Amazon Linux 1 Security Advisory: ALAS-2012-95
Advisory Release Date: 2012-07-05 16:09 Pacific
Advisory Updated Date: 2014-09-14 16:25 Pacific
Integer overflow in the phar_parse_tarfile function in tar.c in the phar extension in PHP before 5.3.14 and 5.4.x before 5.4.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted tar file that triggers a heap-based buffer overflow.
The crypt_des (aka DES-based crypt) function in FreeBSD before 9.0-RELEASE-p2, as used in PHP, PostgreSQL, and other products, does not process the complete cleartext password if this password contains a 0x80 character, which makes it easier for context-dependent attackers to obtain access via an authentication attempt with an initial substring of the intended password, as demonstrated by a Unicode password.
Affected Packages:
php
Issue Correction:
Run yum update php to update your system.
i686:
php-intl-5.3.14-2.21.amzn1.i686
php-mysql-5.3.14-2.21.amzn1.i686
php-mbstring-5.3.14-2.21.amzn1.i686
php-xmlrpc-5.3.14-2.21.amzn1.i686
php-recode-5.3.14-2.21.amzn1.i686
php-xml-5.3.14-2.21.amzn1.i686
php-embedded-5.3.14-2.21.amzn1.i686
php-mcrypt-5.3.14-2.21.amzn1.i686
php-bcmath-5.3.14-2.21.amzn1.i686
php-dba-5.3.14-2.21.amzn1.i686
php-odbc-5.3.14-2.21.amzn1.i686
php-soap-5.3.14-2.21.amzn1.i686
php-debuginfo-5.3.14-2.21.amzn1.i686
php-tidy-5.3.14-2.21.amzn1.i686
php-devel-5.3.14-2.21.amzn1.i686
php-snmp-5.3.14-2.21.amzn1.i686
php-pgsql-5.3.14-2.21.amzn1.i686
php-process-5.3.14-2.21.amzn1.i686
php-fpm-5.3.14-2.21.amzn1.i686
php-mysqlnd-5.3.14-2.21.amzn1.i686
php-ldap-5.3.14-2.21.amzn1.i686
php-5.3.14-2.21.amzn1.i686
php-pspell-5.3.14-2.21.amzn1.i686
php-imap-5.3.14-2.21.amzn1.i686
php-mssql-5.3.14-2.21.amzn1.i686
php-common-5.3.14-2.21.amzn1.i686
php-cli-5.3.14-2.21.amzn1.i686
php-pdo-5.3.14-2.21.amzn1.i686
php-gd-5.3.14-2.21.amzn1.i686
src:
php-5.3.14-2.21.amzn1.src
x86_64:
php-mssql-5.3.14-2.21.amzn1.x86_64
php-cli-5.3.14-2.21.amzn1.x86_64
php-fpm-5.3.14-2.21.amzn1.x86_64
php-pgsql-5.3.14-2.21.amzn1.x86_64
php-common-5.3.14-2.21.amzn1.x86_64
php-bcmath-5.3.14-2.21.amzn1.x86_64
php-embedded-5.3.14-2.21.amzn1.x86_64
php-xmlrpc-5.3.14-2.21.amzn1.x86_64
php-recode-5.3.14-2.21.amzn1.x86_64
php-gd-5.3.14-2.21.amzn1.x86_64
php-pspell-5.3.14-2.21.amzn1.x86_64
php-odbc-5.3.14-2.21.amzn1.x86_64
php-5.3.14-2.21.amzn1.x86_64
php-mbstring-5.3.14-2.21.amzn1.x86_64
php-soap-5.3.14-2.21.amzn1.x86_64
php-intl-5.3.14-2.21.amzn1.x86_64
php-devel-5.3.14-2.21.amzn1.x86_64
php-ldap-5.3.14-2.21.amzn1.x86_64
php-mysqlnd-5.3.14-2.21.amzn1.x86_64
php-dba-5.3.14-2.21.amzn1.x86_64
php-debuginfo-5.3.14-2.21.amzn1.x86_64
php-xml-5.3.14-2.21.amzn1.x86_64
php-tidy-5.3.14-2.21.amzn1.x86_64
php-process-5.3.14-2.21.amzn1.x86_64
php-pdo-5.3.14-2.21.amzn1.x86_64
php-mcrypt-5.3.14-2.21.amzn1.x86_64
php-imap-5.3.14-2.21.amzn1.x86_64
php-mysql-5.3.14-2.21.amzn1.x86_64
php-snmp-5.3.14-2.21.amzn1.x86_64