Jump to content
Compatible Support Forums
Sign in to follow this  
news

[RHSA-2016:2750-01] Moderate: rh-php56 security, bug fix, and enhancement update

Recommended Posts

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1

 

=====================================================================

Red Hat Security Advisory

 

Synopsis: Moderate: rh-php56 security, bug fix, and enhancement update

Advisory ID: RHSA-2016:2750-01

Product: Red Hat Software Collections

Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-2750.html

Issue date: 2016-11-15

CVE Names: CVE-2013-7456 CVE-2014-9767 CVE-2015-2325

CVE-2015-2326 CVE-2015-2327 CVE-2015-2328

CVE-2015-3210 CVE-2015-3217 CVE-2015-5073

CVE-2015-8381 CVE-2015-8383 CVE-2015-8384

CVE-2015-8385 CVE-2015-8386 CVE-2015-8388

CVE-2015-8391 CVE-2015-8392 CVE-2015-8395

CVE-2015-8835 CVE-2015-8865 CVE-2015-8866

CVE-2015-8867 CVE-2015-8873 CVE-2015-8874

CVE-2015-8876 CVE-2015-8877 CVE-2015-8879

CVE-2016-1903 CVE-2016-2554 CVE-2016-3074

CVE-2016-3141 CVE-2016-3142 CVE-2016-4070

CVE-2016-4071 CVE-2016-4072 CVE-2016-4073

CVE-2016-4342 CVE-2016-4343 CVE-2016-4473

CVE-2016-4537 CVE-2016-4538 CVE-2016-4539

CVE-2016-4540 CVE-2016-4541 CVE-2016-4542

CVE-2016-4543 CVE-2016-4544 CVE-2016-5093

CVE-2016-5094 CVE-2016-5096 CVE-2016-5114

CVE-2016-5399 CVE-2016-5766 CVE-2016-5767

CVE-2016-5768 CVE-2016-5770 CVE-2016-5771

CVE-2016-5772 CVE-2016-5773 CVE-2016-6128

CVE-2016-6207 CVE-2016-6288 CVE-2016-6289

CVE-2016-6290 CVE-2016-6291 CVE-2016-6292

CVE-2016-6294 CVE-2016-6295 CVE-2016-6296

CVE-2016-6297 CVE-2016-7124 CVE-2016-7125

CVE-2016-7126 CVE-2016-7127 CVE-2016-7128

CVE-2016-7129 CVE-2016-7130 CVE-2016-7131

CVE-2016-7132

=====================================================================

 

1. Summary:

 

An update for rh-php56, rh-php56-php, and rh-php56-php-pear is now

available for Red Hat Software Collections.

 

Red Hat Product Security has rated this update as having a security impact

of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which

gives a detailed severity rating, is available for each vulnerability from

the CVE link(s) in the References section.

 

2. Relevant releases/architectures:

 

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6) - noarch, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7) - noarch, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7) - noarch, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2) - noarch, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3) - noarch, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6) - noarch, x86_64

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7) - noarch, x86_64

 

3. Description:

 

PHP is an HTML-embedded scripting language commonly used with the Apache

HTTP Server. The rh-php56 packages provide a recent stable release of PHP

with PEAR 1.9.5 and enhanced language features including constant

expressions, variadic functions, arguments unpacking, and the interactive

debuger. The memcache, mongo, and XDebug extensions are also included.

 

The rh-php56 Software Collection has been upgraded to version 5.6.25, which

provides a number of bug fixes and enhancements over the previous version.

(BZ#1356157, BZ#1365401)

 

Security Fixes in the rh-php56-php component:

 

* Several Moderate and Low impact security issues were found in PHP. Under

certain circumstances, these issues could cause PHP to crash, disclose

portions of its memory, execute arbitrary code, or impact PHP application

integrity. Space precludes documenting each of these issues in this

advisory. Refer to the CVE links in the References section for a

description of each of these vulnerabilities. (CVE-2013-7456,

CVE-2014-9767, CVE-2015-8835, CVE-2015-8865, CVE-2015-8866, CVE-2015-8867,

CVE-2015-8873, CVE-2015-8874, CVE-2015-8876, CVE-2015-8877, CVE-2015-8879,

CVE-2016-1903, CVE-2016-2554, CVE-2016-3074, CVE-2016-3141, CVE-2016-3142,

CVE-2016-4070, CVE-2016-4071, CVE-2016-4072, CVE-2016-4073, CVE-2016-4342,

CVE-2016-4343, CVE-2016-4473, CVE-2016-4537, CVE-2016-4538, CVE-2016-4539,

CVE-2016-4540, CVE-2016-4541, CVE-2016-4542, CVE-2016-4543, CVE-2016-4544,

CVE-2016-5093, CVE-2016-5094, CVE-2016-5096, CVE-2016-5114, CVE-2016-5399,

CVE-2016-5766, CVE-2016-5767, CVE-2016-5768, CVE-2016-5770, CVE-2016-5771,

CVE-2016-5772, CVE-2016-5773, CVE-2016-6128, CVE-2016-6207, CVE-2016-6288,

CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294,

CVE-2016-6295, CVE-2016-6296, CVE-2016-6297, CVE-2016-7124, CVE-2016-7125,

CVE-2016-7126, CVE-2016-7127, CVE-2016-7128, CVE-2016-7129, CVE-2016-7130,

CVE-2016-7131, CVE-2016-7132)

 

* Multiple flaws were found in the PCRE library included with the

rh-php56-php packages for Red Hat Enterprise Linux 6. A specially crafted

regular expression could cause PHP to crash or, possibly, execute arbitrary

code. (CVE-2015-2325, CVE-2015-2326, CVE-2015-2327, CVE-2015-2328,

CVE-2015-3210, CVE-2015-3217, CVE-2015-5073, CVE-2015-8381, CVE-2015-8383,

CVE-2015-8384, CVE-2015-8385, CVE-2015-8386, CVE-2015-8388, CVE-2015-8391,

CVE-2015-8392, CVE-2015-8395)

 

Red Hat would like to thank Hans Jerry Illikainen for reporting

CVE-2016-3074, CVE-2016-4473, and CVE-2016-5399.

 

4. Solution:

 

For details on how to apply this update, which includes the changes

described in this advisory, refer to:

 

https://access.redhat.com/articles/11258

 

After installing the updated packages, the httpd daemon must be restarted

for the update to take effect.

 

5. Bugs fixed (https://bugzilla.redhat.com/):

 

1207198 - CVE-2015-2325 pcre: heap buffer overflow in compile_branch()

1207202 - CVE-2015-2326 pcre: heap buffer over-read in pcre_compile2() (8.37/23)

1228283 - CVE-2015-3217 pcre: stack overflow caused by mishandled group empty match (8.38/11)

1237223 - CVE-2015-5073 CVE-2015-8388 pcre: buffer overflow for forward reference within backward assertion with excess closing parenthesis (8.38/18)

1260716 - CVE-2014-9767 php: ZipArchive::extractTo allows for directory traversal when creating directories

1285399 - CVE-2015-2328 pcre: infinite recursion compiling pattern with recursive reference in a group with indefinite repeat (8.36/20)

1285408 - CVE-2015-2327 pcre: infinite recursion compiling pattern with zero-repeated groups that include recursive back reference (8.36/19)

1287614 - CVE-2015-8383 pcre: Buffer overflow caused by repeated conditional group (8.38/3)

1287623 - CVE-2015-3210 CVE-2015-8384 pcre: buffer overflow caused by recursive back reference by name within certain group (8.38/4)

1287629 - CVE-2015-8385 pcre: buffer overflow caused by named forward reference to duplicate group number (8.38/30)

1287636 - CVE-2015-8386 pcre: Buffer overflow caused by lookbehind assertion (8.38/6)

1287671 - CVE-2015-8391 pcre: inefficient posix character class syntax check (8.38/16)

1287690 - CVE-2015-8392 pcre: buffer overflow caused by patterns with duplicated named groups with (?| (8.38/27)

1287711 - CVE-2015-8381 CVE-2015-8395 pcre: Buffer overflow caused by duplicate named references (8.38/36)

1297710 - CVE-2016-5114 php: out-of-bounds write in fpm_log.c

1297717 - CVE-2016-1903 php: Out-of-bounds memory read via gdImageRotateInterpolated

1305536 - CVE-2016-4342 php: use of uninitialized pointer in PharFileInfo::getContent

1305543 - CVE-2016-2554 php: buffer overflow in handling of long link names in tar phar archives

1315312 - CVE-2016-3142 php: Out-of-bounds read in phar_parse_zipfile()

1315328 - CVE-2016-3141 php: Use after free in WDDX Deserialize when processing XML data

1321893 - CVE-2016-3074 php: Signedness vulnerability causing heap overflow in libgd

1323074 - CVE-2015-8835 php: type confusion issue in Soap Client call() method

1323103 - CVE-2016-4073 php: Negative size parameter in memcpy

1323106 - CVE-2016-4072 php: Invalid memory write in phar on filename containing \0 inside name

1323108 - CVE-2016-4071 php: Format string vulnerability in php_snmp_error()

1323114 - CVE-2016-4070 php: Integer overflow in php_raw_url_encode

1323118 - CVE-2015-8865 file: Buffer over-write in finfo_open with malformed magic file

1330418 - CVE-2015-8866 php: libxml_disable_entity_loader setting is shared between threads

1330420 - CVE-2015-8867 php: openssl_random_pseudo_bytes() is not cryptographically secure

1332454 - CVE-2016-4343 php: Uninitialized pointer in phar_make_dirstream()

1332860 - CVE-2016-4537 CVE-2016-4538 php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition

1332865 - CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input

1332872 - CVE-2016-4540 CVE-2016-4541 php: OOB read in grapheme_stripos and grapheme_strpos when negative offset is used

1332877 - CVE-2016-4539 php: xml_parse_into_struct() can crash when XML parser is re-used

1336772 - CVE-2015-8874 gd: gdImageFillToBorder deep recursion leading to stack overflow

1336775 - CVE-2015-8873 php: Stack consumption vulnerability in Zend/zend_exceptions.c

1338896 - CVE-2015-8876 php: Zend/zend_exceptions.c does not validate certain Exception objects

1338907 - CVE-2015-8877 gd: gdImageScaleTwoPass function in gd_interpolation.c uses inconsistent allocate and free approaches

1338912 - CVE-2015-8879 php: odbc_bindcols function mishandles driver behavior for SQL_WVARCHAR columns

1339590 - CVE-2016-5093 php: improper nul termination leading to out-of-bounds read in get_icu_value_internal

1339949 - CVE-2016-5096 php: Integer underflow causing arbitrary null write in fread/gzread

1340433 - CVE-2013-7456 gd: incorrect boundary adjustment in _gdContributionsCalc

1340738 - CVE-2016-5094 php: Integer overflow in php_html_entities()

1347772 - CVE-2016-4473 php: Invalid free() instead of efree() in phar_extract_file()

1351068 - CVE-2016-5766 gd: Integer Overflow in _gd2GetHeader() resulting in heap overflow

1351069 - CVE-2016-5767 gd: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow

1351168 - CVE-2016-5768 php: Double free in _php_mb_regex_ereg_replace_exec

1351171 - CVE-2016-5770 php: Int/size_t confusion in SplFileObject::fread

1351173 - CVE-2016-5771 php: Use After Free Vulnerability in PHP's GC algorithm and unserialize

1351175 - CVE-2016-5772 php: Double Free Corruption in wddx_deserialize

1351179 - CVE-2016-5773 php: ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize

1351603 - CVE-2016-6128 gd: Invalid color index not properly handled

1358395 - CVE-2016-5399 php: Improper error handling in bzread()

1359698 - CVE-2016-6289 php: Integer overflow leads to buffer overflow in virtual_file_ex

1359710 - CVE-2016-6290 php: Use after free in unserialize() with Unexpected Session Deserialization

1359718 - CVE-2016-6291 php: Out-of-bounds access in exif_process_IFD_in_MAKERNOTE

1359756 - CVE-2016-6292 php: Null pointer dereference in exif_process_user_comment

1359800 - CVE-2016-6207 php,gd: Integer overflow error within _gdContributionsAlloc()

1359811 - CVE-2016-6294 php: Out-of-bounds access in locale_accept_from_http

1359815 - CVE-2016-6295 php: Use after free in SNMP with GC and unserialize()

1359822 - CVE-2016-6296 php: Heap buffer overflow vulnerability in simplestring_addn in simplestring.c

1359828 - CVE-2016-6297 php: Stack-based buffer overflow vulnerability in php_stream_zip_opener

1360322 - CVE-2016-6288 php: Buffer over-read in php_url_parse_ex

1374697 - CVE-2016-7124 php: bypass __wakeup() in deserialization of an unexpected object

1374698 - CVE-2016-7125 php: Session Data Injection Vulnerability

1374699 - CVE-2016-7126 php: select_colors write out-of-bounds

1374701 - CVE-2016-7127 php: imagegammacorrect allows arbitrary write access

1374704 - CVE-2016-7128 php: Memory Leakage In exif_process_IFD_in_TIFF

1374705 - CVE-2016-7129 php: wddx_deserialize allows illegal memory access

1374707 - CVE-2016-7130 php: wddx_deserialize null dereference

1374708 - CVE-2016-7131 php: wddx_deserialize null dereference with invalid xml

1374711 - CVE-2016-7132 php: wddx_deserialize null dereference in php_wddx_pop_element

 

6. Package List:

 

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 6):

 

Source:

rh-php56-2.3-1.el6.src.rpm

rh-php56-php-5.6.25-1.el6.src.rpm

rh-php56-php-pear-1.9.5-4.el6.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el6.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el6.x86_64.rpm

rh-php56-php-5.6.25-1.el6.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el6.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el6.x86_64.rpm

rh-php56-php-common-5.6.25-1.el6.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el6.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el6.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el6.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el6.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el6.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el6.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el6.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el6.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el6.x86_64.rpm

rh-php56-php-imap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el6.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el6.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el6.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el6.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el6.x86_64.rpm

rh-php56-php-process-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el6.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el6.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el6.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-tidy-5.6.25-1.el6.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el6.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el6.x86_64.rpm

rh-php56-runtime-2.3-1.el6.x86_64.rpm

rh-php56-scldevel-2.3-1.el6.x86_64.rpm

 

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 6.7):

 

Source:

rh-php56-2.3-1.el6.src.rpm

rh-php56-php-5.6.25-1.el6.src.rpm

rh-php56-php-pear-1.9.5-4.el6.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el6.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el6.x86_64.rpm

rh-php56-php-5.6.25-1.el6.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el6.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el6.x86_64.rpm

rh-php56-php-common-5.6.25-1.el6.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el6.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el6.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el6.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el6.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el6.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el6.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el6.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el6.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el6.x86_64.rpm

rh-php56-php-imap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el6.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el6.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el6.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el6.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el6.x86_64.rpm

rh-php56-php-process-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el6.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el6.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el6.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-tidy-5.6.25-1.el6.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el6.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el6.x86_64.rpm

rh-php56-runtime-2.3-1.el6.x86_64.rpm

rh-php56-scldevel-2.3-1.el6.x86_64.rpm

 

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 6):

 

Source:

rh-php56-2.3-1.el6.src.rpm

rh-php56-php-5.6.25-1.el6.src.rpm

rh-php56-php-pear-1.9.5-4.el6.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el6.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el6.x86_64.rpm

rh-php56-php-5.6.25-1.el6.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el6.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el6.x86_64.rpm

rh-php56-php-common-5.6.25-1.el6.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el6.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el6.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el6.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el6.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el6.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el6.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el6.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el6.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el6.x86_64.rpm

rh-php56-php-imap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el6.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el6.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el6.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el6.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el6.x86_64.rpm

rh-php56-php-process-5.6.25-1.el6.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el6.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el6.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el6.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el6.x86_64.rpm

rh-php56-php-tidy-5.6.25-1.el6.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el6.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el6.x86_64.rpm

rh-php56-runtime-2.3-1.el6.x86_64.rpm

rh-php56-scldevel-2.3-1.el6.x86_64.rpm

 

Red Hat Software Collections for Red Hat Enterprise Linux Server (v. 7):

 

Source:

rh-php56-2.3-1.el7.src.rpm

rh-php56-php-5.6.25-1.el7.src.rpm

rh-php56-php-pear-1.9.5-4.el7.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el7.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el7.x86_64.rpm

rh-php56-php-5.6.25-1.el7.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el7.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el7.x86_64.rpm

rh-php56-php-common-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el7.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el7.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el7.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el7.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el7.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el7.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el7.x86_64.rpm

rh-php56-php-process-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el7.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el7.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el7.x86_64.rpm

rh-php56-runtime-2.3-1.el7.x86_64.rpm

rh-php56-scldevel-2.3-1.el7.x86_64.rpm

 

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.2):

 

Source:

rh-php56-2.3-1.el7.src.rpm

rh-php56-php-5.6.25-1.el7.src.rpm

rh-php56-php-pear-1.9.5-4.el7.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el7.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el7.x86_64.rpm

rh-php56-php-5.6.25-1.el7.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el7.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el7.x86_64.rpm

rh-php56-php-common-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el7.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el7.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el7.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el7.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el7.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el7.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el7.x86_64.rpm

rh-php56-php-process-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el7.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el7.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el7.x86_64.rpm

rh-php56-runtime-2.3-1.el7.x86_64.rpm

rh-php56-scldevel-2.3-1.el7.x86_64.rpm

 

Red Hat Software Collections for Red Hat Enterprise Linux Server EUS (v. 7.3):

 

Source:

rh-php56-2.3-1.el7.src.rpm

rh-php56-php-5.6.25-1.el7.src.rpm

rh-php56-php-pear-1.9.5-4.el7.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el7.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el7.x86_64.rpm

rh-php56-php-5.6.25-1.el7.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el7.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el7.x86_64.rpm

rh-php56-php-common-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el7.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el7.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el7.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el7.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el7.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el7.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el7.x86_64.rpm

rh-php56-php-process-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el7.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el7.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el7.x86_64.rpm

rh-php56-runtime-2.3-1.el7.x86_64.rpm

rh-php56-scldevel-2.3-1.el7.x86_64.rpm

 

Red Hat Software Collections for Red Hat Enterprise Linux Workstation (v. 7):

 

Source:

rh-php56-2.3-1.el7.src.rpm

rh-php56-php-5.6.25-1.el7.src.rpm

rh-php56-php-pear-1.9.5-4.el7.src.rpm

 

noarch:

rh-php56-php-pear-1.9.5-4.el7.noarch.rpm

 

x86_64:

rh-php56-2.3-1.el7.x86_64.rpm

rh-php56-php-5.6.25-1.el7.x86_64.rpm

rh-php56-php-bcmath-5.6.25-1.el7.x86_64.rpm

rh-php56-php-cli-5.6.25-1.el7.x86_64.rpm

rh-php56-php-common-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dba-5.6.25-1.el7.x86_64.rpm

rh-php56-php-dbg-5.6.25-1.el7.x86_64.rpm

rh-php56-php-debuginfo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-devel-5.6.25-1.el7.x86_64.rpm

rh-php56-php-embedded-5.6.25-1.el7.x86_64.rpm

rh-php56-php-enchant-5.6.25-1.el7.x86_64.rpm

rh-php56-php-fpm-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-gmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-intl-5.6.25-1.el7.x86_64.rpm

rh-php56-php-ldap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mbstring-5.6.25-1.el7.x86_64.rpm

rh-php56-php-mysqlnd-5.6.25-1.el7.x86_64.rpm

rh-php56-php-odbc-5.6.25-1.el7.x86_64.rpm

rh-php56-php-opcache-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pdo-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pgsql-5.6.25-1.el7.x86_64.rpm

rh-php56-php-process-5.6.25-1.el7.x86_64.rpm

rh-php56-php-pspell-5.6.25-1.el7.x86_64.rpm

rh-php56-php-recode-5.6.25-1.el7.x86_64.rpm

rh-php56-php-snmp-5.6.25-1.el7.x86_64.rpm

rh-php56-php-soap-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xml-5.6.25-1.el7.x86_64.rpm

rh-php56-php-xmlrpc-5.6.25-1.el7.x86_64.rpm

rh-php56-runtime-2.3-1.el7.x86_64.rpm

rh-php56-scldevel-2.3-1.el7.x86_64.rpm

 

These packages are GPG signed by Red Hat for security. Our key and

details on how to verify the signature are available from

https://access.redhat.com/security/team/key/

 

7. References:

 

https://access.redhat.com/security/cve/CVE-2013-7456

https://access.redhat.com/security/cve/CVE-2014-9767

https://access.redhat.com/security/cve/CVE-2015-2325

https://access.redhat.com/security/cve/CVE-2015-2326

https://access.redhat.com/security/cve/CVE-2015-2327

https://access.redhat.com/security/cve/CVE-2015-2328

https://access.redhat.com/security/cve/CVE-2015-3210

https://access.redhat.com/security/cve/CVE-2015-3217

https://access.redhat.com/security/cve/CVE-2015-5073

https://access.redhat.com/security/cve/CVE-2015-8381

https://access.redhat.com/security/cve/CVE-2015-8383

https://access.redhat.com/security/cve/CVE-2015-8384

https://access.redhat.com/security/cve/CVE-2015-8385

https://access.redhat.com/security/cve/CVE-2015-8386

https://access.redhat.com/security/cve/CVE-2015-8388

https://access.redhat.com/security/cve/CVE-2015-8391

https://access.redhat.com/security/cve/CVE-2015-8392

https://access.redhat.com/security/cve/CVE-2015-8395

https://access.redhat.com/security/cve/CVE-2015-8835

https://access.redhat.com/security/cve/CVE-2015-8865

https://access.redhat.com/security/cve/CVE-2015-8866

https://access.redhat.com/security/cve/CVE-2015-8867

https://access.redhat.com/security/cve/CVE-2015-8873

https://access.redhat.com/security/cve/CVE-2015-8874

https://access.redhat.com/security/cve/CVE-2015-8876

https://access.redhat.com/security/cve/CVE-2015-8877

https://access.redhat.com/security/cve/CVE-2015-8879

https://access.redhat.com/security/cve/CVE-2016-1903

https://access.redhat.com/security/cve/CVE-2016-2554

https://access.redhat.com/security/cve/CVE-2016-3074

https://access.redhat.com/security/cve/CVE-2016-3141

https://access.redhat.com/security/cve/CVE-2016-3142

https://access.redhat.com/security/cve/CVE-2016-4070

https://access.redhat.com/security/cve/CVE-2016-4071

https://access.redhat.com/security/cve/CVE-2016-4072

https://access.redhat.com/security/cve/CVE-2016-4073

https://access.redhat.com/security/cve/CVE-2016-4342

https://access.redhat.com/security/cve/CVE-2016-4343

https://access.redhat.com/security/cve/CVE-2016-4473

https://access.redhat.com/security/cve/CVE-2016-4537

https://access.redhat.com/security/cve/CVE-2016-4538

https://access.redhat.com/security/cve/CVE-2016-4539

https://access.redhat.com/security/cve/CVE-2016-4540

https://access.redhat.com/security/cve/CVE-2016-4541

https://access.redhat.com/security/cve/CVE-2016-4542

https://access.redhat.com/security/cve/CVE-2016-4543

https://access.redhat.com/security/cve/CVE-2016-4544

https://access.redhat.com/security/cve/CVE-2016-5093

https://access.redhat.com/security/cve/CVE-2016-5094

https://access.redhat.com/security/cve/CVE-2016-5096

https://access.redhat.com/security/cve/CVE-2016-5114

https://access.redhat.com/security/cve/CVE-2016-5399

https://access.redhat.com/security/cve/CVE-2016-5766

https://access.redhat.com/security/cve/CVE-2016-5767

https://access.redhat.com/security/cve/CVE-2016-5768

https://access.redhat.com/security/cve/CVE-2016-5770

https://access.redhat.com/security/cve/CVE-2016-5771

https://access.redhat.com/security/cve/CVE-2016-5772

https://access.redhat.com/security/cve/CVE-2016-5773

https://access.redhat.com/security/cve/CVE-2016-6128

https://access.redhat.com/security/cve/CVE-2016-6207

https://access.redhat.com/security/cve/CVE-2016-6288

https://access.redhat.com/security/cve/CVE-2016-6289

https://access.redhat.com/security/cve/CVE-2016-6290

https://access.redhat.com/security/cve/CVE-2016-6291

https://access.redhat.com/security/cve/CVE-2016-6292

https://access.redhat.com/security/cve/CVE-2016-6294

https://access.redhat.com/security/cve/CVE-2016-6295

https://access.redhat.com/security/cve/CVE-2016-6296

https://access.redhat.com/security/cve/CVE-2016-6297

https://access.redhat.com/security/cve/CVE-2016-7124

https://access.redhat.com/security/cve/CVE-2016-7125

https://access.redhat.com/security/cve/CVE-2016-7126

https://access.redhat.com/security/cve/CVE-2016-7127

https://access.redhat.com/security/cve/CVE-2016-7128

https://access.redhat.com/security/cve/CVE-2016-7129

https://access.redhat.com/security/cve/CVE-2016-7130

https://access.redhat.com/security/cve/CVE-2016-7131

https://access.redhat.com/security/cve/CVE-2016-7132

https://access.redhat.com/security/updates/classification/#moderate

 

8. Contact:

 

The Red Hat security contact is . More contact

details at https://access.redhat.com/security/team/contact/

 

Copyright 2016 Red Hat, Inc.

-----BEGIN PGP SIGNATURE-----

Version: GnuPG v1

 

iD8DBQFYKvj4XlSAg2UNWIIRAqg2AKCB6Jcysv4gkiktKAJA3gy+RKlAqwCeJpjs

UCuj+0gWfBsWXOgFhgH0uL8=

=FcPG

-----END PGP SIGNATURE-----

 

 

--

 

Share this post


Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  

×