Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2014-247-01
HistorySep 04, 2014 - 10:00 p.m.

[slackware-security] php

2014-09-0422:00:56
Slackware Linux Project
www.slackware.com
36

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.08 Low

EPSS

Percentile

94.3%

JSON

New php packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
and -current to fix security issues.

Here are the details from the Slackware 14.1 ChangeLog:

patches/packages/php-5.4.32-i486-1_slack14.1.txz: Upgraded.
This update fixes bugs and security issues.
For more information, see:
https://vulners.com/cve/CVE-2014-2497
https://vulners.com/cve/CVE-2014-3538
https://vulners.com/cve/CVE-2014-3587
https://vulners.com/cve/CVE-2014-3597
https://vulners.com/cve/CVE-2014-4670
https://vulners.com/cve/CVE-2014-4698
https://vulners.com/cve/CVE-2014-5120
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the β€œGet Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/php-5.3.29-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/php-5.3.29-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/php-5.3.29-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/php-5.3.29-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/php-5.3.29-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/php-5.3.29-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.32-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.32-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.32-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.32-x86_64-1_slack14.1.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.32-i486-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.32-x86_64-1.txz

MD5 signatures:

Slackware 13.0 package:
3e1fd13039dff552ec1f2c0e36ce6690 php-5.3.29-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
0277c500c1fee8c8fedb27ecc7f6f72d php-5.3.29-x86_64-1_slack13.0.txz

Slackware 13.1 package:
44b2d357e3cd96860538ed089d8a2543 php-5.3.29-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
6e81137a8f032d88b419b1e5147281dd php-5.3.29-x86_64-1_slack13.1.txz

Slackware 13.37 package:
e09260a202e5c5b7eb89ffbe23f7c48e php-5.3.29-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
8689f526c10fb85f5c7dbd7f3293326f php-5.3.29-x86_64-1_slack13.37.txz

Slackware 14.0 package:
b8f8fdbf63e00cbf53e330b0b8b6a305 php-5.4.32-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
ee12ffa350439f4d6a0a70cd800a7350 php-5.4.32-x86_64-1_slack14.0.txz

Slackware 14.1 package:
0f2ae6105dfa0eccce1a0fd86cfc8cf1 php-5.4.32-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
77c9789aaac4ac6a31b8aa96b2f00508 php-5.4.32-x86_64-1_slack14.1.txz

Slackware -current package:
ad6363263ba4f488d764ac2271a5b00f n/php-5.4.32-i486-1.txz

Slackware x86_64 -current package:
097ea5fa4e16ba7b8a301c8e0a089c16 n/php-5.4.32-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg php-5.4.32-i486-1_slack14.1.txz

Then, restart Apache httpd:
> /etc/rc.d/rc.httpd stop
> /etc/rc.d/rc.httpd start

Related

openvas 38
nessus 46
redhat 5
centos 3
f5 2
securityvulns 10
oraclelinux 3
osv 6
debian 10
amazon 2
mageia 5
kaspersky 1
kitploit 1
ubuntu 3
fedora 5
veracode 10
prion 7
cve 8
ubuntucve 8
debiancve 4
cvelist 7
nvd 7
checkpoint_advisories 2
seebug 2
hackerone 1
ibm 2
suse 1
openvas
openvas
Slackware: Security Advisory (SSA:2014-247-01)
2022-04-21 00:00:00
CentOS Update for php CESA-2014:1327 centos7
2014-10-01 00:00:00
RedHat Update for php RHSA-2014:1327-01
2014-10-01 00:00:00
nessus
nessus
Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : php (SSA:2014-247-01)
2014-09-05 00:00:00
PHP 5.4.x < 5.4.32 / 5.5.x < 5.5.16 Multiple Vulnerabilities
2014-08-28 00:00:00
PHP 5.4.x < 5.4.32 Multiple Vulnerabilities
2014-08-27 00:00:00
redhat
redhat
(RHSA-2014:1327) Moderate: php security update
2014-09-30 00:00:00
(RHSA-2014:1326) Moderate: php53 and php security update
2014-09-30 00:00:00
(RHSA-2014:1766) Important: php55-php security update
2014-10-30 00:00:00
centos
centos
php security update
2014-09-30 10:59:18
php, php53 security update
2014-09-30 10:27:47
file, python security update
2016-05-16 10:13:44
f5
f5
SOL15761 - Multiple PHP 5.x vulnerabilities
2014-10-30 00:00:00
K15761 : Multiple PHP 5.x vulnerabilities
2015-09-17 00:00:00
securityvulns
securityvulns
PHP security vulnerabilities
2014-09-15 00:00:00
[USN-2344-1] PHP vulnerabilities
2014-09-15 00:00:00
libgd / PHP DoS
2014-07-22 00:00:00
oraclelinux
oraclelinux
php53 and php security update
2014-09-30 00:00:00
php security update
2014-09-30 00:00:00
file security, bug fix, and enhancement update
2016-05-12 00:00:00
osv
osv
php5 - security update
2014-09-30 00:00:00
php5 - security update
2014-08-21 00:00:00
file - security update
2014-09-10 00:00:00
debian
debian
[SECURITY] [DLA 67-1] php5 security update
2014-09-30 07:41:52
[SECURITY] [DSA 3008-2] php5 regression update
2014-08-21 12:39:59
[SECURITY] [DSA 3008-1] php5 security update
2014-08-21 06:22:21
amazon
amazon
Medium: php55
2014-09-18 21:03:00
Medium: file
2014-09-03 14:38:00
mageia
mageia
Updated php packages fix security vulnerabilities
2014-08-08 15:23:49
Updated php packages fix multiple security vulnerabilities
2014-09-05 13:07:37
Updated gd and libgd packages fix security vulnerability
2014-07-09 02:44:55
kaspersky
kaspersky
KLA10290 DoS vulnerability in PHP
2014-07-10 00:00:00
kitploit
kitploit
Versionscan - A PHP Version Scanner For Reporting Possible Vulnerabilities
2019-05-21 21:17:00
ubuntu
ubuntu
PHP vulnerabilities
2014-09-10 00:00:00
file vulnerability
2014-10-03 00:00:00
PHP vulnerabilities
2014-07-09 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: php-5.5.16-1.fc20
2014-09-02 06:40:37
[SECURITY] Fedora 19 Update: php-5.5.16-1.fc19
2014-09-02 06:47:45
[SECURITY] Fedora 20 Update: gd-2.1.0-8.fc20
2015-01-20 21:03:19
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:04:16
Denial Of Service (DoS)
2019-05-02 05:04:17
Denial Of Service (DoS)
2019-05-02 05:04:17
prion
prion
Code injection
2014-08-23 01:55:00
Design/Logic Flaw
2014-07-10 11:06:00
Design/Logic Flaw
2014-07-10 11:06:00
cve
cve
CVE-2014-4698
2014-07-10 11:06:29
CVE-2014-5120
2014-08-23 01:55:02
CVE-2014-4670
2014-07-10 11:06:28
ubuntucve
ubuntucve
CVE-2014-5120
2014-08-23 00:00:00
CVE-2014-4698
2014-07-04 00:00:00
CVE-2014-4670
2014-07-04 00:00:00
debiancve
debiancve
CVE-2014-5120
2014-08-23 01:55:02
CVE-2014-2497
2014-03-21 14:55:12
CVE-2014-3538
2014-07-03 14:55:07
cvelist
cvelist
CVE-2014-4698
2014-07-10 10:00:00
CVE-2014-5120
2014-08-23 01:00:00
CVE-2014-4670
2014-07-10 10:00:00
nvd
nvd
CVE-2014-4698
2014-07-10 11:06:29
CVE-2014-5120
2014-08-23 01:55:02
CVE-2014-4670
2014-07-10 11:06:28
checkpoint_advisories
checkpoint_advisories
PHP Fileinfo cdf_read_property_info Denial of Service (CVE-2014-3587)
2014-10-26 00:00:00
PHP Fileinfo cdf_read_property_info Denial of Service - ver 2 (CVE-2014-3587)
2014-11-12 00:00:00
seebug
seebug
php-gd 'gdxpm.c'η©ΊζŒ‡ι’ˆζ‹’η»ζœεŠ‘ζΌζ΄ž
2014-03-17 00:00:00
PHP &quot;gdImageCreateFromXpm()&quot;η©ΊζŒ‡ι’ˆι—΄ζŽ₯εΌ•η”¨ζΌζ΄ž
2014-03-19 00:00:00
hackerone
hackerone
Gratipay: PHP 5.4.45 is Outdated and Full of Preformance Interupting Arbitrary Code Execution Bugs
2016-04-16 22:49:59
ibm
ibm
Security Bulletin: Multiple vulnerabilities in file affect IBM Security Network Protection
2018-06-16 21:43:49
Security Bulletin: File vulnerabilities affect IBM SmartClound Entry
2020-07-19 00:49:12
suse
suse
Security update for PHP5 (important)
2014-07-04 00:04:20

6.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.08 Low

EPSS

Percentile

94.3%

JSON
Related for SSA-2014-247-01
openvas38nessus46redhat5centos3f52securityvulns10oraclelinux3osv6debian10amazon2mageia5kaspersky1kitploit1ubuntu3fedora5veracode10prion7cve8ubuntucve8debiancve4cvelist7nvd7checkpoint_advisories2seebug2hackerone1ibm2suse1