This was fixed in:
php5 (5.5.9+dfsg-1ubuntu4.16) trusty-security; urgency=medium
* SECURITY UPDATE: directory traversal in ZipArchive::extractTo
- debian/patches/CVE-2014-9767.patch: use proper path in
ext/zip/php_zip.c, added test to ext/zip/tests/bug70350.phpt.
- CVE-2014-9767
* SECURITY UPDATE: type confusion issue in SoapClient
- debian/patches/CVE-2015-8835.patch: check types in
ext/soap/php_http.c.
- CVE-2015-8835
- CVE-2016-3185
* SECURITY UPDATE: mysqlnd is vulnerable to BACKRONYM
- debian/patches/CVE-2015-8838.patch: fix ssl handling in
ext/mysqlnd/mysqlnd.c.
- CVE-2015-8838
* SECURITY UPDATE: denial of service or memory disclosure in gd via large
bgd_color argument to imagerotate
- debian/patches/CVE-2016-1903.patch: check bgcolor in
ext/gd/libgd/gd_interpolation.c, added test to
ext/gd/tests/bug70976.phpt.
- CVE-2016-1903
* SECURITY UPDATE: stack overflow when decompressing tar archives
- debian/patches/CVE-2016-2554.patch: handle non-terminated linknames
in ext/phar/tar.c.
- CVE-2016-2554
* SECURITY UPDATE: use-after-free in WDDX
- debian/patches/CVE-2016-3141.patch: fix stack in ext/wddx/wddx.c,
added test to ext/wddx/tests/bug71587.phpt.
- CVE-2016-3141
* SECURITY UPDATE: out-of-Bound Read in phar_parse_zipfile()
- debian/patches/CVE-2016-3142.patch: check bounds in ext/phar/zip.c.
- CVE-2016-3142
* SECURITY UPDATE: libxml_disable_entity_loader setting is shared between
threads
- debian/patches/bug64938.patch: enable entity loader in
ext/libxml/libxml.c.
- No CVE number
* SECURITY UPDATE: openssl_random_pseudo_bytes() is not cryptographically
secure
- debian/patches/bug70014.patch: use RAND_bytes instead of deprecated
RAND_pseudo_bytes in ext/openssl/openssl.c.
- No CVE number
* SECURITY UPDATE: buffer over-write in finfo_open with malformed magic
file
- debian/patches/bug71527.patch: properly calculate length in
ext/fileinfo/libmagic/funcs.c, added test to
ext/fileinfo/tests/bug71527.magic.
- CVE number pending
* SECURITY UPDATE: php_snmp_error() format string Vulnerability
- debian/patches/bug71704.patch: use format string in ext/snmp/snmp.c.
- CVE number pending
* SECURITY UPDATE: integer overflow in php_raw_url_encode
- debian/patches/bug71798.patch: use size_t in ext/standard/url.c.
- CVE number pending
* SECURITY UPDATE: invalid memory write in phar on filename containing
NULL
- debian/patches/bug71860.patch: require valid paths in
ext/phar/phar.c, ext/phar/phar_object.c, fix tests in
ext/phar/tests/badparameters.phpt,
ext/phar/tests/create_path_error.phpt,
ext/phar/tests/phar_extract.phpt,
ext/phar/tests/phar_isvalidpharfilename.phpt,
ext/phar/tests/phar_unlinkarchive.phpt,
ext/phar/tests/pharfileinfo_construct.phpt.
- CVE number pending
* SECURITY UPDATE: invalid negative size in mbfl_strcut
- debian/patches/bug71906.patch: fix length checks in
ext/mbstring/libmbfl/mbfl/mbfilter.c.
- CVE number pending
* This package does _NOT_ contain the changes from php5
(5.5.9+dfsg-1ubuntu4.15) in trusty-proposed.
-- Marc Deslauriers <[email protected]> Wed, 20 Apr 2016
09:52:09 -0400
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2014-9767
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8835
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2015-8838
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-1903
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-2554
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3141
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3142
** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2016-3185
** Changed in: php5 (Ubuntu Trusty)
Status: New => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1509817
Title:
libxml_disable_entity_loader is not theadsafe
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/php5/+bug/1509817/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
