Lucene search

K
suse
SuseSUSE-SU-2012:0840-1
HistoryJul 05, 2012 - 3:08 a.m.

Security update for PHP5 (important)

2012-07-0503:08:30
lists.opensuse.org
13

0.143 Low

EPSS

Percentile

95.1%

PHP5 was updated with incremental fixes to the previous
update.

  • CVE-2012-2335: Additional unsafe cgi wrapper scripts
    are also fixed now.
  • CVE-2012-2336: Even more commandline option handling
    is filtered, which could lead to crashes of the php
    interpreter.
  • CVE-2012-2386: heap based buffer overflow in php’s
    phar extension
  • CVE-2012-2143: The crypt() implementation ignored
    wide characters, leading to shorter effective password
    lengths. Note: With this update applied affected passwords
    will no longer work and need to be set again.
How to protect your server from attacks?

0.143 Low

EPSS

Percentile

95.1%

Related for SUSE-SU-2012:0840-1