Lucene search

K
suseSuseSUSE-SU-2016:2477-1
HistoryOct 07, 2016 - 9:12 p.m.

Security update for php5 (important)

2016-10-0721:12:50
lists.opensuse.org
30

0.026 Low

EPSS

Percentile

89.2%

This update for php5 fixes the following security issues:

  • CVE-2016-7411: php5: Memory corruption when destructing deserialized
    object
  • CVE-2016-7412: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG
    in BIT field
  • CVE-2016-7413: Use after free in wddx_deserialize
  • CVE-2016-7414: Out of bounds heap read when verifying signature of zip
    phar in phar_parse_zipfile
  • CVE-2016-7416: Stack based buffer overflow in msgfmt_format_message
  • CVE-2016-7417: Missing type check when unserializing SplArray
  • CVE-2016-7418: Null pointer dereference in php_wddx_push_element

0.026 Low

EPSS

Percentile

89.2%

Related for SUSE-SU-2016:2477-1