ALAS-2012-116


Amazon Linux AMI Security Advisory: ALAS-2012-116
Advisory Release Date: 2014-09-14 16:50 Pacific
Severity: Low
References: CVE-2012-2688 

Issue Overview:

Unspecified vulnerability in the _php_stream_scandir function in the stream implementation in PHP before 5.3.15 and 5.4.x before 5.4.5 has unknown impact and remote attack vectors, related to an "overflow."


Affected Packages:

php


Issue Correction:
Run yum update php to update your system.

New Packages:
i686:
    php-cli-5.3.15-1.22.amzn1.i686
    php-fpm-5.3.15-1.22.amzn1.i686
    php-mysqlnd-5.3.15-1.22.amzn1.i686
    php-pgsql-5.3.15-1.22.amzn1.i686
    php-debuginfo-5.3.15-1.22.amzn1.i686
    php-tidy-5.3.15-1.22.amzn1.i686
    php-xml-5.3.15-1.22.amzn1.i686
    php-imap-5.3.15-1.22.amzn1.i686
    php-xmlrpc-5.3.15-1.22.amzn1.i686
    php-5.3.15-1.22.amzn1.i686
    php-recode-5.3.15-1.22.amzn1.i686
    php-mysql-5.3.15-1.22.amzn1.i686
    php-devel-5.3.15-1.22.amzn1.i686
    php-intl-5.3.15-1.22.amzn1.i686
    php-ldap-5.3.15-1.22.amzn1.i686
    php-mssql-5.3.15-1.22.amzn1.i686
    php-pdo-5.3.15-1.22.amzn1.i686
    php-gd-5.3.15-1.22.amzn1.i686
    php-snmp-5.3.15-1.22.amzn1.i686
    php-pspell-5.3.15-1.22.amzn1.i686
    php-soap-5.3.15-1.22.amzn1.i686
    php-bcmath-5.3.15-1.22.amzn1.i686
    php-mcrypt-5.3.15-1.22.amzn1.i686
    php-odbc-5.3.15-1.22.amzn1.i686
    php-embedded-5.3.15-1.22.amzn1.i686
    php-mbstring-5.3.15-1.22.amzn1.i686
    php-common-5.3.15-1.22.amzn1.i686
    php-process-5.3.15-1.22.amzn1.i686
    php-dba-5.3.15-1.22.amzn1.i686

src:
    php-5.3.15-1.22.amzn1.src

x86_64:
    php-devel-5.3.15-1.22.amzn1.x86_64
    php-mcrypt-5.3.15-1.22.amzn1.x86_64
    php-odbc-5.3.15-1.22.amzn1.x86_64
    php-mbstring-5.3.15-1.22.amzn1.x86_64
    php-mysql-5.3.15-1.22.amzn1.x86_64
    php-mysqlnd-5.3.15-1.22.amzn1.x86_64
    php-recode-5.3.15-1.22.amzn1.x86_64
    php-ldap-5.3.15-1.22.amzn1.x86_64
    php-bcmath-5.3.15-1.22.amzn1.x86_64
    php-xml-5.3.15-1.22.amzn1.x86_64
    php-pspell-5.3.15-1.22.amzn1.x86_64
    php-imap-5.3.15-1.22.amzn1.x86_64
    php-fpm-5.3.15-1.22.amzn1.x86_64
    php-pgsql-5.3.15-1.22.amzn1.x86_64
    php-intl-5.3.15-1.22.amzn1.x86_64
    php-snmp-5.3.15-1.22.amzn1.x86_64
    php-embedded-5.3.15-1.22.amzn1.x86_64
    php-xmlrpc-5.3.15-1.22.amzn1.x86_64
    php-soap-5.3.15-1.22.amzn1.x86_64
    php-common-5.3.15-1.22.amzn1.x86_64
    php-debuginfo-5.3.15-1.22.amzn1.x86_64
    php-tidy-5.3.15-1.22.amzn1.x86_64
    php-gd-5.3.15-1.22.amzn1.x86_64
    php-pdo-5.3.15-1.22.amzn1.x86_64
    php-cli-5.3.15-1.22.amzn1.x86_64
    php-process-5.3.15-1.22.amzn1.x86_64
    php-mssql-5.3.15-1.22.amzn1.x86_64
    php-dba-5.3.15-1.22.amzn1.x86_64
    php-5.3.15-1.22.amzn1.x86_64