Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
slackwareSlackware Linux ProjectSSA-2016-347-03
HistoryDec 12, 2016 - 11:11 p.m.

[slackware-security] php

2016-12-1223:11:02
Slackware Linux Project
www.slackware.com
18

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.136 Low

EPSS

Percentile

95.5%

JSON

New php packages are available for Slackware 14.0, 14.1, 14.2, and -current to
fix security issues.

Here are the details from the Slackware 14.2 ChangeLog:

patches/packages/php-5.6.29-i586-1_slack14.2.txz: Upgraded.
This release fixes bugs and security issues.
For more information, see:
https://php.net/ChangeLog-5.php#5.6.29
https://vulners.com/cve/CVE-2016-9933
https://vulners.com/cve/CVE-2016-9934
https://vulners.com/cve/CVE-2016-9935
(* Security fix *)

Where to find the new packages:

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)

Also see the “Get Slack” section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.29-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.29-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.29-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.29-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.29-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.29-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.29-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.29-x86_64-1.txz

MD5 signatures:

Slackware 14.0 package:
3b1bcd9a49f51a1c53b6d78fac417e4c php-5.6.29-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
f8cf25305c8da567de0d27ba50dc70eb php-5.6.29-x86_64-1_slack14.0.txz

Slackware 14.1 package:
b2d17fad7d12e9164f647fad58a9e6d8 php-5.6.29-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
d8af82b42e32c6cdaf2796b99bb1dcdb php-5.6.29-x86_64-1_slack14.1.txz

Slackware 14.2 package:
7e58a0bd4fb49042c070bf93bd86e7fa php-5.6.29-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
d1c5f9f1fb9fa184797d7764a57190e8 php-5.6.29-x86_64-1_slack14.2.txz

Slackware -current package:
3d5500cbe78434ba2689c9299a93dc59 n/php-5.6.29-i586-1.txz

Slackware x86_64 -current package:
669059915290232877a19f43a76ee6c6 n/php-5.6.29-x86_64-1.txz

Installation instructions:

Upgrade the package as root:
> upgradepkg php-5.6.29-i586-1_slack14.2.txz

Then, restart Apache httpd:
> /etc/rc.d/rc.httpd stop
> /etc/rc.d/rc.httpd start

Related

nessus 43
openvas 35
amazon 2
mageia 1
ibm 1
debian 8
kaspersky 2
prion 3
cve 3
osv 6
debiancve 3
ubuntucve 3
veracode 4
redhatcve 2
freebsd 1
archlinux 1
ubuntu 4
cloudfoundry 2
apple 4
gentoo 1
redhat 1
fortinet 1
rosalinux 1
nessus
nessus
openSUSE Security Update : php5 (openSUSE-2016-1505)
2016-12-27 00:00:00
openSUSE Security Update : php5 (openSUSE-2017-308)
2017-03-07 00:00:00
SUSE SLES12 Security Update : php5 (SUSE-SU-2017:0038-1)
2019-01-02 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2017:0038-1)
2021-06-09 00:00:00
Slackware: Security Advisory (SSA:2016-347-03)
2022-04-21 00:00:00
SUSE: Security Advisory (SUSE-SU-2017:0017-1)
2021-06-09 00:00:00
amazon
amazon
Medium: php56
2017-01-26 18:00:00
Medium: php70
2017-01-26 18:00:00
mageia
mageia
Updated php packages fix security vulnerability
2016-12-23 00:41:01
ibm
ibm
Security Bulletin: IBM Flex System Manager (FSM) is affected by php5 vulnerabilities (CVE-2016-9933, CVE-2016-9935)
2018-06-18 01:35:18
debian
debian
[SECURITY] [DSA 3732-1] php5 security update
2016-12-13 10:11:46
[SECURITY] [DSA 3732-1] php5 security update
2016-12-13 10:11:46
[SECURITY] [DSA 3751-1] libgd2 security update
2017-01-01 17:12:19
kaspersky
kaspersky
KLA10927 Denial of service vulnerabilities in PHP
2017-01-04 00:00:00
KLA10930 Denial of service vulnerability in PHP
2017-01-04 00:00:00
prion
prion
Stack overflow
2017-01-04 20:59:00
Null pointer dereference
2017-01-04 20:59:00
Out-of-bounds
2017-01-04 20:59:00
cve
cve
CVE-2016-9933
2017-01-04 20:59:00
CVE-2016-9934
2017-01-04 20:59:00
CVE-2016-9935
2017-01-04 20:59:00
osv
osv
CVE-2016-9933
2017-01-04 20:59:00
CVE-2016-9934
2017-01-04 20:59:00
libgd2 - security update
2017-01-01 00:00:00
debiancve
debiancve
CVE-2016-9934
2017-01-04 20:59:00
CVE-2016-9933
2017-01-04 20:59:00
CVE-2016-9935
2017-01-04 20:59:00
ubuntucve
ubuntucve
CVE-2016-9934
2017-01-04 00:00:00
CVE-2016-9933
2017-01-04 00:00:00
CVE-2016-9935
2017-01-04 00:00:00
veracode
veracode
Denial Of Service (DoS) Through Memory Corruption
2019-05-16 02:59:58
Null Pointer Dereference
2019-05-16 02:59:58
Out-Of-Bounds Read
2019-05-16 02:59:58
redhatcve
redhatcve
CVE-2016-9933
2016-12-14 14:17:37
CVE-2016-9935
2016-12-14 14:17:24
freebsd
freebsd
PHP -- multiple vulnerabilities
2016-12-08 00:00:00
archlinux
archlinux
[ASA-201701-28] php: multiple issues
2017-01-19 00:00:00
ubuntu
ubuntu
PHP vulnerabilities
2017-02-14 00:00:00
GD library vulnerabilities
2017-02-28 00:00:00
PHP vulnerabilities
2017-02-23 00:00:00
cloudfoundry
cloudfoundry
Multiple PHP vulnerabilities | Cloud Foundry
2017-03-17 00:00:00
USN-3213-1: GD library vulnerabilities | Cloud Foundry
2017-03-31 00:00:00
apple
apple
About the security content of macOS Sierra 10.12.3
2017-01-23 00:00:00
About the security content of macOS Sierra 10.12.3 - Apple Support
2017-03-28 11:17:25
About the security content of macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite
2017-03-27 00:00:00
gentoo
gentoo
PHP: Multiple vulnerabilities
2017-02-21 00:00:00
redhat
redhat
(RHSA-2018:1296) Moderate: rh-php70-php security, bug fix, and enhancement update
2018-05-03 03:21:11
fortinet
fortinet
LibGD security advisory [18 January 2017]
2017-07-26 00:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1950
2021-07-02 17:57:45

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.136 Low

EPSS

Percentile

95.5%

JSON
Related for SSA-2016-347-03
nessus43openvas35amazon2mageia1ibm1debian8kaspersky2prion3cve3osv6debiancve3ubuntucve3veracode4redhatcve2freebsd1archlinux1ubuntu4cloudfoundry2apple4gentoo1redhat1fortinet1rosalinux1