Debian Security Advisory

DLA-0018-1 php5 -- LTS security update

Date Reported:
23 Jul 2014
Affected Packages:
Security database references:
In Mitre's CVE dictionary: CVE-2014-3515, CVE-2014-0207, CVE-2014-3480, CVE-2014-4721.
More information:
  • [CVE-2014-3515]:

    fix unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion

  • [CVE-2014-0207]:

    fileinfo: cdf_read_short_sector insufficient boundary check

  • [CVE-2014-3480]:

    fileinfo: cdf_count_chain insufficient boundary check

  • [CVE-2014-4721]:

    The phpinfo implementation in ext/standard/info.c in PHP before 5.4.30 and 5.5.x before 5.5.14 does not ensure use of the string data type for the PHP_AUTH_PW, PHP_AUTH_TYPE, PHP_AUTH_USER, and PHP_SELF variables, which might allow context-dependent attackers to obtain sensitive information from process memory by using the integer data type with crafted values, related to a type confusion vulnerability, as demonstrated by reading a private SSL key in an Apache HTTP Server web-hosting environment with mod_ssl and a PHP 5.3.x mod_php.

For Debian 6 Squeeze, these issues have been fixed in php5 version 5.3.3-7+squeeze20