103092ceaad3455e300
Size: 516.42 kB - rh-php56-php-mysqlnd-5.6.5-7.el7.x86_64.rpm
MD5: e58814dc841f25ce2917cf932944b16d
SHA-256: 5cbcc7da24c100cd38270e19c058aa1a0167402285fc31fe2ee0c7c0c4521ba3
Size: 1.20 MB - rh-php56-php-odbc-5.6.5-7.el7.x86_64.rpm
MD5: 8339a2c33f9c4c7df3e790c6aa548607
SHA-256: 906cdbbdfde985666bbd04579a8845fe5b7e1c92493a3c153f2b7cbbe6d19117
Size: 65.30 kB - rh-php56-php-opcache-5.6.5-7.el7.x86_64.rpm
MD5: 655a29404c549a8a5a3d4369e8d7986f
SHA-256: 52f895ada3e6449c8be9e7be4d9629dd274bdd8b038d00229e96c5731b219e87
Size: 98.44 kB - rh-php56-php-pdo-5.6.5-7.el7.x86_64.rpm
MD5: eb4f9b6472895eee0e61ff595f03f12b
SHA-256: a2a7f860ecafc45842d5259afef80b254c4d1625d3fdc71b157e02ce69e28e78
Size: 98.32 kB - rh-php56-php-pgsql-5.6.5-7.el7.x86_64.rpm
MD5: 9ff28ee563e2b8515a78f187b47ca25a
SHA-256: faeb942e13f18be1662104e91ae6537d349add9d0d124819e29a71d61d25ce86
Size: 91.98 kB - rh-php56-php-process-5.6.5-7.el7.x86_64.rpm
MD5: c29de12025238b2b87a2541ce233a25c
SHA-256: e3eb35c030a52fce08060b97505d462542346f002fad2343b3fd9cafab7e4b93
Size: 59.29 kB - rh-php56-php-pspell-5.6.5-7.el7.x86_64.rpm
MD5: c684a3e323194f830f5450503c4d5cac
SHA-256: f5b85a595f39a7d97088a27ec1f2825d8aa50466204b840673d74a623d846df8
Size: 41.07 kB - rh-php56-php-recode-5.6.5-7.el7.x86_64.rpm
MD5: abd6178f46b0bc8ed005b89da1df7ef3
SHA-256: 5981a7f6b69d96a2ab2bc589468b2b08296a0e85a6a1765f2cee8f754c52714a
Size: 37.99 kB - rh-php56-php-snmp-5.6.5-7.el7.x86_64.rpm
MD5: 1b07130eb386df192b3cb2ad5b6a32f5
SHA-256: 73e7f8d8426777e307f74dd4041a25534ef9e2c04f6a998feb1c64d3ccb9bd1a
Size: 52.48 kB - rh-php56-php-soap-5.6.5-7.el7.x86_64.rpm
MD5: a70a94de35f0480b8016b8cde14f5a30
SHA-256: 8872db7655091efdb7232c7e7059fd0026dca5ec564d7fd430841c650bf26935
Size: 159.03 kB - rh-php56-php-xml-5.6.5-7.el7.x86_64.rpm
MD5: 23a810506e9c794741795cb670292cce
SHA-256: 15d25d3c838a717f7151dd1f6bf7bd7bad44821a1e453908731c48c354a3d468
Size: 159.19 kB - rh-php56-php-xmlrpc-5.6.5-7.el7.x86_64.rpm
MD5: e6405a643260c8a0cc74776f9203d0fc
SHA-256: 8964cbf9a65a3784cfe46ae9b15476dad5bd567c55c69fcd2427cf515504c91e
Size: 67.47 kB