FEDORA-2016-ec372bddb9 created by remi 3 years ago for Fedora 24
stable

23 Jun 2016, PHP 5.6.23

Core:

  • Fixed bug #72275 (Integer Overflow in json_encode()/json_decode()/json_utf8_to_utf16()). (Stas)
  • Fixed bug #72400 (Integer Overflow in addcslashes/addslashes). (Stas)
  • Fixed bug #72403 (Integer Overflow in Length of String-typed ZVAL). (Stas)

GD:

  • Fixed bug #72298 (pass2_no_dither out-of-bounds access). (Stas)
  • Fixed bug #72337 (invalid dimensions can lead to crash) (Pierre)
  • Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow). (Pierre)
  • Fixed bug #72407 (NULL Pointer Dereference at _gdScaleVert). (Stas)
  • Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow). (Pierre)

Intl:

  • Fixed bug #70484 (selectordinal doesn't work with named parameters). (Anatol)

mbstring:

  • Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (Stas)

mcrypt:

  • Fixed bug #72455 (Heap Overflow due to integer overflows). (Stas)

Phar:

  • Fixed bug #72321 (invalid free in phar_extract_file()). (hji at dyntopia dot com)

SPL:

  • Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (Stas)
  • Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and unserialize). (Dmitry)

OpenSSL:

  • Fixed bug #72140 (segfault after calling ERR_free_strings()). (Jakub Zelenka)

WDDX:

  • Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (Stas)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-ec372bddb9

This update has been submitted for testing by remi.

3 years ago

This update has been pushed to testing.

3 years ago

remi edited this update.

3 years ago
User Icon gnat commented & provided feedback 3 years ago
karma

Seems to work for me - I ran a number of phpunit tests on projects we have. But didn't specifically test any of the CVE's

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

3 years ago

This update has been submitted for stable by remi.

3 years ago

This update has been pushed to stable.

3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1351068 CVE-2016-5766 php: Integer Overflow in _gd2GetHeader() resulting in heap overflow
0
0
BZ#1351069 CVE-2016-5767 php: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow
0
0
BZ#1351070 CVE-2016-5769 php: Integer Overflows in mcrypt_generic() and mdecrypt_generic() resulting in heap overflows
0
0
BZ#1351168 CVE-2016-5768 php: Double free in _php_mb_regex_ereg_replace_exec
0
0
BZ#1351171 CVE-2016-5770 php: Int/size_t confusion in SplFileObject::fread
0
0
BZ#1351173 CVE-2016-5771 php: Use After Free Vulnerability in PHP's GC algorithm and unserialize
0
0
BZ#1351175 CVE-2016-5772 php: Double Free Corruption in wddx_deserialize
0
0
BZ#1351180 CVE-2016-5766 CVE-2016-5767 CVE-2016-5768 CVE-2016-5769 CVE-2016-5770 CVE-2016-5771 CVE-2016-5772 CVE-2016-5773 php: various flaws [fedora-all]
0
0

Automated Test Results