Security update for PHP5 (important)

2012-09-1300:09:06

lists.opensuse.org

EPSS

0.014

Percentile

86.6%

JSON

This update fixes CVE-2011-1398 and CVE-2011-4388 (header
injection via CR).

This update also changes the default configuration to use
FilesMatch with ‘SetHandler’ rather than ‘AddHandler’ to
protect weakly written web applications from content
confusion. Since this is a hardening measure, no CVE was
assigned.

OSVersionArchitecturePackageVersionFilename
SUSE Linux Enterprise Server11.2s390xphp53-pdo< 5.3.8-0.39.1php53-pdo-5.3.8-0.39.1.s390x.rpm
SUSE Linux Enterprise Server11.2ia64php53-xsl< 5.3.8-0.39.1php53-xsl-5.3.8-0.39.1.ia64.rpm
SUSE Linux Enterprise Software Development Kit11.2i586php53-posix< 5.3.8-0.39.1php53-posix-5.3.8-0.39.1.i586.rpm
SUSE Linux Enterprise Server for VMware11.2i586php53-pear< 5.3.8-0.39.1php53-pear-5.3.8-0.39.1.i586.rpm
SUSE Linux Enterprise Server11.2x86_64php53-fastcgi< 5.3.8-0.39.1php53-fastcgi-5.3.8-0.39.1.x86_64.rpm
SUSE Linux Enterprise Server11.2i586php53-soap< 5.3.8-0.39.1php53-soap-5.3.8-0.39.1.i586.rpm
SUSE Linux Enterprise Server for VMware11.2x86_64php53< 5.3.8-0.39.1php53-5.3.8-0.39.1.x86_64.rpm
SUSE Linux Enterprise Server11.2x86_64php53-pdo< 5.3.8-0.39.1php53-pdo-5.3.8-0.39.1.x86_64.rpm
SUSE Linux Enterprise Server11.2s390xphp53-intl< 5.3.8-0.39.1php53-intl-5.3.8-0.39.1.s390x.rpm
SUSE Linux Enterprise Server11.2ppc64php53-sysvshm< 5.3.8-0.39.1php53-sysvshm-5.3.8-0.39.1.ppc64.rpm

OS	Version	Architecture	Package	Version	Filename
SUSE Linux Enterprise Server	11.2	s390x	php53-pdo	< 5.3.8-0.39.1	php53-pdo-5.3.8-0.39.1.s390x.rpm
SUSE Linux Enterprise Server	11.2	ia64	php53-xsl	< 5.3.8-0.39.1	php53-xsl-5.3.8-0.39.1.ia64.rpm
SUSE Linux Enterprise Software Development Kit	11.2	i586	php53-posix	< 5.3.8-0.39.1	php53-posix-5.3.8-0.39.1.i586.rpm
SUSE Linux Enterprise Server for VMware	11.2	i586	php53-pear	< 5.3.8-0.39.1	php53-pear-5.3.8-0.39.1.i586.rpm
SUSE Linux Enterprise Server	11.2	x86_64	php53-fastcgi	< 5.3.8-0.39.1	php53-fastcgi-5.3.8-0.39.1.x86_64.rpm
SUSE Linux Enterprise Server	11.2	i586	php53-soap	< 5.3.8-0.39.1	php53-soap-5.3.8-0.39.1.i586.rpm
SUSE Linux Enterprise Server for VMware	11.2	x86_64	php53	< 5.3.8-0.39.1	php53-5.3.8-0.39.1.x86_64.rpm
SUSE Linux Enterprise Server	11.2	x86_64	php53-pdo	< 5.3.8-0.39.1	php53-pdo-5.3.8-0.39.1.x86_64.rpm
SUSE Linux Enterprise Server	11.2	s390x	php53-intl	< 5.3.8-0.39.1	php53-intl-5.3.8-0.39.1.s390x.rpm
SUSE Linux Enterprise Server	11.2	ppc64	php53-sysvshm	< 5.3.8-0.39.1	php53-sysvshm-5.3.8-0.39.1.ppc64.rpm