Several security issues were fixed in PHP ...
Debian Bug report logs -
#731895
php5: CVE-2013-6420: memory corruption in openssl_x509_parse()
Package:
php5;
Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon)
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 11 De ...
Debian Bug report logs -
#731112
php5: CVE-2013-6712
Package:
php5;
Maintainer for php5 is Debian PHP Maintainers <pkg-php-maint@listsaliothdebianorg>; Source for php5 is src:php5 (PTS, buildd, popcon)
Reported by: Moritz Muehlenhoff <jmm@inutilorg>
Date: Mon, 2 Dec 2013 08:57:02 UTC
Severity: important
Tags: s ...
Several vulnerabilities were found in PHP, a general-purpose scripting
language commonly used for web application development The Common
Vulnerabilities and Exposures project identifies the following issues:
CVE-2013-6420
Stefan Esser reported possible memory corruption in
openssl_x509_parse()
CVE-2013-6712
Creating DateInterval obje ...
Synopsis
Critical: php53 security update
Type/Severity
Security Advisory: Critical
Topic
Updated php53 packages that fix one security issue are now available forRed Hat Enterprise Linux 56 and 59 Extended Update SupportThe Red Hat Security Response Team has rated this update as having criticalsecurity im ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
Updated php packages that fix one security issue are now available for RedHat Enterprise Linux 53 Long Life, and Red Hat Enterprise Linux 56, 59,62, 63, and 64 Extended Update SupportThe Red Hat Security Response T ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
Updated php packages that fix one security issue are now available for RedHat Software Collections 1The Red Hat Security Response Team has rated this update as having criticalsecurity impact A Common Vulnerability Scori ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
Updated php packages that fix multiple security issues are now availablefor Red Hat Enterprise Linux 5The Red Hat Security Response Team has rated this update as having criticalsecurity impact Common Vulnerability Scori ...
Synopsis
Critical: php53 and php security update
Type/Severity
Security Advisory: Critical
Topic
Updated php53 and php packages that fix one security issue are nowavailable for Red Hat Enterprise Linux 5 and 6 respectivelyThe Red Hat Security Response Team has rated this update as having criticalsecurity i ...
Synopsis
Critical: php security update
Type/Severity
Security Advisory: Critical
Topic
Updated php packages that fix one security issue are now available for RedHat Enterprise Linux 3 and 4 Extended Life Cycle SupportThe Red Hat Security Response Team has rated this update as having criticalsecurity impact ...
A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X509 certificates A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to ...
A memory corruption flaw was found in the way the openssl_x509_parse() function of the PHP openssl extension parsed X509 certificates A remote attacker could use this flaw to provide a malicious self-signed certificate or a certificate signed by a trusted authority to a PHP application using the aforementioned function, causing the application to ...
The asn1_time_to_time_t function in ext/openssl/opensslc in PHP before 5328, 54x before 5423, and 55x before 557 does not properly parse (1) notBefore and (2) notAfter timestamps in X509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that i ...
The asn1_time_to_time_t function in ext/openssl/opensslc in PHP before 5328, 54x before 5423, and 55x before 557 does not properly parse (1) notBefore and (2) notAfter timestamps in X509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that i ...