Debian Security Advisory
DLA-145-1 php5 -- LTS security update
- Date Reported:
- 31 Jan 2015
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2014-0237, CVE-2014-0238, CVE-2014-2270, CVE-2014-8117.
- More information:
The cdf_unpack_summary_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (performance degradation) by triggering many file_printf calls.
The cdf_read_property_info function in cdf.c in the Fileinfo component in PHP before 5.4.29 and 5.5.x before 5.5.13 allows remote attackers to cause a denial of service (infinite loop or out-of-bounds memory access) via a vector that (1) has zero length or (2) is too long.
softmagic.c in file before 5.17 and libmagic allows context dependent attackers to cause a denial of service (out-of-bounds memory access and crash) via crafted offsets in the softmagic of a PE executable.
- Stop reporting bad capabilities after the first few.
- limit the number of program and section header number of sections
- limit recursion level
- CVE-2015-TEMP (no official CVE number available yet)
- null pointer deference (PHP bugs: 68739 68740)
- out-of-bounds memory access (file bug: 398) additional patches from CVE-2014-3478 added
For Debian 6
Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze24