[El-errata] ELSA-2014-1326 Moderate: Oracle Linux 5 php53 and php security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Sep 30 12:14:49 PDT 2014


Oracle Linux Security Advisory ELSA-2014-1326

https://rhn.redhat.com/errata/RHSA-2014-1326.html

The following updated rpms for Oracle Linux 5 have been uploaded to the 
Unbreakable Linux Network:

i386:
php53-5.3.3-24.el5.i386.rpm
php53-bcmath-5.3.3-24.el5.i386.rpm
php53-cli-5.3.3-24.el5.i386.rpm
php53-common-5.3.3-24.el5.i386.rpm
php53-dba-5.3.3-24.el5.i386.rpm
php53-devel-5.3.3-24.el5.i386.rpm
php53-gd-5.3.3-24.el5.i386.rpm
php53-imap-5.3.3-24.el5.i386.rpm
php53-intl-5.3.3-24.el5.i386.rpm
php53-ldap-5.3.3-24.el5.i386.rpm
php53-mbstring-5.3.3-24.el5.i386.rpm
php53-mysql-5.3.3-24.el5.i386.rpm
php53-odbc-5.3.3-24.el5.i386.rpm
php53-pdo-5.3.3-24.el5.i386.rpm
php53-pgsql-5.3.3-24.el5.i386.rpm
php53-process-5.3.3-24.el5.i386.rpm
php53-pspell-5.3.3-24.el5.i386.rpm
php53-snmp-5.3.3-24.el5.i386.rpm
php53-soap-5.3.3-24.el5.i386.rpm
php53-xml-5.3.3-24.el5.i386.rpm
php53-xmlrpc-5.3.3-24.el5.i386.rpm

x86_64:
php53-5.3.3-24.el5.x86_64.rpm
php53-bcmath-5.3.3-24.el5.x86_64.rpm
php53-cli-5.3.3-24.el5.x86_64.rpm
php53-common-5.3.3-24.el5.x86_64.rpm
php53-dba-5.3.3-24.el5.x86_64.rpm
php53-devel-5.3.3-24.el5.x86_64.rpm
php53-gd-5.3.3-24.el5.x86_64.rpm
php53-imap-5.3.3-24.el5.x86_64.rpm
php53-intl-5.3.3-24.el5.x86_64.rpm
php53-ldap-5.3.3-24.el5.x86_64.rpm
php53-mbstring-5.3.3-24.el5.x86_64.rpm
php53-mysql-5.3.3-24.el5.x86_64.rpm
php53-odbc-5.3.3-24.el5.x86_64.rpm
php53-pdo-5.3.3-24.el5.x86_64.rpm
php53-pgsql-5.3.3-24.el5.x86_64.rpm
php53-process-5.3.3-24.el5.x86_64.rpm
php53-pspell-5.3.3-24.el5.x86_64.rpm
php53-snmp-5.3.3-24.el5.x86_64.rpm
php53-soap-5.3.3-24.el5.x86_64.rpm
php53-xml-5.3.3-24.el5.x86_64.rpm
php53-xmlrpc-5.3.3-24.el5.x86_64.rpm

ia64:
php53-5.3.3-24.el5.ia64.rpm
php53-bcmath-5.3.3-24.el5.ia64.rpm
php53-cli-5.3.3-24.el5.ia64.rpm
php53-common-5.3.3-24.el5.ia64.rpm
php53-dba-5.3.3-24.el5.ia64.rpm
php53-devel-5.3.3-24.el5.ia64.rpm
php53-gd-5.3.3-24.el5.ia64.rpm
php53-imap-5.3.3-24.el5.ia64.rpm
php53-intl-5.3.3-24.el5.ia64.rpm
php53-ldap-5.3.3-24.el5.ia64.rpm
php53-mbstring-5.3.3-24.el5.ia64.rpm
php53-mysql-5.3.3-24.el5.ia64.rpm
php53-odbc-5.3.3-24.el5.ia64.rpm
php53-pdo-5.3.3-24.el5.ia64.rpm
php53-pgsql-5.3.3-24.el5.ia64.rpm
php53-process-5.3.3-24.el5.ia64.rpm
php53-pspell-5.3.3-24.el5.ia64.rpm
php53-snmp-5.3.3-24.el5.ia64.rpm
php53-soap-5.3.3-24.el5.ia64.rpm
php53-xml-5.3.3-24.el5.ia64.rpm
php53-xmlrpc-5.3.3-24.el5.ia64.rpm


SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/php53-5.3.3-24.el5.src.rpm



Description of changes:

[5.3.3-24]
- spl: fix use-after-free in ArrayIterator due to object
   change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- gd: fix NULL pointer dereference in gdImageCreateFromXpm.
   CVE-2014-2497
- fileinfo: fix incomplete fix for CVE-2012-1571 in
   cdf_read_property_info. CVE-2014-3587
- core: fix incomplete fix for CVE-2014-4049 DNS TXT
   record parsing. CVE-2014-3597





More information about the El-errata mailing list