[El-errata] ELSA-2014-1012 Moderate: Oracle Linux 5 php53 and php security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Aug 6 10:02:15 PDT 2014
Oracle Linux Security Advisory ELSA-2014-1012
https://rhn.redhat.com/errata/RHSA-2014-1012.html
The following updated rpms for Oracle Linux 5 have been uploaded to the
Unbreakable Linux Network:
i386:
php53-5.3.3-23.el5_10.i386.rpm
php53-bcmath-5.3.3-23.el5_10.i386.rpm
php53-cli-5.3.3-23.el5_10.i386.rpm
php53-common-5.3.3-23.el5_10.i386.rpm
php53-dba-5.3.3-23.el5_10.i386.rpm
php53-devel-5.3.3-23.el5_10.i386.rpm
php53-gd-5.3.3-23.el5_10.i386.rpm
php53-imap-5.3.3-23.el5_10.i386.rpm
php53-intl-5.3.3-23.el5_10.i386.rpm
php53-ldap-5.3.3-23.el5_10.i386.rpm
php53-mbstring-5.3.3-23.el5_10.i386.rpm
php53-mysql-5.3.3-23.el5_10.i386.rpm
php53-odbc-5.3.3-23.el5_10.i386.rpm
php53-pdo-5.3.3-23.el5_10.i386.rpm
php53-pgsql-5.3.3-23.el5_10.i386.rpm
php53-process-5.3.3-23.el5_10.i386.rpm
php53-pspell-5.3.3-23.el5_10.i386.rpm
php53-snmp-5.3.3-23.el5_10.i386.rpm
php53-soap-5.3.3-23.el5_10.i386.rpm
php53-xml-5.3.3-23.el5_10.i386.rpm
php53-xmlrpc-5.3.3-23.el5_10.i386.rpm
x86_64:
php53-5.3.3-23.el5_10.x86_64.rpm
php53-bcmath-5.3.3-23.el5_10.x86_64.rpm
php53-cli-5.3.3-23.el5_10.x86_64.rpm
php53-common-5.3.3-23.el5_10.x86_64.rpm
php53-dba-5.3.3-23.el5_10.x86_64.rpm
php53-devel-5.3.3-23.el5_10.x86_64.rpm
php53-gd-5.3.3-23.el5_10.x86_64.rpm
php53-imap-5.3.3-23.el5_10.x86_64.rpm
php53-intl-5.3.3-23.el5_10.x86_64.rpm
php53-ldap-5.3.3-23.el5_10.x86_64.rpm
php53-mbstring-5.3.3-23.el5_10.x86_64.rpm
php53-mysql-5.3.3-23.el5_10.x86_64.rpm
php53-odbc-5.3.3-23.el5_10.x86_64.rpm
php53-pdo-5.3.3-23.el5_10.x86_64.rpm
php53-pgsql-5.3.3-23.el5_10.x86_64.rpm
php53-process-5.3.3-23.el5_10.x86_64.rpm
php53-pspell-5.3.3-23.el5_10.x86_64.rpm
php53-snmp-5.3.3-23.el5_10.x86_64.rpm
php53-soap-5.3.3-23.el5_10.x86_64.rpm
php53-xml-5.3.3-23.el5_10.x86_64.rpm
php53-xmlrpc-5.3.3-23.el5_10.x86_64.rpm
ia64:
php53-5.3.3-23.el5_10.ia64.rpm
php53-bcmath-5.3.3-23.el5_10.ia64.rpm
php53-cli-5.3.3-23.el5_10.ia64.rpm
php53-common-5.3.3-23.el5_10.ia64.rpm
php53-dba-5.3.3-23.el5_10.ia64.rpm
php53-devel-5.3.3-23.el5_10.ia64.rpm
php53-gd-5.3.3-23.el5_10.ia64.rpm
php53-imap-5.3.3-23.el5_10.ia64.rpm
php53-intl-5.3.3-23.el5_10.ia64.rpm
php53-ldap-5.3.3-23.el5_10.ia64.rpm
php53-mbstring-5.3.3-23.el5_10.ia64.rpm
php53-mysql-5.3.3-23.el5_10.ia64.rpm
php53-odbc-5.3.3-23.el5_10.ia64.rpm
php53-pdo-5.3.3-23.el5_10.ia64.rpm
php53-pgsql-5.3.3-23.el5_10.ia64.rpm
php53-process-5.3.3-23.el5_10.ia64.rpm
php53-pspell-5.3.3-23.el5_10.ia64.rpm
php53-snmp-5.3.3-23.el5_10.ia64.rpm
php53-soap-5.3.3-23.el5_10.ia64.rpm
php53-xml-5.3.3-23.el5_10.ia64.rpm
php53-xmlrpc-5.3.3-23.el5_10.ia64.rpm
SRPMS:
http://oss.oracle.com/ol5/SRPMS-updates/php53-5.3.3-23.el5_10.src.rpm
Description of changes:
[5.3.3-23]
- core: type confusion issue in phpinfo(). CVE-2014-4721
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
- core: fix heap-based buffer overflow in DNS TXT record parsing.
CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type
confusion flaw. CVE-2014-3515
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
- fileinfo: unrestricted recursion in handling of indirect type
rules. CVE-2014-1943
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480
- fileinfo: cdf_unpack_summary_info() excessive looping
DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite
loop. CVE-2014-0238
More information about the El-errata
mailing list