Univention Bugzilla – Bug 37666
php5: Multiple issues (ES 3.1)
Last modified: 2015-08-17 14:57:50 CEST
Predictable cache file when using the pear tool allows local denial of service (CVE-2014-5459) Denial of service issues in the ELF parser of the filemagic extensions (CVE-2014-8116, CVE-2014-8117) Memory corruption in processing EXIF tags (CVE-2015-0232)
Remote code execution due to use after free vulnerability in unserialize() of the DateTimeZone implementation (CVE-2015-0273) Denial of Service due to use after free in phar_object.c (CVE-2015-2301)
Heap overflow vulnerability in regcomp.c (CVE-2015-2305) ZIP Integer Overflow leads to writing past heap boundary (CVE-2015-2331)
New issues: * Buffer Over-read in unserialize when parsing Phar (CVE-2015-2783) * Bypass of extension restrictions in move_uploaded_file, creation of files with unexpected names by remote attacker (CVE-2015-2348) * Remote code execution with apache 2.4 apache2handler (CVE-2015-3330) * Use-after-free vulnerability in the process_nested_data function allows execution of arbitrary code by remote attackers (CVE-2015-2787) * Buffer Overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329)
New status summary: Fixed in upstream Debian package version 5.3.3.1-7+squeeze26: CVE-2014-8117 CVE-2015-0232 CVE-2014-9652 CVE-2015-2301 CVE-2014-9705 CVE-2015-2331 CVE-2015-2783 CVE-2015-3330 CVE-2015-2787 CVE-2015-3329 Not affected by: CVE-2014-8116 These issues have been classified as "Minor issue" in Debian: CVE-2014-5459 Currently still unfixed: CVE-2015-0273 CVE-2015-2305 CVE-2015-2348
Please import the current LTS version and split off the remaining issues.
(In reply to Arvid Requate from comment #4) > New status summary: > > Fixed in upstream Debian package version 5.3.3.1-7+squeeze26: > CVE-2014-9652 → Not affected > Currently still unfixed: > CVE-2015-0273 → Fixed in upstream Debian package version 5.3.3.1-7+squeeze26
New status summary: Fixed in upstream Debian package version 5.3.3.1-7+squeeze26: CVE-2014-8117 CVE-2015-0232 CVE-2015-0273 CVE-2015-2301 CVE-2014-9705 CVE-2015-2331 CVE-2015-2783 CVE-2015-3330 CVE-2015-2787 CVE-2015-3329 Not affected by: CVE-2014-8116 CVE-2014-9652 These issues have been classified as "Minor issue" in Debian: CVE-2014-5459 Currently still unfixed: CVE-2015-2305 CVE-2015-2348 5.3.3.1-7+squeeze26 imported. Tests (i386): OK
Created attachment 6918 [details] php5-extsec3.1.txt The advisory is missing and there are a lot more issues fixed by this update in relation to the version in errata3.1-1, see attached excerpt of the Debian changelog. E.g. this fixes Bug #34255 and issues that have already been fixed in errata3.2-x. Verified: (amd64) * squeeze-lts version is imported and built * buildsystem patches have been migrated * Imported version is installable, horde still works.
Created attachment 6919 [details] advisory
(In reply to Arvid Requate from comment #5) > Please […] split off the remaining issues. → Bug #38590
(In reply to Janek Walkenhorst from comment #6) > (In reply to Arvid Requate from comment #4) > > New status summary: > > > > Fixed in upstream Debian package version 5.3.3.1-7+squeeze26: > > CVE-2014-9652 > → Not affected > > > Currently still unfixed: > > CVE-2015-0273 > → Fixed in upstream Debian package version 5.3.3.1-7+squeeze26 This was confused with CVE-2014-0237 which is fixed, CVE-2015-0273 is still unfixed.
SKIP: CVE-2014-5459 minor SKIP: CVE-2014-8116 not afftected FIXED: CVE-2014-8117 FIXED: CVE-2015-0232 UNFIXED: CVE-2015-0273 → Bug #38590 FIXED: CVE-2015-2301 UNFIXED: CVE-2015-2305 → Bug #38590 FIXED: CVE-2015-2783 UNFIXED: CVE-2015-2348 → Bug #38590 FIXED: CVE-2015-3330 FIXED: CVE-2015-2787 FIXED: CVE-2015-3329 FIXED: CVE-2014-9705 FIXED: CVE-2015-2331 OK: attachment 6919 [details]
Released