- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LFE
——————————————————————————–
Fedora Update Notification
FEDORA-2016-4f3c77ef90
2016-07-02 13:23:23.483148
——————————————————————————–
Name : php-pecl-zip
Product : Fedora 23
Version : 1.13.3
Release : 1.fc23
URL : http://pecl.php.net/package/zip
Summary : A ZIP archive management extension
Description :
Zip is an extension to create and read zip files.
——————————————————————————–
Update Information:
**Version 1.13.3** – Fixed bug php#71923 (integer overflow in
ZipArchive::getFrom*). (CVE-2016-3078) (Stas) – Fixed bug php#72258 (ZipArchive
converts filenames to unrecoverable form). (Anatol) – Fixed bug php#72434
(ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and
unserialize). (Dmitry)
——————————————————————————–
References:
[ 1 ] Bug #1351179 – CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351179
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update php-pecl-zip’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2016-b08d0b00fc
2016-07-02 13:22:22.108379
——————————————————————————–
Name : php-pecl-zip
Product : Fedora 22
Version : 1.12.5
Release : 2.fc22
URL : http://pecl.php.net/package/zip
Summary : A ZIP archive management extension
Description :
Zip is an extension to create and read zip files.
——————————————————————————–
Update Information:
* Fix bug php#71561 (NULL pointer dereference in Zip::ExtractTo) * Fix bug
php#72434: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm
and unserialize
——————————————————————————–
References:
[ 1 ] Bug #1351179 – CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351179
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update php-pecl-zip’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
——————————————————————————–
Fedora Update Notification
FEDORA-2016-79ac80a0d5
2016-07-02 13:28:24.865162
——————————————————————————–
Name : php-pecl-zip
Product : Fedora 24
Version : 1.13.3
Release : 1.fc24
URL : http://pecl.php.net/package/zip
Summary : A ZIP archive management extension
Description :
Zip is an extension to create and read zip files.
——————————————————————————–
Update Information:
**Version 1.13.3** – Fixed bug php#71923 (integer overflow in
ZipArchive::getFrom*). (CVE-2016-3078) (Stas) – Fixed bug php#72258 (ZipArchive
converts filenames to unrecoverable form). (Anatol) – Fixed bug php#72434
(ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and
unserialize). (Dmitry)
——————————————————————————–
References:
[ 1 ] Bug #1351179 – CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351179
——————————————————————————–
This update can be installed with the “yum” update program. Use
su -c ‘yum update php-pecl-zip’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
| Autor | Tomislav Protega |
| Cert id | NCERT-REF-2016-07-0010-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | http://www.adobe.com/ |
