Lucene search

K
osvGoogleOSV:DLA-94-1
HistoryNov 25, 2014 - 12:00 a.m.

php5 - security update

2014-11-2500:00:00
Google
osv.dev
30

EPSS

0.935

Percentile

99.2%

  • CVE-2014-3668
    Fix bug #68027 - fix date parsing in XMLRPC lib
  • CVE-2014-3669
    Fix bug #68044: Integer overflow in unserialize() (32-bits only)
  • CVE-2014-3670
    Fix bug #68113 (Heap corruption in exif_thumbnail())
  • CVE-2014-3710
    Fix bug #68283: fileinfo: out-of-bounds read in elf note headers

Additional bugfix

Fix null byte handling in LDAP bindings in ldap-fix.patch

For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze23