You are here
Home > Preporuke > Ranjivost programskog paketa php-pecl-zip

Ranjivost programskog paketa php-pecl-zip

by ncert - 0

——————————————————————————–
Fedora Update Notification
FEDORA-2016-4f3c77ef90
2016-07-02 13:23:23.483148
——————————————————————————–

Name : php-pecl-zip
Product : Fedora 23
Version : 1.13.3
Release : 1.fc23
URL : http://pecl.php.net/package/zip
Summary : A ZIP archive management extension
Description :
Zip is an extension to create and read zip files.

——————————————————————————–
Update Information:

**Version 1.13.3** – Fixed bug php#71923 (integer overflow in
ZipArchive::getFrom*). (CVE-2016-3078) (Stas) – Fixed bug php#72258 (ZipArchive
converts filenames to unrecoverable form). (Anatol) – Fixed bug php#72434
(ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and
unserialize). (Dmitry)
——————————————————————————–
References:

[ 1 ] Bug #1351179 – CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351179
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php-pecl-zip’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

——————————————————————————–
Fedora Update Notification
FEDORA-2016-b08d0b00fc
2016-07-02 13:22:22.108379
——————————————————————————–

Name : php-pecl-zip
Product : Fedora 22
Version : 1.12.5
Release : 2.fc22
URL : http://pecl.php.net/package/zip
Summary : A ZIP archive management extension
Description :
Zip is an extension to create and read zip files.

——————————————————————————–
Update Information:

* Fix bug php#71561 (NULL pointer dereference in Zip::ExtractTo) * Fix bug
php#72434: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm
and unserialize
——————————————————————————–
References:

[ 1 ] Bug #1351179 – CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize
https://bugzilla.redhat.com/show_bug.cgi?id=1351179
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php-pecl-zip’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

 

 

——————————————————————————–
Fedora Update Notification
FEDORA-2016-79ac80a0d5
2016-07-02 13:28:24.865162
——————————————————————————–

Name        : php-pecl-zip
Product     : Fedora 24
Version     : 1.13.3
Release     : 1.fc24
URL         : http://pecl.php.net/package/zip
Summary     : A ZIP archive management extension
Description :
Zip is an extension to create and read zip files.

——————————————————————————–
Update Information:

**Version 1.13.3**  – Fixed bug php#71923 (integer overflow in
ZipArchive::getFrom*). (CVE-2016-3078) (Stas) – Fixed bug php#72258 (ZipArchive
converts filenames to unrecoverable form). (Anatol) – Fixed bug php#72434
(ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and
unserialize). (Dmitry)
——————————————————————————–
References:

  [ 1 ] Bug #1351179 – CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP’s GC algorithm and unserialize
        https://bugzilla.redhat.com/show_bug.cgi?id=1351179
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php-pecl-zip’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org

 

ncert
Top
More in Preporuke
Ranjivosti jezgre operacijskog sustava

Otkrivene su ranjivosti u jezgri operacijskog sustava Fedora. Zahvaćeno je nekoliko komponenti jezgre, a ovisno o tipu ranjivosti mogu biti...

Close