FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

PHP -- multiple vulnerabilities

Affected packages
		php56	<	5.6.26

Details

VuXML ID	8d5180a6-86fe-11e6-8d93-00248c0c745d
Discovery	2016-09-16
Entry	2016-09-30

PHP reports:

Fixed bug #73007 (add locale length check)

Fixed bug #72293 (Heap overflow in mysqlnd related to BIT fields)

Fixed bug #72928 (Out of bound when verify signature of zip phar in phar_parse_zipfile)

Fixed bug #73029 (Missing type check when unserializing SplArray)

Fixed bug #73052 (Memory Corruption in During Deserialized-object Destruction)

Fixed bug #72860 (wddx_deserialize use-after-free)

Fixed bug #73065 (Out-Of-Bounds Read in php_wddx_push_element)

[source]

References

CVE Name	CVE-2016-7411
CVE Name	CVE-2016-7412
CVE Name	CVE-2016-7413
CVE Name	CVE-2016-7414
CVE Name	CVE-2016-7416
CVE Name	CVE-2016-7417
CVE Name	CVE-2016-7418
URL	http://php.net/ChangeLog-5.php#5.6.26