Lucene search
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.CENTOS_RHSA-2014-1326.NASLHistoryOct 01, 2014 - 12:00 a.m.
CentOS 5 / 6 : php / php53 (CESA-2014:1326)
2014-10-0100:00:00
This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
19
Updated php53 and php packages that fix multiple security issues are now available for Red Hat Enterprise Linux 5 and 6 respectively.
Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System (CVSS) base scores, which give detailed severity ratings, are available for each vulnerability from the CVE links in the References section.
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. PHP’s fileinfo module provides functions used to identify a particular file according to the type of data contained by the file.
It was found that the fix for CVE-2012-1571 was incomplete; the File Information (fileinfo) extension did not correctly parse certain Composite Document Format (CDF) files. A remote attacker could use this flaw to crash a PHP application using fileinfo via a specially crafted CDF file. (CVE-2014-3587)
A NULL pointer dereference flaw was found in the gdImageCreateFromXpm() function of PHP’s gd extension. A remote attacker could use this flaw to crash a PHP application using gd via a specially crafted X PixMap (XPM) file. (CVE-2014-2497)
Multiple buffer over-read flaws were found in the php_parserr() function of PHP. A malicious DNS server or a man-in-the-middle attacker could possibly use this flaw to execute arbitrary code as the PHP interpreter if a PHP application used the dns_get_record() function to perform a DNS query. (CVE-2014-3597)
Two use-after-free flaws were found in the way PHP handled certain Standard PHP Library (SPL) Iterators and ArrayIterators. A malicious script author could possibly use either of these flaws to disclose certain portions of server memory. (CVE-2014-4670, CVE-2014-4698)
The CVE-2014-3597 issue was discovered by David Kutalek of the Red Hat BaseOS QE.
All php53 and php users are advised to upgrade to these updated packages, which contain backported patches to correct these issues.
After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Red Hat Security Advisory RHSA-2014:1326 and
# CentOS Errata and Security Advisory 2014:1326 respectively.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(77995);
script_version("1.14");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/04");
script_cve_id("CVE-2014-2497", "CVE-2014-3587", "CVE-2014-3597", "CVE-2014-4670", "CVE-2014-4698");
script_bugtraq_id(66233, 68511, 68513, 69322, 69325);
script_xref(name:"RHSA", value:"2014:1326");
script_name(english:"CentOS 5 / 6 : php / php53 (CESA-2014:1326)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote CentOS host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"Updated php53 and php packages that fix multiple security issues are
now available for Red Hat Enterprise Linux 5 and 6 respectively.
Red Hat Product Security has rated this update as having Moderate
security impact. Common Vulnerability Scoring System (CVSS) base
scores, which give detailed severity ratings, are available for each
vulnerability from the CVE links in the References section.
PHP is an HTML-embedded scripting language commonly used with the
Apache HTTP Server. PHP's fileinfo module provides functions used to
identify a particular file according to the type of data contained by
the file.
It was found that the fix for CVE-2012-1571 was incomplete; the File
Information (fileinfo) extension did not correctly parse certain
Composite Document Format (CDF) files. A remote attacker could use
this flaw to crash a PHP application using fileinfo via a specially
crafted CDF file. (CVE-2014-3587)
A NULL pointer dereference flaw was found in the
gdImageCreateFromXpm() function of PHP's gd extension. A remote
attacker could use this flaw to crash a PHP application using gd via a
specially crafted X PixMap (XPM) file. (CVE-2014-2497)
Multiple buffer over-read flaws were found in the php_parserr()
function of PHP. A malicious DNS server or a man-in-the-middle
attacker could possibly use this flaw to execute arbitrary code as the
PHP interpreter if a PHP application used the dns_get_record()
function to perform a DNS query. (CVE-2014-3597)
Two use-after-free flaws were found in the way PHP handled certain
Standard PHP Library (SPL) Iterators and ArrayIterators. A malicious
script author could possibly use either of these flaws to disclose
certain portions of server memory. (CVE-2014-4670, CVE-2014-4698)
The CVE-2014-3597 issue was discovered by David Kutalek of the Red Hat
BaseOS QE.
All php53 and php users are advised to upgrade to these updated
packages, which contain backported patches to correct these issues.
After installing the updated packages, the httpd daemon must be
restarted for the update to take effect."
);
# https://lists.centos.org/pipermail/centos-announce/2014-September/020602.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?63450a0c"
);
# https://lists.centos.org/pipermail/centos-announce/2014-September/020654.html
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?3b6a38da"
);
script_set_attribute(
attribute:"solution",
value:"Update the affected php and / or php53 packages."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2014-3597");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-bcmath");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-dba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-embedded");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-enchant");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-fpm");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-imap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-intl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-mbstring");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-pdo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-process");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-pspell");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-recode");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-soap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-tidy");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-xml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-xmlrpc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php-zts");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-bcmath");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-cli");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-dba");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-gd");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-imap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-intl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-ldap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-mbstring");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-odbc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-pdo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-pgsql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-process");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-pspell");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-snmp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-soap");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-xml");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:centos:centos:php53-xmlrpc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:5");
script_set_attribute(attribute:"cpe", value:"cpe:/o:centos:centos:6");
script_set_attribute(attribute:"vuln_publication_date", value:"2014/03/21");
script_set_attribute(attribute:"patch_publication_date", value:"2014/09/30");
script_set_attribute(attribute:"plugin_publication_date", value:"2014/10/01");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2014-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"CentOS Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/CentOS/release", "Host/CentOS/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/CentOS/release");
if (isnull(release) || "CentOS" >!< release) audit(AUDIT_OS_NOT, "CentOS");
os_ver = pregmatch(pattern: "CentOS(?: Linux)? release ([0-9]+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "CentOS");
os_ver = os_ver[1];
if (! preg(pattern:"^(5|6)([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "CentOS 5.x / 6.x", "CentOS " + os_ver);
if (!get_kb_item("Host/CentOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "CentOS", cpu);
flag = 0;
if (rpm_check(release:"CentOS-5", reference:"php53-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-bcmath-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-cli-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-common-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-dba-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-devel-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-gd-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-imap-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-intl-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-ldap-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-mbstring-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-mysql-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-odbc-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-pdo-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-pgsql-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-process-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-pspell-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-snmp-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-soap-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-xml-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-5", reference:"php53-xmlrpc-5.3.3-24.el5")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-bcmath-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-cli-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-common-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-dba-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-devel-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-embedded-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-enchant-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-fpm-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-gd-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-imap-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-intl-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-ldap-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-mbstring-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-mysql-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-odbc-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-pdo-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-pgsql-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-process-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-pspell-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-recode-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-snmp-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-soap-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-tidy-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-xml-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-xmlrpc-5.3.3-27.el6_5.2")) flag++;
if (rpm_check(release:"CentOS-6", reference:"php-zts-5.3.3-27.el6_5.2")) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "php / php-bcmath / php-cli / php-common / php-dba / php-devel / etc");
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| centos | centos | php | p-cpe:/a:centos:centos:php |
| centos | centos | php-bcmath | p-cpe:/a:centos:centos:php-bcmath |
| centos | centos | php-cli | p-cpe:/a:centos:centos:php-cli |
| centos | centos | php-common | p-cpe:/a:centos:centos:php-common |
| centos | centos | php-dba | p-cpe:/a:centos:centos:php-dba |
| centos | centos | php-xml | p-cpe:/a:centos:centos:php-xml |
| centos | centos | php-xmlrpc | p-cpe:/a:centos:centos:php-xmlrpc |
| centos | centos | php-zts | p-cpe:/a:centos:centos:php-zts |
| centos | centos | php53 | p-cpe:/a:centos:centos:php53 |
| centos | centos | php53-bcmath | p-cpe:/a:centos:centos:php53-bcmath |
References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2497
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3587
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4670
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4698
www.nessus.org/u?3b6a38da
www.nessus.org/u?63450a0c
Related
redhat
redhat
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
openvas
openvas
CentOS Update for php53 CESA-2014:1326 centos5
2014-10-01 00:00:00
CentOS Update for php CESA-2014:1326 centos6
2014-10-01 00:00:00
RedHat Update for php53 and php RHSA-2014:1326-01
2014-10-01 00:00:00
centos
centos
php, php53 security update
2014-09-30 10:27:47
php security update
2014-09-30 10:59:18
nessus
nessus
RHEL 5 / 6 : php53 and php (RHSA-2014:1326)
2014-09-30 00:00:00
Scientific Linux Security Update : php53 and php on SL5.x, SL6.x i386/x86_64 (20140930)
2014-10-14 00:00:00
Oracle Linux 5 / 6 : php / php53 (ELSA-2014-1326)
2014-10-01 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
file security, bug fix, and enhancement update
2016-05-12 00:00:00
slackware
slackware
[slackware-security] php
2014-09-04 22:00:56
f5
f5
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K16875 : file vulnerability CVE-2012-1571
2015-07-02 00:00:00
amazon
amazon
Medium: php55
2014-09-18 21:03:00
Medium: file
2014-09-03 14:38:00
kaspersky
kaspersky
KLA10290 DoS vulnerability in PHP
2014-07-10 00:00:00
securityvulns
securityvulns
[USN-2344-1] PHP vulnerabilities
2014-09-15 00:00:00
file utility memory corruption
2014-09-03 00:00:00
PHP security vulnerabilities
2014-09-15 00:00:00
kitploit
kitploit
Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities
2019-05-21 21:17:00
ubuntucve
ubuntucve
cvelist
cvelist
ubuntu
ubuntu
PHP vulnerabilities
2014-09-10 00:00:00
file vulnerability
2014-10-03 00:00:00
file vulnerabilities
2014-02-26 00:00:00
cve
cve
prion
prion
Integer overflow
2014-08-23 01:55:00
Design/Logic Flaw
2014-07-10 11:06:00
Design/Logic Flaw
2014-07-10 11:06:00
debiancve
debiancve
mageia
mageia
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
Updated php packages fix security vulnerabilities
2014-08-08 15:23:49
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
debian
debian
[SECURITY] [DLA 67-1] php5 security update
2014-09-30 07:46:52
[SECURITY] [DSA 3008-2] php5 regression update
2014-08-21 12:39:59
[SECURITY] [DSA 3008-1] php5 security update
2014-08-21 06:22:21
osv
osv
php5 - security update
2014-09-30 00:00:00
php5 - security update
2014-08-21 00:00:00
libgd2 - security update
2015-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: php-5.5.16-1.fc20
2014-09-02 06:40:37
[SECURITY] Fedora 19 Update: php-5.5.16-1.fc19
2014-09-02 06:47:45
[SECURITY] Fedora 20 Update: gd-2.1.0-6.fc20
2014-08-15 02:31:57
veracode
veracode
Arbitrary Code Execution
2019-05-02 05:04:21
Arbitrary Code Execution
2019-05-02 05:04:21
Arbitrary Code Execution
2019-05-02 05:04:19
seebug
seebug
PHP "gdImageCreateFromXpm()"空指针间接引用漏洞
2014-03-19 00:00:00
php-gd 'gdxpm.c'空指针拒绝服务漏洞
2014-03-17 00:00:00
checkpoint_advisories
checkpoint_advisories
PHP Fileinfo cdf_read_property_info Denial of Service (CVE-2014-3587)
2014-10-26 00:00:00
gentoo
gentoo
file: Denial of service
2012-09-26 00:00:00
GD: Multiple vulnerabilities
2016-07-16 00:00:00
hackerone
hackerone
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20
Security update for PHP5 (important)
2014-07-07 19:04:42
Security update for php53 (important)
2014-07-04 01:04:18
Related for CENTOS_RHSA-2014-1326.NASL