Lucene search

K
osvGoogleOSV:DSA-1940-1
HistoryNov 25, 2009 - 12:00 a.m.

php5 - multiple issues

2009-11-2500:00:00
Google
osv.dev
43

EPSS

0.018

Percentile

88.4%

Several remote vulnerabilities have been discovered in the PHP 5
hypertext preprocessor. The Common Vulnerabilities and Exposures
project identifies the following problems:

The following issues have been fixed in both the stable (lenny)
and the oldstable (etch) distributions:

  • CVE-2009-2687
    CVE-2009-3292
    The exif module did not properly handle malformed jpeg files,
    allowing an attacker to cause a segfault, resulting in a denial
    of service.
  • CVE-2009-3291
    The php_openssl_apply_verification_policy() function did not
    properly perform certificate validation.
  • No CVE id yet

Bogdan Calin discovered that a remote attacker could cause a denial
of service by uploading a large number of files in using multipart/
form-data requests, causing the creation of a large number of
temporary files.

To address this issue, the max_file_uploads option introduced in PHP
5.3.1 has been backported. This option limits the maximum number of
files uploaded per request. The default value for this new option is
50. See NEWS.Debian for more information.

The following issue has been fixed in the stable (lenny) distribution:

  • CVE-2009-2626
    A flaw in the ini_restore() function could lead to a memory
    disclosure, possibly leading to the disclosure of sensitive data.

In the oldstable (etch) distribution, this update also fixes a regression
introduced by the fix for
CVE-2008-5658
in DSA-1789-1 (bug #527560).

For the stable distribution (lenny), these problems have been fixed in
version 5.2.6.dfsg.1-1+lenny4.

The oldstable distribution (etch), these problems have been fixed in
version 5.2.0+dfsg-8+etch16.

For the testing distribution (squeeze) and the unstable distribution
(sid), these problems will be fixed in version 5.2.11.dfsg.1-2.

We recommend that you upgrade your php5 packages.