php54-php security update

2016-02-04T00:00:00
ID ELSA-2015-1219
Type oraclelinux
Reporter Oracle
Modified 2016-02-04T00:00:00

Description

[5.4.40-3] - fix more functions accept paths with NUL character #1213407 [5.4.40-2] - core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024 - fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026 - ftp: fix integer overflow leading to heap overflow when reading FTP file listing CVE-2015-4022 - phar: fix memory corruption in phar_parse_tarfile caused by empty entry file name CVE-2015-4021 - pgsql: fix NULL pointer dereference CVE-2015-1352