Download
| Alert*
oval:org.secpod.oval:def:2102311
In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension"s timelib_meridian handling of "front of" and "back of" directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c ou ... oval:org.secpod.oval:def:76684 In PHP before 5.6.32, 7.x before 7.0.25, and 7.1.x before 7.1.11, an error in the date extension's timelib_meridian handling of 'front of' and 'back of' directives could be used by attackers able to supply date strings to leak information from the interpreter, related to ext/date/lib/parse_date.c ou ... oval:org.secpod.oval:def:89002133 This update for php53 fixes the following issues: Security issues fixed: - CVE-2017-16642: Fix timelib_meridian error that could be used to leak information from the interpreter . - CVE-2017-9228: Fix heap out-of-bounds write that occurs in bitset_set_range during regex compilation . - CVE-2017-9229 ... oval:org.secpod.oval:def:53225 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11144 Denial of service in openssl extension due to incorrect return value check of OpenSSL sealing function CVE-2017-11145 Out-of-bounds read in wddx_deserialize CVE-2017-11628 Buffer o ... oval:org.secpod.oval:def:52913 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:603231 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11142 Denial of service via overly long form variables CVE-2017-11143 Invalid free in wddx_deserialize CVE-2017-11144 Denial of service in openssl extension due to incorrect return value ... oval:org.secpod.oval:def:603230 Several vulnerabilities were found in PHP, a widely-used open source general purpose scripting language: CVE-2017-11144 Denial of service in openssl extension due to incorrect return value check of OpenSSL sealing function CVE-2017-11145 Out-of-bounds read in wddx_deserialize CVE-2017-11628 Buffer o ... oval:org.secpod.oval:def:703979 php5: HTML-embedded scripting language interpreter Several security issues were fixed in PHP. oval:org.secpod.oval:def:505023 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php71-php . Security Fix: * gd: Unsigned integer underflow _gdContributionsAlloc * php: Out of bounds access in php_pcre.c:php_pcre_replac ... oval:org.secpod.oval:def:504906 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. The following packages have been upgraded to a later upstream version: rh-php70-php . Security Fix: * php: Heap overflow in mysqlnd when not receiving UNSIGNED_FLAG in BIT field * php: Use after free in wddx_dese ... |