Debian Security Advisory
DLA-0018-1 php5 -- LTS security update
- Date Reported:
- 23 Jul 2014
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-3515, CVE-2014-0207, CVE-2014-3480, CVE-2014-4721.
- More information:
fix unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion
fileinfo: cdf_read_short_sector insufficient boundary check
fileinfo: cdf_count_chain insufficient boundary check
The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a
type confusionvulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.
For Debian 6
Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze20