Debian Long Term Support / LTS Security Information / 2014 / Security Information -- DLA-0018-1 php5

Debian Security Advisory

DLA-0018-1 php5 -- LTS security update

Date Reported:

23 Jul 2014

Affected Packages:

php5

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2014-3515, CVE-2014-0207, CVE-2014-3480, CVE-2014-4721.

More information:

• [CVE-2014-3515]:

  fix unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion

• [CVE-2014-0207]:

  fileinfo: cdf_read_short_sector insufficient boundary check

• [CVE-2014-3480]:

  fileinfo: cdf_count_chain insufficient boundary check

• [CVE-2014-4721]:

  The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a type confusion vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.

For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze20