Fedora 20 : php-5.5.24-1.fc20 (2015-6399)

16 Apr 2015, PHP 5.5.24 Apache2handler : - Fixed bug 69218 potential remote code execution with apache 2.4 apache2handler. Gerrit Venema Core : - Fixed bug 66609 php crashes with get and ++ operator in some cases. Dmitry, Laruence - Fixed bug 67626 User exceptions not properly handled in streams...

Fedora 21 : php-5.6.8-1.fc21 (2015-6407)

16 Apr 2015, PHP 5.6.8 Core : - Fixed bug 66609 php crashes with get and ++ operator in some cases. Dmitry, Laruence - Fixed bug 68021 getbrowser browsernameregex returns non-utf-8 characters. Tjerk - Fixed bug 68917 parseurl fails on some partial urls. Wei Dai - Fixed bug 69134 Per Directory...

Amazon Linux AMI : php55 (ALAS-2015-510)

A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. CVE-2015-1351 A NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pginsert or pgselect could...

php: multiple issues

CVE-2015-1351 denial of service Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors. - CVE-2015-1352 denial of service The...

Low: php56

Issue Overview: A use-after-free flaw was found in PHP's OPcache extension. This flaw could possibly lead to a disclosure of portion of server memory. CVE-2015-1351 A NULL pointer dereference flaw was found in PHP's pgsql extension. A specially crafted table name passed to function as pginsert or...

Fedora 20 : php-5.5.23-1.fc20 (2015-4216)

19 Mar 2015, PHP 5.5.23 Core : - Fixed bug 69174 leaks when unused inner class use traits precedence. Laruence - Fixed bug 69139 Crash in gczvalpossibleroot on unserialize. Laruence - Fixed bug 69121 Segfault in getcurrentuser when script owner is not in passwd with ZTS build. dan at syneto dot n...

Fedora 21 : php-5.6.7-1.fc21 (2015-4236)

19 Mar 2015, PHP 5.6.7 Core : - Fixed bug 69174 leaks when unused inner class use traits precedence. Laruence - Fixed bug 69139 Crash in gczvalpossibleroot on unserialize. Laruence - Fixed bug 69121 Segfault in getcurrentuser when script owner is not in passwd with ZTS build. dan at syneto dot ne...

CVE-2015-1351

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Design/Logic Flaw

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2015-1351

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

EUVD-2015-1490

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

Mandriva Linux Security Advisory : php (MDVSA-2015:079)

Multiple vulnerabilities has been discovered and corrected in php : S. Paraschoudis discovered that PHP incorrectly handled memory in the enchant binding. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code...

Fedora 22 : php-5.6.7-2.fc22 (2015-4255)

19 Mar 2015, PHP 5.6.7 Core : - Fixed bug 69174 leaks when unused inner class use traits precedence. Laruence - Fixed bug 69139 Crash in gczvalpossibleroot on unserialize. Laruence - Fixed bug 69121 Segfault in getcurrentuser when script owner is not in passwd with ZTS build. dan at syneto dot ne...

MGASA-2015-0090 Updated php packages fix security vulnerabilities

Updated php packages fix security vulnerabilities: It was discovered that the PHP opcache component incorrectly handled memory. A remote attacker could possibly use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code CVE-2015-1351. It was...

Ubuntu 14.04 LTS : PHP vulnerabilities (USN-2501-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2501-1 advisory. Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a...

USN-2501-1 php5 vulnerabilities

Stefan Esser discovered that PHP incorrectly handled unserializing objects. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2014-8142, CVE-2015-0231 Brian Carpenter discovered that the PHP CGI component...

Fedora 20 : php-5.5.21-1.fc20 (2015-1101)

22 Jan 2014, PHP 5.5.21 Core : - Upgraded cryptblowfish to version 1.3. Leigh - Fixed bug 60704 unlink bug with some files path. - Fixed bug 65419 Inside trait, self::class != CLASS. Julien - Fixed bug 65576 Constructor from trait conflicts with inherited constructor. dunglas at gmail dot com -...

UBUNTU-CVE-2015-1351

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

CVE-2015-1351

Use-after-free vulnerability in the zendsharedmemdup function in zendsharedalloc.c in the OPcache extension in PHP through 5.6.7 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors...

PHP '/ext/opcache/zend_shared_alloc.c' Memory Misreference Denial of Service Vulnerability

PHP is a popular programming language. A memory misreference denial of service vulnerability exists in PHP '/ext/opcache/zendsharedalloc.c', which allows attackers to exploit the vulnerability to submit a special request and crash the application...