Critical: php

Issue Overview:

Heap-based buffer overflow in the php_quot_print_encode function in ext/standard/quot_print.c in PHP before 5.3.26 and 5.4.x before 5.4.16 allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted argument to the quoted_printable_encode function.

Affected Packages:

php

Issue Correction:
Run yum update php to update your system.

New Packages:

i686:  
    php-mcrypt-5.3.26-1.0.amzn1.i686  
    php-soap-5.3.26-1.0.amzn1.i686  
    php-tidy-5.3.26-1.0.amzn1.i686  
    php-snmp-5.3.26-1.0.amzn1.i686  
    php-dba-5.3.26-1.0.amzn1.i686  
    php-mbstring-5.3.26-1.0.amzn1.i686  
    php-intl-5.3.26-1.0.amzn1.i686  
    php-xmlrpc-5.3.26-1.0.amzn1.i686  
    php-5.3.26-1.0.amzn1.i686  
    php-devel-5.3.26-1.0.amzn1.i686  
    php-bcmath-5.3.26-1.0.amzn1.i686  
    php-fpm-5.3.26-1.0.amzn1.i686  
    php-ldap-5.3.26-1.0.amzn1.i686  
    php-mysqlnd-5.3.26-1.0.amzn1.i686  
    php-embedded-5.3.26-1.0.amzn1.i686  
    php-enchant-5.3.26-1.0.amzn1.i686  
    php-mssql-5.3.26-1.0.amzn1.i686  
    php-common-5.3.26-1.0.amzn1.i686  
    php-mysql-5.3.26-1.0.amzn1.i686  
    php-debuginfo-5.3.26-1.0.amzn1.i686  
    php-cli-5.3.26-1.0.amzn1.i686  
    php-imap-5.3.26-1.0.amzn1.i686  
    php-pspell-5.3.26-1.0.amzn1.i686  
    php-pdo-5.3.26-1.0.amzn1.i686  
    php-xml-5.3.26-1.0.amzn1.i686  
    php-pgsql-5.3.26-1.0.amzn1.i686  
    php-recode-5.3.26-1.0.amzn1.i686  
    php-gd-5.3.26-1.0.amzn1.i686  
    php-odbc-5.3.26-1.0.amzn1.i686  
    php-process-5.3.26-1.0.amzn1.i686  
  
src:  
    php-5.3.26-1.0.amzn1.src  
  
x86_64:  
    php-xml-5.3.26-1.0.amzn1.x86_64  
    php-mssql-5.3.26-1.0.amzn1.x86_64  
    php-mysql-5.3.26-1.0.amzn1.x86_64  
    php-imap-5.3.26-1.0.amzn1.x86_64  
    php-mysqlnd-5.3.26-1.0.amzn1.x86_64  
    php-common-5.3.26-1.0.amzn1.x86_64  
    php-snmp-5.3.26-1.0.amzn1.x86_64  
    php-bcmath-5.3.26-1.0.amzn1.x86_64  
    php-gd-5.3.26-1.0.amzn1.x86_64  
    php-debuginfo-5.3.26-1.0.amzn1.x86_64  
    php-devel-5.3.26-1.0.amzn1.x86_64  
    php-recode-5.3.26-1.0.amzn1.x86_64  
    php-dba-5.3.26-1.0.amzn1.x86_64  
    php-mbstring-5.3.26-1.0.amzn1.x86_64  
    php-process-5.3.26-1.0.amzn1.x86_64  
    php-xmlrpc-5.3.26-1.0.amzn1.x86_64  
    php-cli-5.3.26-1.0.amzn1.x86_64  
    php-ldap-5.3.26-1.0.amzn1.x86_64  
    php-tidy-5.3.26-1.0.amzn1.x86_64  
    php-enchant-5.3.26-1.0.amzn1.x86_64  
    php-5.3.26-1.0.amzn1.x86_64  
    php-odbc-5.3.26-1.0.amzn1.x86_64  
    php-mcrypt-5.3.26-1.0.amzn1.x86_64  
    php-pgsql-5.3.26-1.0.amzn1.x86_64  
    php-soap-5.3.26-1.0.amzn1.x86_64  
    php-embedded-5.3.26-1.0.amzn1.x86_64  
    php-pspell-5.3.26-1.0.amzn1.x86_64  
    php-pdo-5.3.26-1.0.amzn1.x86_64  
    php-fpm-5.3.26-1.0.amzn1.x86_64  
    php-intl-5.3.26-1.0.amzn1.x86_64  

Additional References

Red Hat: CVE-2013-2110

Mitre: CVE-2013-2110