Debian 10225 Published by

Updated PHP 5.4.45 packages for Debian 7 LTS has been released for testing



Please give it a try and tell me about any problems you met. There are still some CVEs open, they will be fixed in a later upload.

Changes:
* CVE-2015-8865.patch
The file_check_mem function in funcs.c in file before 5.23, as used
in the Fileinfo component in PHP before 5.5.34, 5.6.x before 5.6.20,
and 7.x before 7.0.5, mishandles continuation-level jumps, which
allows context-dependent attackers to cause a denial of service
(buffer overflow and application crash) or possibly execute arbitrary
code via a crafted magic file.
* CVE-2015-8866.patch
libxml_disable_entity_loader setting is shared between threads
ext/libxml/libxml.c in PHP before 5.5.22 and 5.6.x before 5.6.6, when
PHP-FPM is used, does not isolate each thread from
libxml_disable_entity_loader changes in other threads, which allows
remote attackers to conduct XML External Entity (XXE) and XML Entity
Expansion (XEE) attacks via a crafted XML document, a related issue
to CVE-2015-5161.
* CVE-2015-8878.patch
main/php_open_temporary_file.c in PHP before 5.5.28 and 5.6.x before
5.6.12 does not ensure thread safety, which allows remote attackers to
cause a denial of service (race condition and heap memory corruption)
by leveraging an application that performs many temporary-file accesses.
* CVE-2015-8879.patch
The odbc_bindcols function in ext/odbc/php_odbc.c in PHP before 5.6.12
mishandles driver behavior for SQL_WVARCHAR columns, which allows
remote attackers to cause a denial of service (application crash) in
opportunistic circumstances by leveraging use of the odbc_fetch_array
function to access a certain type of Microsoft SQL Server table.
* CVE-2016-4070.patch
Integer overflow in the php_raw_url_encode function in ext/standard/url.c
in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x before 7.0.5 allows
remote attackers to cause a denial of service (application crash) via a
long string to the rawurlencode function.
* CVE-2016-4071.patch
Format string vulnerability in the php_snmp_error function in
ext/snmp/snmp.c in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x
before 7.0.5 allows remote attackers to execute arbitrary code via
format string specifiers in an SNMP::get call.
* CVE-2016-4072.patch
The Phar extension in PHP before 5.5.34, 5.6.x before 5.6.20, and 7.x
before 7.0.5 allows remote attackers to execute arbitrary code via a
crafted filename, as demonstrated by mishandling of \0 characters by
the phar_analyze_path function in ext/phar/phar.c.
* CVE-2016-4073.patch
Multiple integer overflows in the mbfl_strcut function in
ext/mbstring/libmbfl/mbfl/mbfilter.c in PHP before 5.5.34, 5.6.x before
5.6.20, and 7.x before 7.0.5 allow remote attackers to cause a denial
of service (application crash) or possibly execute arbitrary code via
a crafted mb_strcut call.
* CVE-2016-4343.patch
The phar_make_dirstream function in ext/phar/dirstream.c in PHP before
5.6.18 and 7.x before 7.0.3 mishandles zero-size ././@LongLink files,
which allows remote attackers to cause a denial of service
(uninitialized pointer dereference) or possibly have unspecified other
impact via a crafted TAR archive.
* CVE-2016-4537.patch
The bcpowmod function in ext/bcmath/bcmath.c in PHP before 5.5.35,
5.6.x before 5.6.21, and 7.x before 7.0.6 accepts a negative integer
for the scale argument, which allows remote attackers to cause a
denial of service or possibly have unspecified other impact via a
crafted call.
* CVE-2016-4539.patch
The xml_parse_into_struct function in ext/xml/xml.c in PHP before
5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows remote
attackers to cause a denial of service (buffer under-read and
segmentation fault) or possibly have unspecified other impact via
crafted XML data in the second argument, leading to a parser level
of zero.
* CVE-2016-4540+4541.patch
The grapheme_strpos function in ext/intl/grapheme/grapheme_string.c
in before 5.5.35, 5.6.x before 5.6.21, and 7.x before 7.0.6 allows
remote attackers to cause a denial of service (out-of-bounds read)
or possibly have unspecified other impact via a negative offset.
* CVE-2016-4542+4543+4544.patch
The exif_process_* function in ext/exif/exif.c in PHP before 5.5.35,
5.6.x before 5.6.21, and 7.x before 7.0.6 does not validate IFD sizes,
which allows remote attackers to cause a denial of service
(out-of-bounds read) or possibly have unspecified other impact via
crafted header data.
Download for AMD64
Download for i386