Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2017.2174 SUSE Security Update: Security update for php7 31 August 2017 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: php7 Publisher: SUSE Operating System: SUSE Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Denial of Service -- Remote/Unauthenticated Access Confidential Data -- Remote/Unauthenticated Provide Misleading Information -- Remote with User Interaction Resolution: Patch/Upgrade CVE Names: CVE-2017-11628 CVE-2017-11147 CVE-2017-11146 CVE-2017-11145 CVE-2017-11144 CVE-2017-11142 CVE-2017-7890 CVE-2016-10397 CVE-2016-5766 Reference: ESB-2017.2027 ESB-2017.2013 ESB-2017.0119 ESB-2016.2728 ESB-2016.2622 ESB-2016.2007 - --------------------------BEGIN INCLUDED TEXT-------------------- SUSE Security Update: Security update for php7 ______________________________________________________________________________ Announcement ID: SUSE-SU-2017:2303-1 Rating: important References: #1047454 #1048094 #1048096 #1048100 #1048111 #1048112 #1050241 #1050726 #1052389 #1053645 #986386 Cross-References: CVE-2016-10397 CVE-2016-5766 CVE-2017-11142 CVE-2017-11144 CVE-2017-11145 CVE-2017-11146 CVE-2017-11147 CVE-2017-11628 CVE-2017-7890 Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Module for Web Scripting 12 ______________________________________________________________________________ An update that solves 9 vulnerabilities and has two fixes is now available. Description: This update for php7 fixes the following issues: - CVE-2016-10397: parse_url() can be bypassed to return fake host. (bsc#1047454) - CVE-2017-11142: Remoteattackers could cause a CPU consumption denial of service attack by injectinglong form variables, related to main/php_variables. (bsc#1048100) - CVE-2017-11144: The opensslextension PEM sealing code did not check the return value of the OpenSSL sealingfunction, which could lead to a crash. (bsc#1048096) - CVE-2017-11145: Lack of bounds checks in timelib_meridian coud lead to information leak. (bsc#1048112) - CVE-2017-11146: Lack of bounds checks in timelib_meridian parse code could lead to information leak. (bsc#1048111) - CVE-2017-11147: The PHAR archive handler could beused by attackers supplying malicious archive files to crash the PHP interpreteror potentially disclose information. (bsc#1048094) - CVE-2017-11628: Stack-base dbuffer overflow in zend_ini_do_op() could lead to denial of service (bsc#1050726) - CVE-2017-7890: Buffer over-read from unitialized data in gdImageCreateFromGifCtx function could lead to denial of service (bsc#1050241) - CVE-2016-5766: Integer Overflow in _gd2GetHeader() resulting in heap overflow could lead to denial of service or code execution (bsc#986386) Other fixes: - Soap Request with References (bsc#1053645) - php7-pear should explicitly require php7-pear-Archive_Tar otherwise this dependency must be declared in every php7-pear-* package explicitly. [bnc#1052389] Patch Instructions: To install this SUSE Security Update use YaST online_update. Alternatively you can run the command listed for your product: - SUSE Linux Enterprise Software Development Kit 12-SP3: zypper in -t patch SUSE-SLE-SDK-12-SP3-2017-1417=1 - SUSE Linux Enterprise Software Development Kit 12-SP2: zypper in -t patch SUSE-SLE-SDK-12-SP2-2017-1417=1 - SUSE Linux Enterprise Module for Web Scripting 12: zypper in -t patch SUSE-SLE-Module-Web-Scripting-12-2017-1417=1 To bring your system up-to-date, use "zypper patch". Package List: - SUSE Linux Enterprise Software Development Kit 12-SP3 (aarch64 ppc64le s390x x86_64): php7-debuginfo-7.0.7-50.9.2 php7-debugsource-7.0.7-50.9.2 php7-devel-7.0.7-50.9.2 - SUSE Linux Enterprise Software Development Kit 12-SP2 (aarch64 ppc64le s390x x86_64): php7-debuginfo-7.0.7-50.9.2 php7-debugsource-7.0.7-50.9.2 php7-devel-7.0.7-50.9.2 - SUSE Linux Enterprise Module for Web Scripting 12 (aarch64 ppc64le s390x x86_64): apache2-mod_php7-7.0.7-50.9.2 apache2-mod_php7-debuginfo-7.0.7-50.9.2 php7-7.0.7-50.9.2 php7-bcmath-7.0.7-50.9.2 php7-bcmath-debuginfo-7.0.7-50.9.2 php7-bz2-7.0.7-50.9.2 php7-bz2-debuginfo-7.0.7-50.9.2 php7-calendar-7.0.7-50.9.2 php7-calendar-debuginfo-7.0.7-50.9.2 php7-ctype-7.0.7-50.9.2 php7-ctype-debuginfo-7.0.7-50.9.2 php7-curl-7.0.7-50.9.2 php7-curl-debuginfo-7.0.7-50.9.2 php7-dba-7.0.7-50.9.2 php7-dba-debuginfo-7.0.7-50.9.2 php7-debuginfo-7.0.7-50.9.2 php7-debugsource-7.0.7-50.9.2 php7-dom-7.0.7-50.9.2 php7-dom-debuginfo-7.0.7-50.9.2 php7-enchant-7.0.7-50.9.2 php7-enchant-debuginfo-7.0.7-50.9.2 php7-exif-7.0.7-50.9.2 php7-exif-debuginfo-7.0.7-50.9.2 php7-fastcgi-7.0.7-50.9.2 php7-fastcgi-debuginfo-7.0.7-50.9.2 php7-fileinfo-7.0.7-50.9.2 php7-fileinfo-debuginfo-7.0.7-50.9.2 php7-fpm-7.0.7-50.9.2 php7-fpm-debuginfo-7.0.7-50.9.2 php7-ftp-7.0.7-50.9.2 php7-ftp-debuginfo-7.0.7-50.9.2 php7-gd-7.0.7-50.9.2 php7-gd-debuginfo-7.0.7-50.9.2 php7-gettext-7.0.7-50.9.2 php7-gettext-debuginfo-7.0.7-50.9.2 php7-gmp-7.0.7-50.9.2 php7-gmp-debuginfo-7.0.7-50.9.2 php7-iconv-7.0.7-50.9.2 php7-iconv-debuginfo-7.0.7-50.9.2 php7-imap-7.0.7-50.9.2 php7-imap-debuginfo-7.0.7-50.9.2 php7-intl-7.0.7-50.9.2 php7-intl-debuginfo-7.0.7-50.9.2 php7-json-7.0.7-50.9.2 php7-json-debuginfo-7.0.7-50.9.2 php7-ldap-7.0.7-50.9.2 php7-ldap-debuginfo-7.0.7-50.9.2 php7-mbstring-7.0.7-50.9.2 php7-mbstring-debuginfo-7.0.7-50.9.2 php7-mcrypt-7.0.7-50.9.2 php7-mcrypt-debuginfo-7.0.7-50.9.2 php7-mysql-7.0.7-50.9.2 php7-mysql-debuginfo-7.0.7-50.9.2 php7-odbc-7.0.7-50.9.2 php7-odbc-debuginfo-7.0.7-50.9.2 php7-opcache-7.0.7-50.9.2 php7-opcache-debuginfo-7.0.7-50.9.2 php7-openssl-7.0.7-50.9.2 php7-openssl-debuginfo-7.0.7-50.9.2 php7-pcntl-7.0.7-50.9.2 php7-pcntl-debuginfo-7.0.7-50.9.2 php7-pdo-7.0.7-50.9.2 php7-pdo-debuginfo-7.0.7-50.9.2 php7-pgsql-7.0.7-50.9.2 php7-pgsql-debuginfo-7.0.7-50.9.2 php7-phar-7.0.7-50.9.2 php7-phar-debuginfo-7.0.7-50.9.2 php7-posix-7.0.7-50.9.2 php7-posix-debuginfo-7.0.7-50.9.2 php7-pspell-7.0.7-50.9.2 php7-pspell-debuginfo-7.0.7-50.9.2 php7-shmop-7.0.7-50.9.2 php7-shmop-debuginfo-7.0.7-50.9.2 php7-snmp-7.0.7-50.9.2 php7-snmp-debuginfo-7.0.7-50.9.2 php7-soap-7.0.7-50.9.2 php7-soap-debuginfo-7.0.7-50.9.2 php7-sockets-7.0.7-50.9.2 php7-sockets-debuginfo-7.0.7-50.9.2 php7-sqlite-7.0.7-50.9.2 php7-sqlite-debuginfo-7.0.7-50.9.2 php7-sysvmsg-7.0.7-50.9.2 php7-sysvmsg-debuginfo-7.0.7-50.9.2 php7-sysvsem-7.0.7-50.9.2 php7-sysvsem-debuginfo-7.0.7-50.9.2 php7-sysvshm-7.0.7-50.9.2 php7-sysvshm-debuginfo-7.0.7-50.9.2 php7-tokenizer-7.0.7-50.9.2 php7-tokenizer-debuginfo-7.0.7-50.9.2 php7-wddx-7.0.7-50.9.2 php7-wddx-debuginfo-7.0.7-50.9.2 php7-xmlreader-7.0.7-50.9.2 php7-xmlreader-debuginfo-7.0.7-50.9.2 php7-xmlrpc-7.0.7-50.9.2 php7-xmlrpc-debuginfo-7.0.7-50.9.2 php7-xmlwriter-7.0.7-50.9.2 php7-xmlwriter-debuginfo-7.0.7-50.9.2 php7-xsl-7.0.7-50.9.2 php7-xsl-debuginfo-7.0.7-50.9.2 php7-zip-7.0.7-50.9.2 php7-zip-debuginfo-7.0.7-50.9.2 php7-zlib-7.0.7-50.9.2 php7-zlib-debuginfo-7.0.7-50.9.2 - SUSE Linux Enterprise Module for Web Scripting 12 (noarch): php7-pear-7.0.7-50.9.2 php7-pear-Archive_Tar-7.0.7-50.9.2 References: https://www.suse.com/security/cve/CVE-2016-10397.html https://www.suse.com/security/cve/CVE-2016-5766.html https://www.suse.com/security/cve/CVE-2017-11142.html https://www.suse.com/security/cve/CVE-2017-11144.html https://www.suse.com/security/cve/CVE-2017-11145.html https://www.suse.com/security/cve/CVE-2017-11146.html https://www.suse.com/security/cve/CVE-2017-11147.html https://www.suse.com/security/cve/CVE-2017-11628.html https://www.suse.com/security/cve/CVE-2017-7890.html https://bugzilla.suse.com/1047454 https://bugzilla.suse.com/1048094 https://bugzilla.suse.com/1048096 https://bugzilla.suse.com/1048100 https://bugzilla.suse.com/1048111 https://bugzilla.suse.com/1048112 https://bugzilla.suse.com/1050241 https://bugzilla.suse.com/1050726 https://bugzilla.suse.com/1052389 https://bugzilla.suse.com/1053645 https://bugzilla.suse.com/986386 - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBWad9VIx+lLeg9Ub1AQhmpA/+N5kckug9z5Jn+GzTul59aEteEAwUpkv+ bJdps6e01Ixs+vOzFcGe6+mj3inWGVuO9su9lJcesJIIMxEOLIGRZipMftgPPKW8 k+3did7v4N/P3vQUJqtvJvvxOhBUWN/0idgaQFTea3r7Geo6Tsb8GFsn/muG02Yn uHmbcK/Np9V0FbNbnRObfBuEIhnH4ARFQT7lsQajUgTw9KWC1U/eun0QbKg1rmkd Kgd8H8BPCz2s7PLvfcclcc1Kk2x2BIrAGPdg3VXbh6Zl/kYvDJLSgpvtgBjpXIXw WiMg66Q/fi5b+2SHkxmhPveNYEQ6XTCPYdky3z/nL8f7mxHly07VXXl92pBr52oj tuRCeBEGAmIDROhbrTc+baDMJ7fongwXJe/TXYnOhXUakiv0ppXyvuu6OL9OXPLa zVzxggHnPDf4QP29vywQ9z/M288+o07vY+G10aFK3lG0AF2ymxystkMXLFaJYRCd PduZJBfbTjp2da7Fcgv+7wPBuzBfnyGw+qGWm7px7t3qHKxsXo59lk9OPaOQEfl8 9ZT17f/fncWhsMoccRxmMt1Sa/2YkNvOIu1S6LxmS46fpo2egfV2Q2xO3BFyYbFr iC0LEiLVd+P9AYkcDyAE3b34dU46dWcGfzGdsi9TNRyNNO2h68lSElkyoo5YJfVI 5coJCyqRWE0= =AaT6 -----END PGP SIGNATURE-----