5 matches found
Denial Of Service (DoS)
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The php54 packages provide a recent stable release of PHP with the PEAR 1.9.4, APC 3.1.15, and memcache 3.0.8 PECL extensions, and a number of additional utilities. The php54 packages have been upgraded to...
CVE-2015-3412
PHP before 5.4.40, 5.5.x before 5.5.24, and 5.6.x before 5.6.8 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to read arbitrary files via crafted input to an application that calls the streamresolveincludepath function in ext/standard/streamsfuncs.c, as...
Internet Bug Bounty: Use after free with assign by ref to overloaded objects
Reported: 2015-07-15 16:30 UTC Fixed: 2015-07-21 14:20 UTC Bug Report: https://bugs.php.net/bug.php?id=70083 Fixed in PHP 5.6: http://git.php.net/?p=php-src.git;a=commitdiff;h=f57cb13c566613eec0e1c2f6d96d18565436a9b7 Fixed in 7:...
php54 security and bug fix update
php54 2.0-1 - fix incorrect selinux contexts 1194332 php54-php 5.4.40-1 - rebase to PHP 5.4.40 for various security fix 1209887 5.4.37-1 - rebase to PHP 5.4.37 5.4.36-1 - rebase to PHP 5.4.36 1168193 - fix package name in description - php-fpm own session dir php54-php-pecl-zendopcache 7.0.4-3 -...
FreeBSD : Several vulnerabilities found in PHP (1e232a0c-eb57-11e4-b595-4061861086c1)
The PHP project reports : The PHP development team announces the immediate availability of PHP 5.4.40. 14 security-related bugs were fixed in this release, including CVE-2014-9709, CVE-2015-2301, CVE-2015-2783, CVE-2015-1352. All PHP 5.4 users are encouraged to upgrade to this version. The PHP...