Debian Security Advisory

DLA-145-1 php5 -- LTS security update

Date Reported:
31 Jan 2015
Affected Packages:
php5
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2014-0237, CVE-2014-0238, CVE-2014-2270, CVE-2014-8117.
More information:

Brief introduction

  • CVE-2014-0237

    The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.

  • CVE-2014-0238

    The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.

  • CVE-2014-2270

    softmagic.c in file before 5.17 and libmagic allows context dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.

  • CVE-2014-8117

    - Stop reporting bad capabilities after the first few. - limit the number of program and section header number of sections - limit recursion level

  • CVE-2015-TEMP (no official CVE number available yet)

    - null pointer deference (PHP bugs: 68739 68740) - out-of-bounds memory access (file bug: 398) additional patches from CVE-2014-3478 added

For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze24