SUSE-SU-2016:1310-1 -- SLES apache2-mod_php53, php53ID: oval:org.secpod.oval:def:89045244 | Date: (C)2021-08-03 (M)2024-04-17 |
Class: PATCH | Family: unix |
This update for php53 fixes the following security issues: - CVE-2016-4073: A remote attacker could have caused denial of service, or possibly execute arbitrary code, due to incorrect handling of string length calculations in mb_strcut - CVE-2015-8867: The PHP function openssl_random_pseudo_bytes did not return cryptographically secure random bytes - CVE-2016-4070: The libxml_disable_entity_loader setting was shared between threads, which could have resulted in XML external entity injection and entity expansion issues - CVE-2015-8866: A remote attacker could have caused denial of service due to incorrect handling of large strings in php_raw_url_encode
Platform: |
SUSE Linux Enterprise Server 11 SP4 |
Product: |
apache2-mod_php53 |
php53 |