php-5.4.16-43.el7
エラータID: AXSA:2017-2413:01
リリース日:
2017/11/27 Monday - 12:23
題名:
php-5.4.16-43.el7
影響のあるチャネル:
Asianux Server 7 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- libgd の gd_gd2.c の gdImageCreateFromGd2Ctx 関数には,
巧妙に細工されたイメージファイルによって,リモートの攻撃者が
サービス拒否 (アプリケーションのクラッシュ) を引き起こす脆弱
性があります。(CVE-2016-10167)
- libgd の gd_io.c には整数オーバーフローが存在し,イメージ中
の水平,垂直チャンクの数によって,リモートの攻撃者が詳細不明な
影響を与える脆弱性があります。(CVE-2016-10168)
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2016-10167
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
The gdImageCreateFromGd2Ctx function in gd_gd2.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted image file.
CVE-2016-10168
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.
追加情報:
N/A
ダウンロード:
SRPMS
- php-5.4.16-43.el7.src.rpm
MD5: f4c0484b72b95f16e4369283337b6826
SHA-256: a63f097b4540018ed0aeded5e16f18d1de4cc910f40b5af764dfb965ede87e90
Size: 11.40 MB
Asianux Server 7 for x86_64
- php-5.4.16-43.el7.x86_64.rpm
MD5: 738bae7f1ccfac2b6125e216fd2d6d58
SHA-256: 0cbb4400e73a34ea0a78d5f2da7d8a3fa9fd9dd120d5ba402a4e67c788a3a9bd
Size: 1.35 MB - php-bcmath-5.4.16-43.el7.x86_64.rpm
MD5: 6492076193068ef891268a66369d5933
SHA-256: b9a1d39db2c3245614a6336286cd5b8283b31295be1d82d541d451c88c9806b7
Size: 56.39 kB - php-cli-5.4.16-43.el7.x86_64.rpm
MD5: 6a57b2c28ade6c330c02ce1eb0b66ffc
SHA-256: 300f2cb910d6eaf80960464369607c6bb9635384cc36977b8c326764a9d1c8da
Size: 2.74 MB - php-common-5.4.16-43.el7.x86_64.rpm
MD5: b6b2326f4be05f9d47174d794101e583
SHA-256: 3c3b04bdf49bfbbc2497c351364f5e5c803e3a5692e6c20ae66917b2277a5fd0
Size: 563.59 kB - php-gd-5.4.16-43.el7.x86_64.rpm
MD5: 5b070d5c8d029a4a2fcca9ce321a78ea
SHA-256: 280266349467828427c9c9f69e419c4c3aa982b8404674c524f8af93efcf8f63
Size: 126.13 kB - php-ldap-5.4.16-43.el7.x86_64.rpm
MD5: cb4fece2f57b9b8e8f7f25966a0e3383
SHA-256: 9f5c2995a14ba9ee7a50dde960831645d1e1bc8f38767409e61ca7404518d4db
Size: 51.33 kB - php-mbstring-5.4.16-43.el7.x86_64.rpm
MD5: 62fb6012945a34bd4540ba25adedd74d
SHA-256: 09430a5160fc31a76020a6d623ea0b28171e1dda0c17632de18e810a6803947b
Size: 503.79 kB - php-mysql-5.4.16-43.el7.x86_64.rpm
MD5: 16006b92211d2ff17eb96d91f6557fc3
SHA-256: c6387a0384cc654804dc42fb199ce06020eb8f627b1bdc021593a2043b82d9ab
Size: 99.98 kB - php-odbc-5.4.16-43.el7.x86_64.rpm
MD5: 6822ae80326e90c88ada5a7542fb0191
SHA-256: 1914d66b3c2c353c5b1a0a18cfac61ff8ea9df45868f3a18d97c918af374dd7c
Size: 64.23 kB - php-pdo-5.4.16-43.el7.x86_64.rpm
MD5: 687e66730c7594d9a4c4c8e27db7c8d2
SHA-256: 0cd886224de58ca1f25e28e9a06ef0adf4c0c7743989383090bff7342bc6eebf
Size: 97.60 kB - php-pgsql-5.4.16-43.el7.x86_64.rpm
MD5: c19ee0285e3c2d54b8ab0384b457a19c
SHA-256: e7aba995485731efd2eaa099dd9bd4de56afaee3582d62a0a66c61e4515d307b
Size: 84.87 kB - php-process-5.4.16-43.el7.x86_64.rpm
MD5: d661a089013bbd4fd936ee757a608dc9
SHA-256: 8dc52c3dfbe2b90ef44cdc287d1b927bb7460f44ccb7f8db2860060d989d8747
Size: 54.64 kB - php-recode-5.4.16-43.el7.x86_64.rpm
MD5: 7efdfc0acd8bc8a6bc53f5834437e2e4
SHA-256: 9562d09c3a35577aef4cb595da936ec499da5c77bb666710c5412b339e8b3906
Size: 37.30 kB - php-soap-5.4.16-43.el7.x86_64.rpm
MD5: 9236c9d64545a64bd4344e2f6228a675
SHA-256: 9e847dd0ba57415f23d4df8271f4c1db5111a21eb0ef9c8c266bc4e3cfe5ae54
Size: 157.46 kB - php-xml-5.4.16-43.el7.x86_64.rpm
MD5: a37c4cccce4964c72974bd78475bab4f
SHA-256: 0f9bfc63a65f0a74d1974ff957e11e9d75c7a34ec45a134652b9c79a56ebdd52
Size: 124.52 kB - php-xmlrpc-5.4.16-43.el7.x86_64.rpm
MD5: c694f178d5e4e98725433696caae1357
SHA-256: 8eb62b56bf785be2e97f36b7efa82bf6f01841b1f2977bf1feea81cd33ac4e9e
Size: 66.86 kB