php -- multiple vulnerabilities

2016-07-21T00:00:00
ID B6402385-533B-11E6-A7BD-14DAE9D210B8
Type freebsd
Reporter FreeBSD
Modified 2016-07-21T00:00:00

Description

PHP reports:

Fixed bug #69975 (PHP segfaults when accessing nvarchar(max) defined columns) Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()). Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access). Fixed bug #72519 (imagegif/output out-of-bounds access). Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener). Fixed bug #72533 (locale_accept_from_http out-of-bounds access). Fixed bug #72541 (size_t overflow lead to heap corruption). Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic). Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()). Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications). Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE). Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c). Fixed bug #72613 (Inadequate error handling in bzread()). Fixed bug #72618 (NULL Pointer Dereference in exif_process_user_comment).