var-201312-0207
Vulnerability from variot
The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function. PHP is prone to a remote memory-corruption vulnerability. Attackers can exploit this issue to run arbitrary code within the context of the PHP process. Failed exploit attempts may result in a denial-of-service condition. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. The vulnerability is caused by the openssl_x509_parse() function not correctly parsing the notBefore and notAfter timestamps in the X.509 certificate. The following versions are affected: PHP prior to 5.3.28, 5.4.x prior to 5.4.23, 5.5.x prior to 5.5.7. 6) - x86_64 RHEL Desktop Workstation (v. ============================================================================ Ubuntu Security Notice USN-2055-1 December 12, 2013
php5 vulnerabilities
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.10
- Ubuntu 13.04
- Ubuntu 12.10
- Ubuntu 12.04 LTS
- Ubuntu 10.04 LTS
Summary:
Several security issues were fixed in PHP. (CVE-2013-6420)
It was discovered that PHP incorrectly handled DateInterval objects. (CVE-2013-6712)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 13.10: libapache2-mod-php5 5.5.3+dfsg-1ubuntu2.1 php5-cgi 5.5.3+dfsg-1ubuntu2.1 php5-cli 5.5.3+dfsg-1ubuntu2.1
Ubuntu 13.04: libapache2-mod-php5 5.4.9-4ubuntu2.4 php5-cgi 5.4.9-4ubuntu2.4 php5-cli 5.4.9-4ubuntu2.4
Ubuntu 12.10: libapache2-mod-php5 5.4.6-1ubuntu1.5 php5-cgi 5.4.6-1ubuntu1.5 php5-cli 5.4.6-1ubuntu1.5
Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.9 php5-cgi 5.3.10-1ubuntu3.9 php5-cli 5.3.10-1ubuntu3.9
Ubuntu 10.04 LTS: libapache2-mod-php5 5.3.2-1ubuntu4.22 php5-cgi 5.3.2-1ubuntu4.22 php5-cli 5.3.2-1ubuntu4.22
In general, a standard system update will make all the necessary changes.
Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/php-5.4.24-i486-1_slack14.1.txz: Upgraded. For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420 ( Security fix ) +--------------------------+
Where to find the new packages: +-----------------------------+
Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.
Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.24-i486-1_slack14.0.txz
Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.24-x86_64-1_slack14.0.txz
Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.24-i486-1_slack14.1.txz
Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.24-x86_64-1_slack14.1.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.24-i486-1.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.24-x86_64-1.txz
MD5 signatures: +-------------+
Slackware 14.0 package: 1c864df50286602ccb2d3efbabb9d7ec php-5.4.24-i486-1_slack14.0.txz
Slackware x86_64 14.0 package: cc0f365855b83708c82a84ea44a4ad21 php-5.4.24-x86_64-1_slack14.0.txz
Slackware 14.1 package: 1091912280ef2fbe271da2aa304dba36 php-5.4.24-i486-1_slack14.1.txz
Slackware x86_64 14.1 package: 22b91ef0428a15b3124c5b4fb911b1bc php-5.4.24-x86_64-1_slack14.1.txz
Slackware -current package: f306c21609d14c7380295d63054d8f46 n/php-5.4.24-i486-1.txz
Slackware x86_64 -current package: 3cb4ff4fdaba44aa5ed3a946adbe9c9f n/php-5.4.24-x86_64-1.txz
Installation instructions: +------------------------+
Upgrade the package as root:
upgradepkg php-5.4.24-i486-1_slack14.1.txz
Then, restart Apache httpd:
/etc/rc.d/rc.httpd stop
/etc/rc.d/rc.httpd start
+-----+
Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com
+------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
APPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update 2014-001
OS X Mavericks 10.9.2 and Security Update 2014-001 is now available and addresses the following:
Apache Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Multiple vulnerabilities in Apache Description: Multiple vulnerabilities existed in Apache, the most serious of which may lead to cross-site scripting. These issues were addressed by updating Apache to version 2.2.26. CVE-ID CVE-2013-1862 CVE-2013-1896
App Sandbox Available for: OS X Mountain Lion v10.8.5 Impact: The App Sandbox may be bypassed Description: The LaunchServices interface for launching an application allowed sandboxed apps to specify the list of arguments passed to the new process. A compromised sandboxed application could abuse this to bypass the sandbox. This issue was addressed by preventing sandboxed applications from specifying arguments. This issue does not affect systems running OS X Mavericks 10.9 or later. CVE-ID CVE-2013-5179 : Friedrich Graeter of The Soulmen GbR
ATS Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Viewing or downloading a document containing a maliciously crafted embedded font may lead to arbitrary code execution Description: A memory corruption issue existed in the handling of handling of Type 1 fonts. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1254 : Felix Groebert of the Google Security Team
ATS Available for: OS X Mavericks 10.9 and 10.9.1 Impact: The App Sandbox may be bypassed Description: A memory corruption issue existed in the handling of Mach messages passed to ATS. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1262 : Meder Kydyraliev of the Google Security Team
ATS Available for: OS X Mavericks 10.9 and 10.9.1 Impact: The App Sandbox may be bypassed Description: An arbitrary free issue existed in the handling of Mach messages passed to ATS. This issue was addressed through additional validation of Mach messages. CVE-ID CVE-2014-1255 : Meder Kydyraliev of the Google Security Team
ATS Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: The App Sandbox may be bypassed Description: A buffer overflow issue existed in the handling of Mach messages passed to ATS. This issue was addressed by additional bounds checking. CVE-ID CVE-2014-1256 : Meder Kydyraliev of the Google Security Team
Certificate Trust Policy Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Root certificates have been updated Description: The set of system root certificates has been updated. The complete list of recognized system roots may be viewed via the Keychain Access application.
CFNetwork Cookies Available for: OS X Mountain Lion v10.8.5 Impact: Session cookies may persist even after resetting Safari Description: Resetting Safari did not always delete session cookies until Safari was closed. This issue was addressed through improved handling of session cookies. This issue does not affect systems running OS X Mavericks 10.9 or later. CVE-ID CVE-2014-1257 : Rob Ansaldo of Amherst College, Graham Bennett
CoreAnimation Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Visiting a maliciously crafted site may lead to an unexpected application termination or arbitrary code execution Description: A heap buffer overflow existed in CoreAnimation's handling of images. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1258 : Karl Smith of NCC Group
CoreText Available for: OS X Mavericks 10.9 and 10.9.1 Impact: Applications that use CoreText may be vulnerable to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in CoreText in the handling of Unicode fonts. This issue is addressed through improved bounds checking. CVE-ID CVE-2014-1261 : Lucas Apa and Carlos Mario Penagos of IOActive Labs
curl Available for: OS X Mavericks 10.9 and 10.9.1 Impact: An attacker with a privileged network position may intercept user credentials or other sensitive information Description: When using curl to connect to an HTTPS URL containing an IP address, the IP address was not validated against the certificate. This issue does not affect systems prior to OS X Mavericks v10.9. CVE-ID CVE-2014-1263 : Roland Moriz of Moriz GmbH
Data Security Available for: OS X Mavericks 10.9 and 10.9.1 Impact: An attacker with a privileged network position may capture or modify data in sessions protected by SSL/TLS Description: Secure Transport failed to validate the authenticity of the connection. This issue was addressed by restoring missing validation steps. CVE-ID CVE-2014-1266
Date and Time Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: An unprivileged user may change the system clock Description: This update changes the behavior of the systemsetup command to require administrator privileges to change the system clock. CVE-ID CVE-2014-1265
File Bookmark Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Viewing a file with a maliciously crafted name may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of file names. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1259
Finder Available for: OS X Mavericks 10.9 and 10.9.1 Impact: Accessing a file's ACL via Finder may lead to other users gaining unauthorized access to files Description: Accessing a file's ACL via Finder may corrupt the ACLs on the file. This issue was addressed through improved handling of ACLs. CVE-ID CVE-2014-1264
ImageIO Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Viewing a maliciously crafted JPEG file may lead to the disclosure of memory contents Description: An uninitialized memory access issue existed in libjpeg's handling of JPEG markers, resulting in the disclosure of memory contents. This issue was addressed by better JPEG handling. CVE-ID CVE-2013-6629 : Michal Zalewski
IOSerialFamily Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5 Impact: Executing a malicious application may result in arbitrary code execution within the kernel Description: An out of bounds array access existed in the IOSerialFamily driver. This issue was addressed through additional bounds checking. This issue does not affect systems running OS X Mavericks v10.9 or later. CVE-ID CVE-2013-5139 : @dent1zt
LaunchServices Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5 Impact: A file could show the wrong extension Description: An issue existed in the handling of certain unicode characters that could allow filenames to show incorrect extensions. The issue was addressed by filtering unsafe unicode characters from display in filenames. This issue does not affect systems running OS X Mavericks v10.9 or later. CVE-ID CVE-2013-5178 : Jesse Ruderman of Mozilla Corporation, Stephane Sudre of Intego
NVIDIA Drivers Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Executing a malicious application could result in arbitrary code execution within the graphics card Description: An issue existed that allowed writes to some trusted memory on the graphics card. This issue was addressed by removing the ability of the host to write to that memory. CVE-ID CVE-2013-5986 : Marcin Kościelnicki from the X.Org Foundation Nouveau project CVE-2013-5987 : Marcin Kościelnicki from the X.Org Foundation Nouveau project
PHP Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Multiple vulnerabilities in PHP Description: Multiple vulnerabilities existed in PHP, the most serious of which may have led to arbitrary code execution. These issues were addressed by updating PHP to version 5.4.22 on OS X Mavericks v10.9, and 5.3.28 on OS X Lion and Mountain Lion. CVE-ID CVE-2013-4073 CVE-2013-4113 CVE-2013-4248 CVE-2013-6420
QuickLook Available for: OS X Mountain Lion v10.8.5 Impact: Downloading a maliciously crafted Microsoft Office file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in QuickLook's handling of Microsoft Office files. Downloading a maliciously crafted Microsoft Office file may have led to an unexpected application termination or arbitrary code execution. This issue does not affect systems running OS X Mavericks 10.9 or later. CVE-ID CVE-2014-1260 : Felix Groebert of the Google Security Team
QuickLook Available for: OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Downloading a maliciously crafted Microsoft Word document may lead to an unexpected application termination or arbitrary code execution Description: A double free issue existed in QuickLook's handling of Microsoft Word documents. This issue was addressed through improved memory management. CVE-ID CVE-2014-1252 : Felix Groebert of the Google Security Team
QuickTime Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of 'ftab' atoms. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1246 : An anonymous researcher working with HP's Zero Day Initiative
QuickTime Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A memory corruption issue existed in the handling of 'dref' atoms. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1247 : Tom Gallagher & Paul Bates working with HP's Zero Day Initiative
QuickTime Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of 'ldat' atoms. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1248 : Jason Kratzer working with iDefense VCP
QuickTime Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Viewing a maliciously crafted PSD image may lead to an unexpected application termination or arbitrary code execution Description: A buffer overflow existed in the handling of PSD images. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1249 : dragonltx of Tencent Security Team
QuickTime Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: An out of bounds byte swapping issue existed in the handling of 'ttfo' elements. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1250 : Jason Kratzer working with iDefense VCP
QuickTime Available for: OS X Lion v10.7.5, OS X Lion Server v10.7.5, OS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1 Impact: Playing a maliciously crafted movie file may lead to an unexpected application termination or arbitrary code execution Description: A signedness issue existed in the handling of 'stsz' atoms. This issue was addressed through improved bounds checking. CVE-ID CVE-2014-1245 : Tom Gallagher & Paul Bates working with HP's Zero Day Initiative
Secure Transport Available for: OS X Mountain Lion v10.8.5 Impact: An attacker may be able to decrypt data protected by SSL Description: There were known attacks on the confidentiality of SSL 3.0 and TLS 1.0 when a cipher suite used a block cipher in CBC mode. To address these issues for applications using Secure Transport, the 1-byte fragment mitigation was enabled by default for this configuration. CVE-ID CVE-2011-3389 : Juliano Rizzo and Thai Duong
OS X Mavericks v10.9.2 includes the content of Safari 7.0.2.
OS X Mavericks v10.9.2 and Security Update 2014-001 may be obtained from the Mac App Store or Apple's Software Downloads web site: http://www.apple.com/support/downloads/
Information will also be posted to the Apple Security Updates web site: http://support.apple.com/kb/HT1222
This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iQIcBAEBAgAGBQJTDNeoAAoJEPefwLHPlZEwaRAP/3i/2qRvNv6JqmE9p48uEyXn mlxwXpMyop+vrgMmuiSP14EGSv06HO04PNUtaWPxm7tVYXu0tMtjDcYdIu40TAy6 U0T6QhRZC/uag1DCvdEOvqRUajKmmPtHTCJ6OsQGtGJHlEM+S5XgxRr7qgfkHMfb OlqFsgpdL/AAiYNfzItN2C+r2Lfwro6LDlxhikpASojlMFQrk8nJ6irRv617anSZ 3DwJW2iJxNfpVrgqA1Nrx1fkrPmeT/8jgGuEP6RaKiWIbfXjRG5BW9WuarMqmaP8 C6XoTaJaqEO9zb7F2uJR0HIYpJd065y/xiYNm91yDWIjdrO3wVgNVPGo1pHVyYsY Y7lcyHUVJortKF8SHquw0j3Ujeugu8iWp6ND/00/4dGvwb0jzrxPUxkEmJ43130O t2Obtxdsaa+ub8cZHDN93WB3FQR5hd+KaeXLJC55q0qYY8o8zqdPqXAlYAP2gUQX iB4Bs7NAh2CNJWNTtk2soTjZOwPvPLSPZ6I3w5i0HVP7HQl5K8chjihAwSeyezCZ q5gxCiK0lBW88AUd9n3L7ZOW2Rg53mh6+RiUL/VQ7TfidoP417VDKum300pZkgNv kBCklX9ya7QeLjOMnbnsTk32qG+TiDPgiGZ5IrK6C6T26dexJWbm8tuwPjy5r8mI aiYIh+SzR0rBdMZRgyzv =+DAJ -----END PGP SIGNATURE----- . (CVE-2013-6420)
It was found that PHP did not check for carriage returns in HTTP headers, allowing intended HTTP response splitting protections to be bypassed. Depending on the web browser the victim is using, a remote attacker could use this flaw to perform HTTP response splitting attacks. (CVE-2011-1398)
An integer signedness issue, leading to a heap-based buffer underflow, was found in the PHP scandir() function. (CVE-2012-2688)
It was found that the PHP SOAP parser allowed the expansion of external XML entities during SOAP message parsing. Bugs fixed (https://bugzilla.redhat.com/):
828051 - CVE-2012-2688 php: Integer Signedness issues in _php_stream_scandir 853329 - CVE-2011-1398 PHP: sapi_header_op() %0D sequence handling security bypass 918187 - CVE-2013-1643 php: Ability to read arbitrary files due use of external entities while parsing SOAP WSDL files 1036830 - CVE-2013-6420 php: memory corruption in openssl_x509_parse()
- The Common Vulnerabilities and Exposures project identifies the following issues:
CVE-2013-6420
Stefan Esser reported possible memory corruption in
openssl_x509_parse().
CVE-2013-6712
Creating DateInterval objects from parsed ISO dates was
not properly restricted, which allowed to cause a
denial of service.
In addition, the update for Debian 7 "Wheezy" contains several bugfixes originally targeted for the upcoming Wheezy point release.
For the oldstable distribution (squeeze), these problems have been fixed in version 5.3.3-7+squeeze18.
For the stable distribution (wheezy), these problems have been fixed in version 5.4.4-14+deb7u7.
For the unstable distribution (sid), these problems have been fixed in version 5.5.6+dfsg-2.
We recommend that you upgrade your php5 packages. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Critical: php security update Advisory ID: RHSA-2013:1824-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2013-1824.html Issue date: 2013-12-11 CVE Names: CVE-2013-6420 =====================================================================
- Summary:
Updated php packages that fix one security issue are now available for Red Hat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 5.9, 6.2, 6.3, and 6.4 Extended Update Support.
The Red Hat Security Response Team has rated this update as having critical security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat Enterprise Linux Compute Node EUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Compute Node EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.2) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) - x86_64 Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64 Red Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64 Red Hat Enterprise Linux Long Life (v. 5.3 server) - i386, ia64, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.2) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.3) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.2) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64 Red Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64
- Description:
PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. (CVE-2013-6420)
Red Hat would like to thank the PHP project for reporting this issue. Upstream acknowledges Stefan Esser as the original reporter of this issue.
All php users are advised to upgrade to these updated packages, which contain a backported patch to correct this issue. After installing the updated packages, the httpd daemon must be restarted for the update to take effect.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
This update is available via the Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at https://access.redhat.com/site/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1036830 - CVE-2013-6420 php: memory corruption in openssl_x509_parse()
- Package List:
Red Hat Enterprise Linux Long Life (v. 5.3 server):
Source: php-5.1.6-23.5.el5_3.src.rpm
i386: php-5.1.6-23.5.el5_3.i386.rpm php-bcmath-5.1.6-23.5.el5_3.i386.rpm php-cli-5.1.6-23.5.el5_3.i386.rpm php-common-5.1.6-23.5.el5_3.i386.rpm php-dba-5.1.6-23.5.el5_3.i386.rpm php-debuginfo-5.1.6-23.5.el5_3.i386.rpm php-devel-5.1.6-23.5.el5_3.i386.rpm php-gd-5.1.6-23.5.el5_3.i386.rpm php-imap-5.1.6-23.5.el5_3.i386.rpm php-ldap-5.1.6-23.5.el5_3.i386.rpm php-mbstring-5.1.6-23.5.el5_3.i386.rpm php-mysql-5.1.6-23.5.el5_3.i386.rpm php-ncurses-5.1.6-23.5.el5_3.i386.rpm php-odbc-5.1.6-23.5.el5_3.i386.rpm php-pdo-5.1.6-23.5.el5_3.i386.rpm php-pgsql-5.1.6-23.5.el5_3.i386.rpm php-snmp-5.1.6-23.5.el5_3.i386.rpm php-soap-5.1.6-23.5.el5_3.i386.rpm php-xml-5.1.6-23.5.el5_3.i386.rpm php-xmlrpc-5.1.6-23.5.el5_3.i386.rpm
ia64: php-5.1.6-23.5.el5_3.ia64.rpm php-bcmath-5.1.6-23.5.el5_3.ia64.rpm php-cli-5.1.6-23.5.el5_3.ia64.rpm php-common-5.1.6-23.5.el5_3.ia64.rpm php-dba-5.1.6-23.5.el5_3.ia64.rpm php-debuginfo-5.1.6-23.5.el5_3.ia64.rpm php-devel-5.1.6-23.5.el5_3.ia64.rpm php-gd-5.1.6-23.5.el5_3.ia64.rpm php-imap-5.1.6-23.5.el5_3.ia64.rpm php-ldap-5.1.6-23.5.el5_3.ia64.rpm php-mbstring-5.1.6-23.5.el5_3.ia64.rpm php-mysql-5.1.6-23.5.el5_3.ia64.rpm php-ncurses-5.1.6-23.5.el5_3.ia64.rpm php-odbc-5.1.6-23.5.el5_3.ia64.rpm php-pdo-5.1.6-23.5.el5_3.ia64.rpm php-pgsql-5.1.6-23.5.el5_3.ia64.rpm php-snmp-5.1.6-23.5.el5_3.ia64.rpm php-soap-5.1.6-23.5.el5_3.ia64.rpm php-xml-5.1.6-23.5.el5_3.ia64.rpm php-xmlrpc-5.1.6-23.5.el5_3.ia64.rpm
x86_64: php-5.1.6-23.5.el5_3.x86_64.rpm php-bcmath-5.1.6-23.5.el5_3.x86_64.rpm php-cli-5.1.6-23.5.el5_3.x86_64.rpm php-common-5.1.6-23.5.el5_3.x86_64.rpm php-dba-5.1.6-23.5.el5_3.x86_64.rpm php-debuginfo-5.1.6-23.5.el5_3.x86_64.rpm php-devel-5.1.6-23.5.el5_3.x86_64.rpm php-gd-5.1.6-23.5.el5_3.x86_64.rpm php-imap-5.1.6-23.5.el5_3.x86_64.rpm php-ldap-5.1.6-23.5.el5_3.x86_64.rpm php-mbstring-5.1.6-23.5.el5_3.x86_64.rpm php-mysql-5.1.6-23.5.el5_3.x86_64.rpm php-ncurses-5.1.6-23.5.el5_3.x86_64.rpm php-odbc-5.1.6-23.5.el5_3.x86_64.rpm php-pdo-5.1.6-23.5.el5_3.x86_64.rpm php-pgsql-5.1.6-23.5.el5_3.x86_64.rpm php-snmp-5.1.6-23.5.el5_3.x86_64.rpm php-soap-5.1.6-23.5.el5_3.x86_64.rpm php-xml-5.1.6-23.5.el5_3.x86_64.rpm php-xmlrpc-5.1.6-23.5.el5_3.x86_64.rpm
Red Hat Enterprise Linux EUS (v. 5.6 server):
Source: php-5.1.6-27.el5_6.6.src.rpm
i386: php-5.1.6-27.el5_6.6.i386.rpm php-bcmath-5.1.6-27.el5_6.6.i386.rpm php-cli-5.1.6-27.el5_6.6.i386.rpm php-common-5.1.6-27.el5_6.6.i386.rpm php-dba-5.1.6-27.el5_6.6.i386.rpm php-debuginfo-5.1.6-27.el5_6.6.i386.rpm php-devel-5.1.6-27.el5_6.6.i386.rpm php-gd-5.1.6-27.el5_6.6.i386.rpm php-imap-5.1.6-27.el5_6.6.i386.rpm php-ldap-5.1.6-27.el5_6.6.i386.rpm php-mbstring-5.1.6-27.el5_6.6.i386.rpm php-mysql-5.1.6-27.el5_6.6.i386.rpm php-ncurses-5.1.6-27.el5_6.6.i386.rpm php-odbc-5.1.6-27.el5_6.6.i386.rpm php-pdo-5.1.6-27.el5_6.6.i386.rpm php-pgsql-5.1.6-27.el5_6.6.i386.rpm php-snmp-5.1.6-27.el5_6.6.i386.rpm php-soap-5.1.6-27.el5_6.6.i386.rpm php-xml-5.1.6-27.el5_6.6.i386.rpm php-xmlrpc-5.1.6-27.el5_6.6.i386.rpm
ia64: php-5.1.6-27.el5_6.6.ia64.rpm php-bcmath-5.1.6-27.el5_6.6.ia64.rpm php-cli-5.1.6-27.el5_6.6.ia64.rpm php-common-5.1.6-27.el5_6.6.ia64.rpm php-dba-5.1.6-27.el5_6.6.ia64.rpm php-debuginfo-5.1.6-27.el5_6.6.ia64.rpm php-devel-5.1.6-27.el5_6.6.ia64.rpm php-gd-5.1.6-27.el5_6.6.ia64.rpm php-imap-5.1.6-27.el5_6.6.ia64.rpm php-ldap-5.1.6-27.el5_6.6.ia64.rpm php-mbstring-5.1.6-27.el5_6.6.ia64.rpm php-mysql-5.1.6-27.el5_6.6.ia64.rpm php-ncurses-5.1.6-27.el5_6.6.ia64.rpm php-odbc-5.1.6-27.el5_6.6.ia64.rpm php-pdo-5.1.6-27.el5_6.6.ia64.rpm php-pgsql-5.1.6-27.el5_6.6.ia64.rpm php-snmp-5.1.6-27.el5_6.6.ia64.rpm php-soap-5.1.6-27.el5_6.6.ia64.rpm php-xml-5.1.6-27.el5_6.6.ia64.rpm php-xmlrpc-5.1.6-27.el5_6.6.ia64.rpm
ppc: php-5.1.6-27.el5_6.6.ppc.rpm php-bcmath-5.1.6-27.el5_6.6.ppc.rpm php-cli-5.1.6-27.el5_6.6.ppc.rpm php-common-5.1.6-27.el5_6.6.ppc.rpm php-dba-5.1.6-27.el5_6.6.ppc.rpm php-debuginfo-5.1.6-27.el5_6.6.ppc.rpm php-devel-5.1.6-27.el5_6.6.ppc.rpm php-gd-5.1.6-27.el5_6.6.ppc.rpm php-imap-5.1.6-27.el5_6.6.ppc.rpm php-ldap-5.1.6-27.el5_6.6.ppc.rpm php-mbstring-5.1.6-27.el5_6.6.ppc.rpm php-mysql-5.1.6-27.el5_6.6.ppc.rpm php-ncurses-5.1.6-27.el5_6.6.ppc.rpm php-odbc-5.1.6-27.el5_6.6.ppc.rpm php-pdo-5.1.6-27.el5_6.6.ppc.rpm php-pgsql-5.1.6-27.el5_6.6.ppc.rpm php-snmp-5.1.6-27.el5_6.6.ppc.rpm php-soap-5.1.6-27.el5_6.6.ppc.rpm php-xml-5.1.6-27.el5_6.6.ppc.rpm php-xmlrpc-5.1.6-27.el5_6.6.ppc.rpm
s390x: php-5.1.6-27.el5_6.6.s390x.rpm php-bcmath-5.1.6-27.el5_6.6.s390x.rpm php-cli-5.1.6-27.el5_6.6.s390x.rpm php-common-5.1.6-27.el5_6.6.s390x.rpm php-dba-5.1.6-27.el5_6.6.s390x.rpm php-debuginfo-5.1.6-27.el5_6.6.s390x.rpm php-devel-5.1.6-27.el5_6.6.s390x.rpm php-gd-5.1.6-27.el5_6.6.s390x.rpm php-imap-5.1.6-27.el5_6.6.s390x.rpm php-ldap-5.1.6-27.el5_6.6.s390x.rpm php-mbstring-5.1.6-27.el5_6.6.s390x.rpm php-mysql-5.1.6-27.el5_6.6.s390x.rpm php-ncurses-5.1.6-27.el5_6.6.s390x.rpm php-odbc-5.1.6-27.el5_6.6.s390x.rpm php-pdo-5.1.6-27.el5_6.6.s390x.rpm php-pgsql-5.1.6-27.el5_6.6.s390x.rpm php-snmp-5.1.6-27.el5_6.6.s390x.rpm php-soap-5.1.6-27.el5_6.6.s390x.rpm php-xml-5.1.6-27.el5_6.6.s390x.rpm php-xmlrpc-5.1.6-27.el5_6.6.s390x.rpm
x86_64: php-5.1.6-27.el5_6.6.x86_64.rpm php-bcmath-5.1.6-27.el5_6.6.x86_64.rpm php-cli-5.1.6-27.el5_6.6.x86_64.rpm php-common-5.1.6-27.el5_6.6.x86_64.rpm php-dba-5.1.6-27.el5_6.6.x86_64.rpm php-debuginfo-5.1.6-27.el5_6.6.x86_64.rpm php-devel-5.1.6-27.el5_6.6.x86_64.rpm php-gd-5.1.6-27.el5_6.6.x86_64.rpm php-imap-5.1.6-27.el5_6.6.x86_64.rpm php-ldap-5.1.6-27.el5_6.6.x86_64.rpm php-mbstring-5.1.6-27.el5_6.6.x86_64.rpm php-mysql-5.1.6-27.el5_6.6.x86_64.rpm php-ncurses-5.1.6-27.el5_6.6.x86_64.rpm php-odbc-5.1.6-27.el5_6.6.x86_64.rpm php-pdo-5.1.6-27.el5_6.6.x86_64.rpm php-pgsql-5.1.6-27.el5_6.6.x86_64.rpm php-snmp-5.1.6-27.el5_6.6.x86_64.rpm php-soap-5.1.6-27.el5_6.6.x86_64.rpm php-xml-5.1.6-27.el5_6.6.x86_64.rpm php-xmlrpc-5.1.6-27.el5_6.6.x86_64.rpm
Red Hat Enterprise Linux EUS (v. 5.9 server):
Source: php-5.1.6-40.el5_9.1.src.rpm
i386: php-5.1.6-40.el5_9.1.i386.rpm php-bcmath-5.1.6-40.el5_9.1.i386.rpm php-cli-5.1.6-40.el5_9.1.i386.rpm php-common-5.1.6-40.el5_9.1.i386.rpm php-dba-5.1.6-40.el5_9.1.i386.rpm php-debuginfo-5.1.6-40.el5_9.1.i386.rpm php-devel-5.1.6-40.el5_9.1.i386.rpm php-gd-5.1.6-40.el5_9.1.i386.rpm php-imap-5.1.6-40.el5_9.1.i386.rpm php-ldap-5.1.6-40.el5_9.1.i386.rpm php-mbstring-5.1.6-40.el5_9.1.i386.rpm php-mysql-5.1.6-40.el5_9.1.i386.rpm php-ncurses-5.1.6-40.el5_9.1.i386.rpm php-odbc-5.1.6-40.el5_9.1.i386.rpm php-pdo-5.1.6-40.el5_9.1.i386.rpm php-pgsql-5.1.6-40.el5_9.1.i386.rpm php-snmp-5.1.6-40.el5_9.1.i386.rpm php-soap-5.1.6-40.el5_9.1.i386.rpm php-xml-5.1.6-40.el5_9.1.i386.rpm php-xmlrpc-5.1.6-40.el5_9.1.i386.rpm
ia64: php-5.1.6-40.el5_9.1.ia64.rpm php-bcmath-5.1.6-40.el5_9.1.ia64.rpm php-cli-5.1.6-40.el5_9.1.ia64.rpm php-common-5.1.6-40.el5_9.1.ia64.rpm php-dba-5.1.6-40.el5_9.1.ia64.rpm php-debuginfo-5.1.6-40.el5_9.1.ia64.rpm php-devel-5.1.6-40.el5_9.1.ia64.rpm php-gd-5.1.6-40.el5_9.1.ia64.rpm php-imap-5.1.6-40.el5_9.1.ia64.rpm php-ldap-5.1.6-40.el5_9.1.ia64.rpm php-mbstring-5.1.6-40.el5_9.1.ia64.rpm php-mysql-5.1.6-40.el5_9.1.ia64.rpm php-ncurses-5.1.6-40.el5_9.1.ia64.rpm php-odbc-5.1.6-40.el5_9.1.ia64.rpm php-pdo-5.1.6-40.el5_9.1.ia64.rpm php-pgsql-5.1.6-40.el5_9.1.ia64.rpm php-snmp-5.1.6-40.el5_9.1.ia64.rpm php-soap-5.1.6-40.el5_9.1.ia64.rpm php-xml-5.1.6-40.el5_9.1.ia64.rpm php-xmlrpc-5.1.6-40.el5_9.1.ia64.rpm
ppc: php-5.1.6-40.el5_9.1.ppc.rpm php-bcmath-5.1.6-40.el5_9.1.ppc.rpm php-cli-5.1.6-40.el5_9.1.ppc.rpm php-common-5.1.6-40.el5_9.1.ppc.rpm php-dba-5.1.6-40.el5_9.1.ppc.rpm php-debuginfo-5.1.6-40.el5_9.1.ppc.rpm php-devel-5.1.6-40.el5_9.1.ppc.rpm php-gd-5.1.6-40.el5_9.1.ppc.rpm php-imap-5.1.6-40.el5_9.1.ppc.rpm php-ldap-5.1.6-40.el5_9.1.ppc.rpm php-mbstring-5.1.6-40.el5_9.1.ppc.rpm php-mysql-5.1.6-40.el5_9.1.ppc.rpm php-ncurses-5.1.6-40.el5_9.1.ppc.rpm php-odbc-5.1.6-40.el5_9.1.ppc.rpm php-pdo-5.1.6-40.el5_9.1.ppc.rpm php-pgsql-5.1.6-40.el5_9.1.ppc.rpm php-snmp-5.1.6-40.el5_9.1.ppc.rpm php-soap-5.1.6-40.el5_9.1.ppc.rpm php-xml-5.1.6-40.el5_9.1.ppc.rpm php-xmlrpc-5.1.6-40.el5_9.1.ppc.rpm
s390x: php-5.1.6-40.el5_9.1.s390x.rpm php-bcmath-5.1.6-40.el5_9.1.s390x.rpm php-cli-5.1.6-40.el5_9.1.s390x.rpm php-common-5.1.6-40.el5_9.1.s390x.rpm php-dba-5.1.6-40.el5_9.1.s390x.rpm php-debuginfo-5.1.6-40.el5_9.1.s390x.rpm php-devel-5.1.6-40.el5_9.1.s390x.rpm php-gd-5.1.6-40.el5_9.1.s390x.rpm php-imap-5.1.6-40.el5_9.1.s390x.rpm php-ldap-5.1.6-40.el5_9.1.s390x.rpm php-mbstring-5.1.6-40.el5_9.1.s390x.rpm php-mysql-5.1.6-40.el5_9.1.s390x.rpm php-ncurses-5.1.6-40.el5_9.1.s390x.rpm php-odbc-5.1.6-40.el5_9.1.s390x.rpm php-pdo-5.1.6-40.el5_9.1.s390x.rpm php-pgsql-5.1.6-40.el5_9.1.s390x.rpm php-snmp-5.1.6-40.el5_9.1.s390x.rpm php-soap-5.1.6-40.el5_9.1.s390x.rpm php-xml-5.1.6-40.el5_9.1.s390x.rpm php-xmlrpc-5.1.6-40.el5_9.1.s390x.rpm
x86_64: php-5.1.6-40.el5_9.1.x86_64.rpm php-bcmath-5.1.6-40.el5_9.1.x86_64.rpm php-cli-5.1.6-40.el5_9.1.x86_64.rpm php-common-5.1.6-40.el5_9.1.x86_64.rpm php-dba-5.1.6-40.el5_9.1.x86_64.rpm php-debuginfo-5.1.6-40.el5_9.1.x86_64.rpm php-devel-5.1.6-40.el5_9.1.x86_64.rpm php-gd-5.1.6-40.el5_9.1.x86_64.rpm php-imap-5.1.6-40.el5_9.1.x86_64.rpm php-ldap-5.1.6-40.el5_9.1.x86_64.rpm php-mbstring-5.1.6-40.el5_9.1.x86_64.rpm php-mysql-5.1.6-40.el5_9.1.x86_64.rpm php-ncurses-5.1.6-40.el5_9.1.x86_64.rpm php-odbc-5.1.6-40.el5_9.1.x86_64.rpm php-pdo-5.1.6-40.el5_9.1.x86_64.rpm php-pgsql-5.1.6-40.el5_9.1.x86_64.rpm php-snmp-5.1.6-40.el5_9.1.x86_64.rpm php-soap-5.1.6-40.el5_9.1.x86_64.rpm php-xml-5.1.6-40.el5_9.1.x86_64.rpm php-xmlrpc-5.1.6-40.el5_9.1.x86_64.rpm
Red Hat Enterprise Linux Compute Node EUS (v. 6.2):
Source: php-5.3.3-3.el6_2.11.src.rpm
x86_64: php-cli-5.3.3-3.el6_2.11.x86_64.rpm php-common-5.3.3-3.el6_2.11.x86_64.rpm php-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm
Red Hat Enterprise Linux Compute Node EUS (v. 6.3):
Source: php-5.3.3-14.el6_3.3.src.rpm
x86_64: php-cli-5.3.3-14.el6_3.3.x86_64.rpm php-common-5.3.3-14.el6_3.3.x86_64.rpm php-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux HPC Node EUS (v. 6.4):
Source: php-5.3.3-23.el6_4.1.src.rpm
x86_64: php-cli-5.3.3-23.el6_4.1.x86_64.rpm php-common-5.3.3-23.el6_4.1.x86_64.rpm php-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.2):
Source: php-5.3.3-3.el6_2.11.src.rpm
x86_64: php-5.3.3-3.el6_2.11.x86_64.rpm php-bcmath-5.3.3-3.el6_2.11.x86_64.rpm php-dba-5.3.3-3.el6_2.11.x86_64.rpm php-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm php-devel-5.3.3-3.el6_2.11.x86_64.rpm php-embedded-5.3.3-3.el6_2.11.x86_64.rpm php-enchant-5.3.3-3.el6_2.11.x86_64.rpm php-gd-5.3.3-3.el6_2.11.x86_64.rpm php-imap-5.3.3-3.el6_2.11.x86_64.rpm php-intl-5.3.3-3.el6_2.11.x86_64.rpm php-ldap-5.3.3-3.el6_2.11.x86_64.rpm php-mbstring-5.3.3-3.el6_2.11.x86_64.rpm php-mysql-5.3.3-3.el6_2.11.x86_64.rpm php-odbc-5.3.3-3.el6_2.11.x86_64.rpm php-pdo-5.3.3-3.el6_2.11.x86_64.rpm php-pgsql-5.3.3-3.el6_2.11.x86_64.rpm php-process-5.3.3-3.el6_2.11.x86_64.rpm php-pspell-5.3.3-3.el6_2.11.x86_64.rpm php-recode-5.3.3-3.el6_2.11.x86_64.rpm php-snmp-5.3.3-3.el6_2.11.x86_64.rpm php-soap-5.3.3-3.el6_2.11.x86_64.rpm php-tidy-5.3.3-3.el6_2.11.x86_64.rpm php-xml-5.3.3-3.el6_2.11.x86_64.rpm php-xmlrpc-5.3.3-3.el6_2.11.x86_64.rpm php-zts-5.3.3-3.el6_2.11.x86_64.rpm
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.3) :
Source: php-5.3.3-14.el6_3.3.src.rpm
x86_64: php-5.3.3-14.el6_3.3.x86_64.rpm php-bcmath-5.3.3-14.el6_3.3.x86_64.rpm php-dba-5.3.3-14.el6_3.3.x86_64.rpm php-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm php-devel-5.3.3-14.el6_3.3.x86_64.rpm php-embedded-5.3.3-14.el6_3.3.x86_64.rpm php-enchant-5.3.3-14.el6_3.3.x86_64.rpm php-gd-5.3.3-14.el6_3.3.x86_64.rpm php-imap-5.3.3-14.el6_3.3.x86_64.rpm php-intl-5.3.3-14.el6_3.3.x86_64.rpm php-ldap-5.3.3-14.el6_3.3.x86_64.rpm php-mbstring-5.3.3-14.el6_3.3.x86_64.rpm php-mysql-5.3.3-14.el6_3.3.x86_64.rpm php-odbc-5.3.3-14.el6_3.3.x86_64.rpm php-pdo-5.3.3-14.el6_3.3.x86_64.rpm php-pgsql-5.3.3-14.el6_3.3.x86_64.rpm php-process-5.3.3-14.el6_3.3.x86_64.rpm php-pspell-5.3.3-14.el6_3.3.x86_64.rpm php-recode-5.3.3-14.el6_3.3.x86_64.rpm php-snmp-5.3.3-14.el6_3.3.x86_64.rpm php-soap-5.3.3-14.el6_3.3.x86_64.rpm php-tidy-5.3.3-14.el6_3.3.x86_64.rpm php-xml-5.3.3-14.el6_3.3.x86_64.rpm php-xmlrpc-5.3.3-14.el6_3.3.x86_64.rpm php-zts-5.3.3-14.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Compute Node Optional EUS (v. 6.4):
Source: php-5.3.3-23.el6_4.1.src.rpm
x86_64: php-5.3.3-23.el6_4.1.x86_64.rpm php-bcmath-5.3.3-23.el6_4.1.x86_64.rpm php-dba-5.3.3-23.el6_4.1.x86_64.rpm php-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm php-devel-5.3.3-23.el6_4.1.x86_64.rpm php-embedded-5.3.3-23.el6_4.1.x86_64.rpm php-enchant-5.3.3-23.el6_4.1.x86_64.rpm php-fpm-5.3.3-23.el6_4.1.x86_64.rpm php-gd-5.3.3-23.el6_4.1.x86_64.rpm php-imap-5.3.3-23.el6_4.1.x86_64.rpm php-intl-5.3.3-23.el6_4.1.x86_64.rpm php-ldap-5.3.3-23.el6_4.1.x86_64.rpm php-mbstring-5.3.3-23.el6_4.1.x86_64.rpm php-mysql-5.3.3-23.el6_4.1.x86_64.rpm php-odbc-5.3.3-23.el6_4.1.x86_64.rpm php-pdo-5.3.3-23.el6_4.1.x86_64.rpm php-pgsql-5.3.3-23.el6_4.1.x86_64.rpm php-process-5.3.3-23.el6_4.1.x86_64.rpm php-pspell-5.3.3-23.el6_4.1.x86_64.rpm php-recode-5.3.3-23.el6_4.1.x86_64.rpm php-snmp-5.3.3-23.el6_4.1.x86_64.rpm php-soap-5.3.3-23.el6_4.1.x86_64.rpm php-tidy-5.3.3-23.el6_4.1.x86_64.rpm php-xml-5.3.3-23.el6_4.1.x86_64.rpm php-xmlrpc-5.3.3-23.el6_4.1.x86_64.rpm php-zts-5.3.3-23.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.2):
Source: php-5.3.3-3.el6_2.11.src.rpm
i386: php-5.3.3-3.el6_2.11.i686.rpm php-cli-5.3.3-3.el6_2.11.i686.rpm php-common-5.3.3-3.el6_2.11.i686.rpm php-debuginfo-5.3.3-3.el6_2.11.i686.rpm php-gd-5.3.3-3.el6_2.11.i686.rpm php-ldap-5.3.3-3.el6_2.11.i686.rpm php-mysql-5.3.3-3.el6_2.11.i686.rpm php-odbc-5.3.3-3.el6_2.11.i686.rpm php-pdo-5.3.3-3.el6_2.11.i686.rpm php-pgsql-5.3.3-3.el6_2.11.i686.rpm php-soap-5.3.3-3.el6_2.11.i686.rpm php-xml-5.3.3-3.el6_2.11.i686.rpm php-xmlrpc-5.3.3-3.el6_2.11.i686.rpm
ppc64: php-5.3.3-3.el6_2.11.ppc64.rpm php-cli-5.3.3-3.el6_2.11.ppc64.rpm php-common-5.3.3-3.el6_2.11.ppc64.rpm php-debuginfo-5.3.3-3.el6_2.11.ppc64.rpm php-gd-5.3.3-3.el6_2.11.ppc64.rpm php-ldap-5.3.3-3.el6_2.11.ppc64.rpm php-mysql-5.3.3-3.el6_2.11.ppc64.rpm php-odbc-5.3.3-3.el6_2.11.ppc64.rpm php-pdo-5.3.3-3.el6_2.11.ppc64.rpm php-pgsql-5.3.3-3.el6_2.11.ppc64.rpm php-soap-5.3.3-3.el6_2.11.ppc64.rpm php-xml-5.3.3-3.el6_2.11.ppc64.rpm php-xmlrpc-5.3.3-3.el6_2.11.ppc64.rpm
s390x: php-5.3.3-3.el6_2.11.s390x.rpm php-cli-5.3.3-3.el6_2.11.s390x.rpm php-common-5.3.3-3.el6_2.11.s390x.rpm php-debuginfo-5.3.3-3.el6_2.11.s390x.rpm php-gd-5.3.3-3.el6_2.11.s390x.rpm php-ldap-5.3.3-3.el6_2.11.s390x.rpm php-mysql-5.3.3-3.el6_2.11.s390x.rpm php-odbc-5.3.3-3.el6_2.11.s390x.rpm php-pdo-5.3.3-3.el6_2.11.s390x.rpm php-pgsql-5.3.3-3.el6_2.11.s390x.rpm php-soap-5.3.3-3.el6_2.11.s390x.rpm php-xml-5.3.3-3.el6_2.11.s390x.rpm php-xmlrpc-5.3.3-3.el6_2.11.s390x.rpm
x86_64: php-5.3.3-3.el6_2.11.x86_64.rpm php-cli-5.3.3-3.el6_2.11.x86_64.rpm php-common-5.3.3-3.el6_2.11.x86_64.rpm php-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm php-gd-5.3.3-3.el6_2.11.x86_64.rpm php-ldap-5.3.3-3.el6_2.11.x86_64.rpm php-mysql-5.3.3-3.el6_2.11.x86_64.rpm php-odbc-5.3.3-3.el6_2.11.x86_64.rpm php-pdo-5.3.3-3.el6_2.11.x86_64.rpm php-pgsql-5.3.3-3.el6_2.11.x86_64.rpm php-soap-5.3.3-3.el6_2.11.x86_64.rpm php-xml-5.3.3-3.el6_2.11.x86_64.rpm php-xmlrpc-5.3.3-3.el6_2.11.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.3):
Source: php-5.3.3-14.el6_3.3.src.rpm
i386: php-5.3.3-14.el6_3.3.i686.rpm php-cli-5.3.3-14.el6_3.3.i686.rpm php-common-5.3.3-14.el6_3.3.i686.rpm php-debuginfo-5.3.3-14.el6_3.3.i686.rpm php-gd-5.3.3-14.el6_3.3.i686.rpm php-ldap-5.3.3-14.el6_3.3.i686.rpm php-mysql-5.3.3-14.el6_3.3.i686.rpm php-odbc-5.3.3-14.el6_3.3.i686.rpm php-pdo-5.3.3-14.el6_3.3.i686.rpm php-pgsql-5.3.3-14.el6_3.3.i686.rpm php-soap-5.3.3-14.el6_3.3.i686.rpm php-xml-5.3.3-14.el6_3.3.i686.rpm php-xmlrpc-5.3.3-14.el6_3.3.i686.rpm
ppc64: php-5.3.3-14.el6_3.3.ppc64.rpm php-cli-5.3.3-14.el6_3.3.ppc64.rpm php-common-5.3.3-14.el6_3.3.ppc64.rpm php-debuginfo-5.3.3-14.el6_3.3.ppc64.rpm php-gd-5.3.3-14.el6_3.3.ppc64.rpm php-ldap-5.3.3-14.el6_3.3.ppc64.rpm php-mysql-5.3.3-14.el6_3.3.ppc64.rpm php-odbc-5.3.3-14.el6_3.3.ppc64.rpm php-pdo-5.3.3-14.el6_3.3.ppc64.rpm php-pgsql-5.3.3-14.el6_3.3.ppc64.rpm php-soap-5.3.3-14.el6_3.3.ppc64.rpm php-xml-5.3.3-14.el6_3.3.ppc64.rpm php-xmlrpc-5.3.3-14.el6_3.3.ppc64.rpm
s390x: php-5.3.3-14.el6_3.3.s390x.rpm php-cli-5.3.3-14.el6_3.3.s390x.rpm php-common-5.3.3-14.el6_3.3.s390x.rpm php-debuginfo-5.3.3-14.el6_3.3.s390x.rpm php-gd-5.3.3-14.el6_3.3.s390x.rpm php-ldap-5.3.3-14.el6_3.3.s390x.rpm php-mysql-5.3.3-14.el6_3.3.s390x.rpm php-odbc-5.3.3-14.el6_3.3.s390x.rpm php-pdo-5.3.3-14.el6_3.3.s390x.rpm php-pgsql-5.3.3-14.el6_3.3.s390x.rpm php-soap-5.3.3-14.el6_3.3.s390x.rpm php-xml-5.3.3-14.el6_3.3.s390x.rpm php-xmlrpc-5.3.3-14.el6_3.3.s390x.rpm
x86_64: php-5.3.3-14.el6_3.3.x86_64.rpm php-cli-5.3.3-14.el6_3.3.x86_64.rpm php-common-5.3.3-14.el6_3.3.x86_64.rpm php-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm php-gd-5.3.3-14.el6_3.3.x86_64.rpm php-ldap-5.3.3-14.el6_3.3.x86_64.rpm php-mysql-5.3.3-14.el6_3.3.x86_64.rpm php-odbc-5.3.3-14.el6_3.3.x86_64.rpm php-pdo-5.3.3-14.el6_3.3.x86_64.rpm php-pgsql-5.3.3-14.el6_3.3.x86_64.rpm php-soap-5.3.3-14.el6_3.3.x86_64.rpm php-xml-5.3.3-14.el6_3.3.x86_64.rpm php-xmlrpc-5.3.3-14.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Server EUS (v. 6.4):
Source: php-5.3.3-23.el6_4.1.src.rpm
i386: php-5.3.3-23.el6_4.1.i686.rpm php-cli-5.3.3-23.el6_4.1.i686.rpm php-common-5.3.3-23.el6_4.1.i686.rpm php-debuginfo-5.3.3-23.el6_4.1.i686.rpm php-gd-5.3.3-23.el6_4.1.i686.rpm php-ldap-5.3.3-23.el6_4.1.i686.rpm php-mysql-5.3.3-23.el6_4.1.i686.rpm php-odbc-5.3.3-23.el6_4.1.i686.rpm php-pdo-5.3.3-23.el6_4.1.i686.rpm php-pgsql-5.3.3-23.el6_4.1.i686.rpm php-soap-5.3.3-23.el6_4.1.i686.rpm php-xml-5.3.3-23.el6_4.1.i686.rpm php-xmlrpc-5.3.3-23.el6_4.1.i686.rpm
ppc64: php-5.3.3-23.el6_4.1.ppc64.rpm php-cli-5.3.3-23.el6_4.1.ppc64.rpm php-common-5.3.3-23.el6_4.1.ppc64.rpm php-debuginfo-5.3.3-23.el6_4.1.ppc64.rpm php-gd-5.3.3-23.el6_4.1.ppc64.rpm php-ldap-5.3.3-23.el6_4.1.ppc64.rpm php-mysql-5.3.3-23.el6_4.1.ppc64.rpm php-odbc-5.3.3-23.el6_4.1.ppc64.rpm php-pdo-5.3.3-23.el6_4.1.ppc64.rpm php-pgsql-5.3.3-23.el6_4.1.ppc64.rpm php-soap-5.3.3-23.el6_4.1.ppc64.rpm php-xml-5.3.3-23.el6_4.1.ppc64.rpm php-xmlrpc-5.3.3-23.el6_4.1.ppc64.rpm
s390x: php-5.3.3-23.el6_4.1.s390x.rpm php-cli-5.3.3-23.el6_4.1.s390x.rpm php-common-5.3.3-23.el6_4.1.s390x.rpm php-debuginfo-5.3.3-23.el6_4.1.s390x.rpm php-gd-5.3.3-23.el6_4.1.s390x.rpm php-ldap-5.3.3-23.el6_4.1.s390x.rpm php-mysql-5.3.3-23.el6_4.1.s390x.rpm php-odbc-5.3.3-23.el6_4.1.s390x.rpm php-pdo-5.3.3-23.el6_4.1.s390x.rpm php-pgsql-5.3.3-23.el6_4.1.s390x.rpm php-soap-5.3.3-23.el6_4.1.s390x.rpm php-xml-5.3.3-23.el6_4.1.s390x.rpm php-xmlrpc-5.3.3-23.el6_4.1.s390x.rpm
x86_64: php-5.3.3-23.el6_4.1.x86_64.rpm php-cli-5.3.3-23.el6_4.1.x86_64.rpm php-common-5.3.3-23.el6_4.1.x86_64.rpm php-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm php-gd-5.3.3-23.el6_4.1.x86_64.rpm php-ldap-5.3.3-23.el6_4.1.x86_64.rpm php-mysql-5.3.3-23.el6_4.1.x86_64.rpm php-odbc-5.3.3-23.el6_4.1.x86_64.rpm php-pdo-5.3.3-23.el6_4.1.x86_64.rpm php-pgsql-5.3.3-23.el6_4.1.x86_64.rpm php-soap-5.3.3-23.el6_4.1.x86_64.rpm php-xml-5.3.3-23.el6_4.1.x86_64.rpm php-xmlrpc-5.3.3-23.el6_4.1.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.2):
Source: php-5.3.3-3.el6_2.11.src.rpm
i386: php-bcmath-5.3.3-3.el6_2.11.i686.rpm php-dba-5.3.3-3.el6_2.11.i686.rpm php-debuginfo-5.3.3-3.el6_2.11.i686.rpm php-devel-5.3.3-3.el6_2.11.i686.rpm php-embedded-5.3.3-3.el6_2.11.i686.rpm php-enchant-5.3.3-3.el6_2.11.i686.rpm php-imap-5.3.3-3.el6_2.11.i686.rpm php-intl-5.3.3-3.el6_2.11.i686.rpm php-mbstring-5.3.3-3.el6_2.11.i686.rpm php-process-5.3.3-3.el6_2.11.i686.rpm php-pspell-5.3.3-3.el6_2.11.i686.rpm php-recode-5.3.3-3.el6_2.11.i686.rpm php-snmp-5.3.3-3.el6_2.11.i686.rpm php-tidy-5.3.3-3.el6_2.11.i686.rpm php-zts-5.3.3-3.el6_2.11.i686.rpm
ppc64: php-bcmath-5.3.3-3.el6_2.11.ppc64.rpm php-dba-5.3.3-3.el6_2.11.ppc64.rpm php-debuginfo-5.3.3-3.el6_2.11.ppc64.rpm php-devel-5.3.3-3.el6_2.11.ppc64.rpm php-embedded-5.3.3-3.el6_2.11.ppc64.rpm php-enchant-5.3.3-3.el6_2.11.ppc64.rpm php-imap-5.3.3-3.el6_2.11.ppc64.rpm php-intl-5.3.3-3.el6_2.11.ppc64.rpm php-mbstring-5.3.3-3.el6_2.11.ppc64.rpm php-process-5.3.3-3.el6_2.11.ppc64.rpm php-pspell-5.3.3-3.el6_2.11.ppc64.rpm php-recode-5.3.3-3.el6_2.11.ppc64.rpm php-snmp-5.3.3-3.el6_2.11.ppc64.rpm php-tidy-5.3.3-3.el6_2.11.ppc64.rpm php-zts-5.3.3-3.el6_2.11.ppc64.rpm
s390x: php-bcmath-5.3.3-3.el6_2.11.s390x.rpm php-dba-5.3.3-3.el6_2.11.s390x.rpm php-debuginfo-5.3.3-3.el6_2.11.s390x.rpm php-devel-5.3.3-3.el6_2.11.s390x.rpm php-embedded-5.3.3-3.el6_2.11.s390x.rpm php-enchant-5.3.3-3.el6_2.11.s390x.rpm php-imap-5.3.3-3.el6_2.11.s390x.rpm php-intl-5.3.3-3.el6_2.11.s390x.rpm php-mbstring-5.3.3-3.el6_2.11.s390x.rpm php-process-5.3.3-3.el6_2.11.s390x.rpm php-pspell-5.3.3-3.el6_2.11.s390x.rpm php-recode-5.3.3-3.el6_2.11.s390x.rpm php-snmp-5.3.3-3.el6_2.11.s390x.rpm php-tidy-5.3.3-3.el6_2.11.s390x.rpm php-zts-5.3.3-3.el6_2.11.s390x.rpm
x86_64: php-bcmath-5.3.3-3.el6_2.11.x86_64.rpm php-dba-5.3.3-3.el6_2.11.x86_64.rpm php-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm php-devel-5.3.3-3.el6_2.11.x86_64.rpm php-embedded-5.3.3-3.el6_2.11.x86_64.rpm php-enchant-5.3.3-3.el6_2.11.x86_64.rpm php-imap-5.3.3-3.el6_2.11.x86_64.rpm php-intl-5.3.3-3.el6_2.11.x86_64.rpm php-mbstring-5.3.3-3.el6_2.11.x86_64.rpm php-process-5.3.3-3.el6_2.11.x86_64.rpm php-pspell-5.3.3-3.el6_2.11.x86_64.rpm php-recode-5.3.3-3.el6_2.11.x86_64.rpm php-snmp-5.3.3-3.el6_2.11.x86_64.rpm php-tidy-5.3.3-3.el6_2.11.x86_64.rpm php-zts-5.3.3-3.el6_2.11.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.3):
Source: php-5.3.3-14.el6_3.3.src.rpm
i386: php-bcmath-5.3.3-14.el6_3.3.i686.rpm php-dba-5.3.3-14.el6_3.3.i686.rpm php-debuginfo-5.3.3-14.el6_3.3.i686.rpm php-devel-5.3.3-14.el6_3.3.i686.rpm php-embedded-5.3.3-14.el6_3.3.i686.rpm php-enchant-5.3.3-14.el6_3.3.i686.rpm php-imap-5.3.3-14.el6_3.3.i686.rpm php-intl-5.3.3-14.el6_3.3.i686.rpm php-mbstring-5.3.3-14.el6_3.3.i686.rpm php-process-5.3.3-14.el6_3.3.i686.rpm php-pspell-5.3.3-14.el6_3.3.i686.rpm php-recode-5.3.3-14.el6_3.3.i686.rpm php-snmp-5.3.3-14.el6_3.3.i686.rpm php-tidy-5.3.3-14.el6_3.3.i686.rpm php-zts-5.3.3-14.el6_3.3.i686.rpm
ppc64: php-bcmath-5.3.3-14.el6_3.3.ppc64.rpm php-dba-5.3.3-14.el6_3.3.ppc64.rpm php-debuginfo-5.3.3-14.el6_3.3.ppc64.rpm php-devel-5.3.3-14.el6_3.3.ppc64.rpm php-embedded-5.3.3-14.el6_3.3.ppc64.rpm php-enchant-5.3.3-14.el6_3.3.ppc64.rpm php-imap-5.3.3-14.el6_3.3.ppc64.rpm php-intl-5.3.3-14.el6_3.3.ppc64.rpm php-mbstring-5.3.3-14.el6_3.3.ppc64.rpm php-process-5.3.3-14.el6_3.3.ppc64.rpm php-pspell-5.3.3-14.el6_3.3.ppc64.rpm php-recode-5.3.3-14.el6_3.3.ppc64.rpm php-snmp-5.3.3-14.el6_3.3.ppc64.rpm php-tidy-5.3.3-14.el6_3.3.ppc64.rpm php-zts-5.3.3-14.el6_3.3.ppc64.rpm
s390x: php-bcmath-5.3.3-14.el6_3.3.s390x.rpm php-dba-5.3.3-14.el6_3.3.s390x.rpm php-debuginfo-5.3.3-14.el6_3.3.s390x.rpm php-devel-5.3.3-14.el6_3.3.s390x.rpm php-embedded-5.3.3-14.el6_3.3.s390x.rpm php-enchant-5.3.3-14.el6_3.3.s390x.rpm php-imap-5.3.3-14.el6_3.3.s390x.rpm php-intl-5.3.3-14.el6_3.3.s390x.rpm php-mbstring-5.3.3-14.el6_3.3.s390x.rpm php-process-5.3.3-14.el6_3.3.s390x.rpm php-pspell-5.3.3-14.el6_3.3.s390x.rpm php-recode-5.3.3-14.el6_3.3.s390x.rpm php-snmp-5.3.3-14.el6_3.3.s390x.rpm php-tidy-5.3.3-14.el6_3.3.s390x.rpm php-zts-5.3.3-14.el6_3.3.s390x.rpm
x86_64: php-bcmath-5.3.3-14.el6_3.3.x86_64.rpm php-dba-5.3.3-14.el6_3.3.x86_64.rpm php-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm php-devel-5.3.3-14.el6_3.3.x86_64.rpm php-embedded-5.3.3-14.el6_3.3.x86_64.rpm php-enchant-5.3.3-14.el6_3.3.x86_64.rpm php-imap-5.3.3-14.el6_3.3.x86_64.rpm php-intl-5.3.3-14.el6_3.3.x86_64.rpm php-mbstring-5.3.3-14.el6_3.3.x86_64.rpm php-process-5.3.3-14.el6_3.3.x86_64.rpm php-pspell-5.3.3-14.el6_3.3.x86_64.rpm php-recode-5.3.3-14.el6_3.3.x86_64.rpm php-snmp-5.3.3-14.el6_3.3.x86_64.rpm php-tidy-5.3.3-14.el6_3.3.x86_64.rpm php-zts-5.3.3-14.el6_3.3.x86_64.rpm
Red Hat Enterprise Linux Server Optional EUS (v. 6.4):
Source: php-5.3.3-23.el6_4.1.src.rpm
i386: php-bcmath-5.3.3-23.el6_4.1.i686.rpm php-dba-5.3.3-23.el6_4.1.i686.rpm php-debuginfo-5.3.3-23.el6_4.1.i686.rpm php-devel-5.3.3-23.el6_4.1.i686.rpm php-embedded-5.3.3-23.el6_4.1.i686.rpm php-enchant-5.3.3-23.el6_4.1.i686.rpm php-fpm-5.3.3-23.el6_4.1.i686.rpm php-imap-5.3.3-23.el6_4.1.i686.rpm php-intl-5.3.3-23.el6_4.1.i686.rpm php-mbstring-5.3.3-23.el6_4.1.i686.rpm php-process-5.3.3-23.el6_4.1.i686.rpm php-pspell-5.3.3-23.el6_4.1.i686.rpm php-recode-5.3.3-23.el6_4.1.i686.rpm php-snmp-5.3.3-23.el6_4.1.i686.rpm php-tidy-5.3.3-23.el6_4.1.i686.rpm php-zts-5.3.3-23.el6_4.1.i686.rpm
ppc64: php-bcmath-5.3.3-23.el6_4.1.ppc64.rpm php-dba-5.3.3-23.el6_4.1.ppc64.rpm php-debuginfo-5.3.3-23.el6_4.1.ppc64.rpm php-devel-5.3.3-23.el6_4.1.ppc64.rpm php-embedded-5.3.3-23.el6_4.1.ppc64.rpm php-enchant-5.3.3-23.el6_4.1.ppc64.rpm php-fpm-5.3.3-23.el6_4.1.ppc64.rpm php-imap-5.3.3-23.el6_4.1.ppc64.rpm php-intl-5.3.3-23.el6_4.1.ppc64.rpm php-mbstring-5.3.3-23.el6_4.1.ppc64.rpm php-process-5.3.3-23.el6_4.1.ppc64.rpm php-pspell-5.3.3-23.el6_4.1.ppc64.rpm php-recode-5.3.3-23.el6_4.1.ppc64.rpm php-snmp-5.3.3-23.el6_4.1.ppc64.rpm php-tidy-5.3.3-23.el6_4.1.ppc64.rpm php-zts-5.3.3-23.el6_4.1.ppc64.rpm
s390x: php-bcmath-5.3.3-23.el6_4.1.s390x.rpm php-dba-5.3.3-23.el6_4.1.s390x.rpm php-debuginfo-5.3.3-23.el6_4.1.s390x.rpm php-devel-5.3.3-23.el6_4.1.s390x.rpm php-embedded-5.3.3-23.el6_4.1.s390x.rpm php-enchant-5.3.3-23.el6_4.1.s390x.rpm php-fpm-5.3.3-23.el6_4.1.s390x.rpm php-imap-5.3.3-23.el6_4.1.s390x.rpm php-intl-5.3.3-23.el6_4.1.s390x.rpm php-mbstring-5.3.3-23.el6_4.1.s390x.rpm php-process-5.3.3-23.el6_4.1.s390x.rpm php-pspell-5.3.3-23.el6_4.1.s390x.rpm php-recode-5.3.3-23.el6_4.1.s390x.rpm php-snmp-5.3.3-23.el6_4.1.s390x.rpm php-tidy-5.3.3-23.el6_4.1.s390x.rpm php-zts-5.3.3-23.el6_4.1.s390x.rpm
x86_64: php-bcmath-5.3.3-23.el6_4.1.x86_64.rpm php-dba-5.3.3-23.el6_4.1.x86_64.rpm php-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm php-devel-5.3.3-23.el6_4.1.x86_64.rpm php-embedded-5.3.3-23.el6_4.1.x86_64.rpm php-enchant-5.3.3-23.el6_4.1.x86_64.rpm php-fpm-5.3.3-23.el6_4.1.x86_64.rpm php-imap-5.3.3-23.el6_4.1.x86_64.rpm php-intl-5.3.3-23.el6_4.1.x86_64.rpm php-mbstring-5.3.3-23.el6_4.1.x86_64.rpm php-process-5.3.3-23.el6_4.1.x86_64.rpm php-pspell-5.3.3-23.el6_4.1.x86_64.rpm php-recode-5.3.3-23.el6_4.1.x86_64.rpm php-snmp-5.3.3-23.el6_4.1.x86_64.rpm php-tidy-5.3.3-23.el6_4.1.x86_64.rpm php-zts-5.3.3-23.el6_4.1.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/#package
- References:
https://www.redhat.com/security/data/cve/CVE-2013-6420.html https://access.redhat.com/security/updates/classification/#critical
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2013 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.4 (GNU/Linux)
iD8DBQFSqKLhXlSAg2UNWIIRAnSIAKCghJudv/nUjGlRyial77jiDvzgOACghRSP XX2uwN0qecAwBgiL2cJNyh4= =6m6W -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201312-0207",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.4"
},
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.6"
},
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.2"
},
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.1"
},
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.5"
},
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.3"
},
{
"model": "php",
"scope": "eq",
"trust": 1.6,
"vendor": "php",
"version": "5.5.0"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.4.3"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.4.2"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.4.1"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.13"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.12"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.9"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.8"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.7"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.6"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.5"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.2"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.1"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.4"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.3"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.11"
},
{
"model": "php",
"scope": "eq",
"trust": 1.3,
"vendor": "php",
"version": "5.3.10"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.21"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.22"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.15"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "13.1"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.4"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.19"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.25"
},
{
"model": "mac os x",
"scope": "lte",
"trust": 1.0,
"vendor": "apple",
"version": "10.9.1"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.22"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.2"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.11"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.17"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.0"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.16"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.17"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.20"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.14"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.18"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.23"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.16"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.10"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.18"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.9"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.19"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "12.3"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.14"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.12"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.8"
},
{
"model": "php",
"scope": "lte",
"trust": 1.0,
"vendor": "php",
"version": "5.3.27"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.5"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.15"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.20"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.7"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 1.0,
"vendor": "opensuse",
"version": "11.4"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.0"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.21"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.24"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.13"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.3.26"
},
{
"model": "php",
"scope": "eq",
"trust": 1.0,
"vendor": "php",
"version": "5.4.6"
},
{
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.4.23"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.8.5"
},
{
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.9.1"
},
{
"model": "mac os x server",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.5"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.9"
},
{
"model": "php",
"scope": "eq",
"trust": 0.8,
"vendor": "the php group",
"version": "5.5.7"
},
{
"model": "php",
"scope": "lt",
"trust": 0.8,
"vendor": "the php group",
"version": "5.4.x"
},
{
"model": "mac os x",
"scope": "eq",
"trust": 0.8,
"vendor": "apple",
"version": "v10.7.5"
},
{
"model": "linux lts",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "10.04"
},
{
"model": "linux enterprise server sp3 ltss",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"model": "opensuse",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "11.4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"model": "enterprise linux desktop workstation client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"model": "hat enterprise linux workstation",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux hpc node",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "6"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "4"
},
{
"model": "hat enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "3"
},
{
"model": "hat enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "red",
"version": "5"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.3"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.17"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.15"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.13"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.12"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.11"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.10"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.9"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.8"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.7"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.6"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.5"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.4"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.3"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.2"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.1.6"
},
{
"model": "php",
"scope": "eq",
"trust": 0.3,
"vendor": "php",
"version": "5.2.14"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6.2"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "6"
},
{
"model": "enterprise linux",
"scope": "eq",
"trust": 0.3,
"vendor": "oracle",
"version": "5"
},
{
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "6"
},
{
"model": "centos",
"scope": "eq",
"trust": 0.3,
"vendor": "centos",
"version": "5"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.2"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1.1"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"model": "voice portal sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.1"
},
{
"model": "ip office application server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "8.0"
},
{
"model": "aura session manager sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura session manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura messaging",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura experience portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.2"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura communication manager utility services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0.1"
},
{
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.1"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.3"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.2"
},
{
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
}
],
"sources": [
{
"db": "BID",
"id": "64225"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"cpe_match": [
{
"cpe22Uri": "cpe:/a:php:php",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x",
"vulnerable": true
},
{
"cpe22Uri": "cpe:/o:apple:mac_os_x_server",
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "124383"
},
{
"db": "PACKETSTORM",
"id": "124382"
},
{
"db": "PACKETSTORM",
"id": "124389"
},
{
"db": "PACKETSTORM",
"id": "124390"
}
],
"trust": 0.4
},
"cve": "CVE-2013-6420",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "CVE-2013-6420",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 1.8,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-66422",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2013-6420",
"trust": 1.0,
"value": "HIGH"
},
{
"author": "NVD",
"id": "CVE-2013-6420",
"trust": 0.8,
"value": "High"
},
{
"author": "CNNVD",
"id": "CNNVD-201312-348",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-66422",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66422"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP before 5.3.28, 5.4.x before 5.4.23, and 5.5.x before 5.5.7 does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certificates, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted certificate that is not properly handled by the openssl_x509_parse function. PHP is prone to a remote memory-corruption vulnerability. \nAttackers can exploit this issue to run arbitrary code within the context of the PHP process. Failed exploit attempts may result in a denial-of-service condition. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. The vulnerability is caused by the openssl_x509_parse() function not correctly parsing the notBefore and notAfter timestamps in the X.509 certificate. The following versions are affected: PHP prior to 5.3.28, 5.4.x prior to 5.4.23, 5.5.x prior to 5.5.7. 6) - x86_64\nRHEL Desktop Workstation (v. ============================================================================\nUbuntu Security Notice USN-2055-1\nDecember 12, 2013\n\nphp5 vulnerabilities\n============================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 13.10\n- Ubuntu 13.04\n- Ubuntu 12.10\n- Ubuntu 12.04 LTS\n- Ubuntu 10.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. (CVE-2013-6420)\n\nIt was discovered that PHP incorrectly handled DateInterval objects. (CVE-2013-6712)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 13.10:\n libapache2-mod-php5 5.5.3+dfsg-1ubuntu2.1\n php5-cgi 5.5.3+dfsg-1ubuntu2.1\n php5-cli 5.5.3+dfsg-1ubuntu2.1\n\nUbuntu 13.04:\n libapache2-mod-php5 5.4.9-4ubuntu2.4\n php5-cgi 5.4.9-4ubuntu2.4\n php5-cli 5.4.9-4ubuntu2.4\n\nUbuntu 12.10:\n libapache2-mod-php5 5.4.6-1ubuntu1.5\n php5-cgi 5.4.6-1ubuntu1.5\n php5-cli 5.4.6-1ubuntu1.5\n\nUbuntu 12.04 LTS:\n libapache2-mod-php5 5.3.10-1ubuntu3.9\n php5-cgi 5.3.10-1ubuntu3.9\n php5-cli 5.3.10-1ubuntu3.9\n\nUbuntu 10.04 LTS:\n libapache2-mod-php5 5.3.2-1ubuntu4.22\n php5-cgi 5.3.2-1ubuntu4.22\n php5-cli 5.3.2-1ubuntu4.22\n\nIn general, a standard system update will make all the necessary changes. \n\n\nHere are the details from the Slackware 14.1 ChangeLog:\n+--------------------------+\npatches/packages/php-5.4.24-i486-1_slack14.1.txz: Upgraded. \n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6420\n (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.4.24-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.4.24-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.4.24-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.4.24-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.4.24-i486-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.4.24-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\n1c864df50286602ccb2d3efbabb9d7ec php-5.4.24-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\ncc0f365855b83708c82a84ea44a4ad21 php-5.4.24-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\n1091912280ef2fbe271da2aa304dba36 php-5.4.24-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n22b91ef0428a15b3124c5b4fb911b1bc php-5.4.24-x86_64-1_slack14.1.txz\n\nSlackware -current package:\nf306c21609d14c7380295d63054d8f46 n/php-5.4.24-i486-1.txz\n\nSlackware x86_64 -current package:\n3cb4ff4fdaba44aa5ed3a946adbe9c9f n/php-5.4.24-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg php-5.4.24-i486-1_slack14.1.txz\n\nThen, restart Apache httpd:\n# /etc/rc.d/rc.httpd stop\n# /etc/rc.d/rc.httpd start\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list: |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message: |\n| |\n| unsubscribe slackware-security |\n| |\n| You will get a confirmation message back containing instructions to |\n| complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\nAPPLE-SA-2014-02-25-1 OS X Mavericks 10.9.2 and Security Update\n2014-001\n\nOS X Mavericks 10.9.2 and Security Update 2014-001 is now available\nand addresses the following:\n\nApache\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Multiple vulnerabilities in Apache\nDescription: Multiple vulnerabilities existed in Apache, the most\nserious of which may lead to cross-site scripting. These issues were\naddressed by updating Apache to version 2.2.26. \nCVE-ID\nCVE-2013-1862\nCVE-2013-1896\n\nApp Sandbox\nAvailable for: OS X Mountain Lion v10.8.5\nImpact: The App Sandbox may be bypassed\nDescription: The LaunchServices interface for launching an\napplication allowed sandboxed apps to specify the list of arguments\npassed to the new process. A compromised sandboxed application could\nabuse this to bypass the sandbox. This issue was addressed by\npreventing sandboxed applications from specifying arguments. This\nissue does not affect systems running OS X Mavericks 10.9 or later. \nCVE-ID\nCVE-2013-5179 : Friedrich Graeter of The Soulmen GbR\n\nATS\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 and 10.9.1\nImpact: Viewing or downloading a document containing a maliciously\ncrafted embedded font may lead to arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\nhandling of Type 1 fonts. This issue was addressed through improved\nbounds checking. \nCVE-ID\nCVE-2014-1254 : Felix Groebert of the Google Security Team\n\nATS\nAvailable for: OS X Mavericks 10.9 and 10.9.1\nImpact: The App Sandbox may be bypassed\nDescription: A memory corruption issue existed in the handling of\nMach messages passed to ATS. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-1262 : Meder Kydyraliev of the Google Security Team\n\nATS\nAvailable for: OS X Mavericks 10.9 and 10.9.1\nImpact: The App Sandbox may be bypassed\nDescription: An arbitrary free issue existed in the handling of Mach\nmessages passed to ATS. This issue was addressed through additional\nvalidation of Mach messages. \nCVE-ID\nCVE-2014-1255 : Meder Kydyraliev of the Google Security Team\n\nATS\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: The App Sandbox may be bypassed\nDescription: A buffer overflow issue existed in the handling of Mach\nmessages passed to ATS. This issue was addressed by additional bounds\nchecking. \nCVE-ID\nCVE-2014-1256 : Meder Kydyraliev of the Google Security Team\n\nCertificate Trust Policy\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Root certificates have been updated\nDescription: The set of system root certificates has been updated. \nThe complete list of recognized system roots may be viewed via the\nKeychain Access application. \n\nCFNetwork Cookies\nAvailable for: OS X Mountain Lion v10.8.5\nImpact: Session cookies may persist even after resetting Safari\nDescription: Resetting Safari did not always delete session cookies\nuntil Safari was closed. This issue was addressed through improved\nhandling of session cookies. This issue does not affect systems\nrunning OS X Mavericks 10.9 or later. \nCVE-ID\nCVE-2014-1257 : Rob Ansaldo of Amherst College, Graham Bennett\n\nCoreAnimation\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 and 10.9.1\nImpact: Visiting a maliciously crafted site may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A heap buffer overflow existed in CoreAnimation\u0027s\nhandling of images. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-1258 : Karl Smith of NCC Group\n\nCoreText\nAvailable for: OS X Mavericks 10.9 and 10.9.1\nImpact: Applications that use CoreText may be vulnerable to an\nunexpected application termination or arbitrary code execution\nDescription: A signedness issue existed in CoreText in the handling\nof Unicode fonts. This issue is addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-1261 : Lucas Apa and Carlos Mario Penagos of IOActive Labs\n\ncurl\nAvailable for: OS X Mavericks 10.9 and 10.9.1\nImpact: An attacker with a privileged network position may intercept\nuser credentials or other sensitive information\nDescription: When using curl to connect to an HTTPS URL containing\nan IP address, the IP address was not validated against the\ncertificate. This issue does not affect systems prior to OS X\nMavericks v10.9. \nCVE-ID\nCVE-2014-1263 : Roland Moriz of Moriz GmbH\n\nData Security\nAvailable for: OS X Mavericks 10.9 and 10.9.1\nImpact: An attacker with a privileged network position may capture\nor modify data in sessions protected by SSL/TLS\nDescription: Secure Transport failed to validate the authenticity of\nthe connection. This issue was addressed by restoring missing\nvalidation steps. \nCVE-ID\nCVE-2014-1266\n\nDate and Time\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: An unprivileged user may change the system clock\nDescription: This update changes the behavior of the systemsetup\ncommand to require administrator privileges to change the system\nclock. \nCVE-ID\nCVE-2014-1265\n\nFile Bookmark\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Viewing a file with a maliciously crafted name may lead to\nan unexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of file\nnames. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-1259\n\nFinder\nAvailable for: OS X Mavericks 10.9 and 10.9.1\nImpact: Accessing a file\u0027s ACL via Finder may lead to other users\ngaining unauthorized access to files\nDescription: Accessing a file\u0027s ACL via Finder may corrupt the ACLs\non the file. This issue was addressed through improved handling of\nACLs. \nCVE-ID\nCVE-2014-1264\n\nImageIO\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Viewing a maliciously crafted JPEG file may lead to the\ndisclosure of memory contents\nDescription: An uninitialized memory access issue existed in\nlibjpeg\u0027s handling of JPEG markers, resulting in the disclosure of\nmemory contents. This issue was addressed by better JPEG handling. \nCVE-ID\nCVE-2013-6629 : Michal Zalewski\n\nIOSerialFamily\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5\nImpact: Executing a malicious application may result in arbitrary\ncode execution within the kernel\nDescription: An out of bounds array access existed in the\nIOSerialFamily driver. This issue was addressed through additional\nbounds checking. This issue does not affect systems running OS X\nMavericks v10.9 or later. \nCVE-ID\nCVE-2013-5139 : @dent1zt\n\nLaunchServices\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5\nImpact: A file could show the wrong extension\nDescription: An issue existed in the handling of certain unicode\ncharacters that could allow filenames to show incorrect extensions. \nThe issue was addressed by filtering unsafe unicode characters from\ndisplay in filenames. This issue does not affect systems running OS X\nMavericks v10.9 or later. \nCVE-ID\nCVE-2013-5178 : Jesse Ruderman of Mozilla Corporation, Stephane Sudre\nof Intego\n\nNVIDIA Drivers\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Executing a malicious application could result in arbitrary\ncode execution within the graphics card\nDescription: An issue existed that allowed writes to some trusted\nmemory on the graphics card. This issue was addressed by removing the\nability of the host to write to that memory. \nCVE-ID\nCVE-2013-5986 : Marcin Ko\u015bcielnicki from the X.Org Foundation\nNouveau project\nCVE-2013-5987 : Marcin Ko\u015bcielnicki from the X.Org Foundation\nNouveau project\n\nPHP\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Multiple vulnerabilities in PHP\nDescription: Multiple vulnerabilities existed in PHP, the most\nserious of which may have led to arbitrary code execution. These\nissues were addressed by updating PHP to version 5.4.22 on OS X\nMavericks v10.9, and 5.3.28 on OS X Lion and Mountain Lion. \nCVE-ID\nCVE-2013-4073\nCVE-2013-4113\nCVE-2013-4248\nCVE-2013-6420\n\nQuickLook\nAvailable for: OS X Mountain Lion v10.8.5\nImpact: Downloading a maliciously crafted Microsoft Office file may\nlead to an unexpected application termination or arbitrary code\nexecution\nDescription: A memory corruption issue existed in QuickLook\u0027s\nhandling of Microsoft Office files. Downloading a maliciously crafted\nMicrosoft Office file may have led to an unexpected application\ntermination or arbitrary code execution. This issue does not affect\nsystems running OS X Mavericks 10.9 or later. \nCVE-ID\nCVE-2014-1260 : Felix Groebert of the Google Security Team\n\nQuickLook\nAvailable for: OS X Mountain Lion v10.8.5,\nOS X Mavericks 10.9 and 10.9.1\nImpact: Downloading a maliciously crafted Microsoft Word document\nmay lead to an unexpected application termination or arbitrary code\nexecution\nDescription: A double free issue existed in QuickLook\u0027s handling of\nMicrosoft Word documents. This issue was addressed through improved\nmemory management. \nCVE-ID\nCVE-2014-1252 : Felix Groebert of the Google Security Team\n\nQuickTime\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of \u0027ftab\u0027\natoms. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-1246 : An anonymous researcher working with HP\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A memory corruption issue existed in the handling of\n\u0027dref\u0027 atoms. This issue was addressed through improved bounds\nchecking. \nCVE-ID\nCVE-2014-1247 : Tom Gallagher \u0026 Paul Bates working with HP\u0027s Zero Day\nInitiative\n\nQuickTime\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of \u0027ldat\u0027\natoms. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-1248 : Jason Kratzer working with iDefense VCP\n\nQuickTime\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Viewing a maliciously crafted PSD image may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A buffer overflow existed in the handling of PSD\nimages. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-1249 : dragonltx of Tencent Security Team\n\nQuickTime\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: An out of bounds byte swapping issue existed in the\nhandling of \u0027ttfo\u0027 elements. This issue was addressed through\nimproved bounds checking. \nCVE-ID\nCVE-2014-1250 : Jason Kratzer working with iDefense VCP\n\nQuickTime\nAvailable for: OS X Lion v10.7.5, OS X Lion Server v10.7.5,\nOS X Mountain Lion v10.8.5, OS X Mavericks 10.9 and 10.9.1\nImpact: Playing a maliciously crafted movie file may lead to an\nunexpected application termination or arbitrary code execution\nDescription: A signedness issue existed in the handling of \u0027stsz\u0027\natoms. This issue was addressed through improved bounds checking. \nCVE-ID\nCVE-2014-1245 : Tom Gallagher \u0026 Paul Bates working with HP\u0027s Zero Day\nInitiative\n\nSecure Transport\nAvailable for: OS X Mountain Lion v10.8.5\nImpact: An attacker may be able to decrypt data protected by SSL\nDescription: There were known attacks on the confidentiality of SSL\n3.0 and TLS 1.0 when a cipher suite used a block cipher in CBC mode. \nTo address these issues for applications using Secure Transport, the\n1-byte fragment mitigation was enabled by default for this\nconfiguration. \nCVE-ID\nCVE-2011-3389 : Juliano Rizzo and Thai Duong\n\nOS X Mavericks v10.9.2 includes the content of Safari 7.0.2. \n\nOS X Mavericks v10.9.2 and Security Update 2014-001 may be obtained from \nthe Mac App Store or Apple\u0027s Software Downloads web site:\nhttp://www.apple.com/support/downloads/\n\nInformation will also be posted to the Apple Security Updates\nweb site: http://support.apple.com/kb/HT1222\n\nThis message is signed with Apple\u0027s Product Security PGP key,\nand details are available at:\nhttps://www.apple.com/support/security/pgp/\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niQIcBAEBAgAGBQJTDNeoAAoJEPefwLHPlZEwaRAP/3i/2qRvNv6JqmE9p48uEyXn\nmlxwXpMyop+vrgMmuiSP14EGSv06HO04PNUtaWPxm7tVYXu0tMtjDcYdIu40TAy6\nU0T6QhRZC/uag1DCvdEOvqRUajKmmPtHTCJ6OsQGtGJHlEM+S5XgxRr7qgfkHMfb\nOlqFsgpdL/AAiYNfzItN2C+r2Lfwro6LDlxhikpASojlMFQrk8nJ6irRv617anSZ\n3DwJW2iJxNfpVrgqA1Nrx1fkrPmeT/8jgGuEP6RaKiWIbfXjRG5BW9WuarMqmaP8\nC6XoTaJaqEO9zb7F2uJR0HIYpJd065y/xiYNm91yDWIjdrO3wVgNVPGo1pHVyYsY\nY7lcyHUVJortKF8SHquw0j3Ujeugu8iWp6ND/00/4dGvwb0jzrxPUxkEmJ43130O\nt2Obtxdsaa+ub8cZHDN93WB3FQR5hd+KaeXLJC55q0qYY8o8zqdPqXAlYAP2gUQX\niB4Bs7NAh2CNJWNTtk2soTjZOwPvPLSPZ6I3w5i0HVP7HQl5K8chjihAwSeyezCZ\nq5gxCiK0lBW88AUd9n3L7ZOW2Rg53mh6+RiUL/VQ7TfidoP417VDKum300pZkgNv\nkBCklX9ya7QeLjOMnbnsTk32qG+TiDPgiGZ5IrK6C6T26dexJWbm8tuwPjy5r8mI\naiYIh+SzR0rBdMZRgyzv\n=+DAJ\n-----END PGP SIGNATURE-----\n. (CVE-2013-6420)\n\nIt was found that PHP did not check for carriage returns in HTTP headers,\nallowing intended HTTP response splitting protections to be bypassed. \nDepending on the web browser the victim is using, a remote attacker could\nuse this flaw to perform HTTP response splitting attacks. (CVE-2011-1398)\n\nAn integer signedness issue, leading to a heap-based buffer underflow, was\nfound in the PHP scandir() function. (CVE-2012-2688)\n\nIt was found that the PHP SOAP parser allowed the expansion of external XML\nentities during SOAP message parsing. Bugs fixed (https://bugzilla.redhat.com/):\n\n828051 - CVE-2012-2688 php: Integer Signedness issues in _php_stream_scandir\n853329 - CVE-2011-1398 PHP: sapi_header_op() %0D sequence handling security bypass\n918187 - CVE-2013-1643 php: Ability to read arbitrary files due use of external entities while parsing SOAP WSDL files\n1036830 - CVE-2013-6420 php: memory corruption in openssl_x509_parse()\n\n6. The Common\nVulnerabilities and Exposures project identifies the following issues:\n\nCVE-2013-6420\n\n Stefan Esser reported possible memory corruption in\n openssl_x509_parse(). \n\nCVE-2013-6712\n\n Creating DateInterval objects from parsed ISO dates was\n not properly restricted, which allowed to cause a\n denial of service. \n\nIn addition, the update for Debian 7 \"Wheezy\" contains several bugfixes\noriginally targeted for the upcoming Wheezy point release. \n\nFor the oldstable distribution (squeeze), these problems have been fixed in\nversion 5.3.3-7+squeeze18. \n\nFor the stable distribution (wheezy), these problems have been fixed in\nversion 5.4.4-14+deb7u7. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 5.5.6+dfsg-2. \n\nWe recommend that you upgrade your php5 packages. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Critical: php security update\nAdvisory ID: RHSA-2013:1824-01\nProduct: Red Hat Enterprise Linux\nAdvisory URL: https://rhn.redhat.com/errata/RHSA-2013-1824.html\nIssue date: 2013-12-11\nCVE Names: CVE-2013-6420 \n=====================================================================\n\n1. Summary:\n\nUpdated php packages that fix one security issue are now available for Red\nHat Enterprise Linux 5.3 Long Life, and Red Hat Enterprise Linux 5.6, 5.9,\n6.2, 6.3, and 6.4 Extended Update Support. \n\nThe Red Hat Security Response Team has rated this update as having critical\nsecurity impact. A Common Vulnerability Scoring System (CVSS) base score,\nwhich gives a detailed severity rating, is available from the CVE link in\nthe References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Compute Node EUS (v. 6.3) - x86_64\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.2) - x86_64\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.3)\t - x86_64\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux EUS (v. 5.6 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux EUS (v. 5.9 server) - i386, ia64, ppc, s390x, x86_64\nRed Hat Enterprise Linux HPC Node EUS (v. 6.4) - x86_64\nRed Hat Enterprise Linux Long Life (v. 5.3 server) - i386, ia64, x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.2) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.3) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server EUS (v. 6.4) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.2) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.3) - i386, ppc64, s390x, x86_64\nRed Hat Enterprise Linux Server Optional EUS (v. 6.4) - i386, ppc64, s390x, x86_64\n\n3. Description:\n\nPHP is an HTML-embedded scripting language commonly used with the Apache\nHTTP Server. (CVE-2013-6420)\n\nRed Hat would like to thank the PHP project for reporting this issue. \nUpstream acknowledges Stefan Esser as the original reporter of this issue. \n\nAll php users are advised to upgrade to these updated packages, which\ncontain a backported patch to correct this issue. After installing the\nupdated packages, the httpd daemon must be restarted for the update to\ntake effect. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nThis update is available via the Red Hat Network. Details on how to\nuse the Red Hat Network to apply this update are available at\nhttps://access.redhat.com/site/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1036830 - CVE-2013-6420 php: memory corruption in openssl_x509_parse()\n\n6. Package List:\n\nRed Hat Enterprise Linux Long Life (v. 5.3 server):\n\nSource:\nphp-5.1.6-23.5.el5_3.src.rpm\n\ni386:\nphp-5.1.6-23.5.el5_3.i386.rpm\nphp-bcmath-5.1.6-23.5.el5_3.i386.rpm\nphp-cli-5.1.6-23.5.el5_3.i386.rpm\nphp-common-5.1.6-23.5.el5_3.i386.rpm\nphp-dba-5.1.6-23.5.el5_3.i386.rpm\nphp-debuginfo-5.1.6-23.5.el5_3.i386.rpm\nphp-devel-5.1.6-23.5.el5_3.i386.rpm\nphp-gd-5.1.6-23.5.el5_3.i386.rpm\nphp-imap-5.1.6-23.5.el5_3.i386.rpm\nphp-ldap-5.1.6-23.5.el5_3.i386.rpm\nphp-mbstring-5.1.6-23.5.el5_3.i386.rpm\nphp-mysql-5.1.6-23.5.el5_3.i386.rpm\nphp-ncurses-5.1.6-23.5.el5_3.i386.rpm\nphp-odbc-5.1.6-23.5.el5_3.i386.rpm\nphp-pdo-5.1.6-23.5.el5_3.i386.rpm\nphp-pgsql-5.1.6-23.5.el5_3.i386.rpm\nphp-snmp-5.1.6-23.5.el5_3.i386.rpm\nphp-soap-5.1.6-23.5.el5_3.i386.rpm\nphp-xml-5.1.6-23.5.el5_3.i386.rpm\nphp-xmlrpc-5.1.6-23.5.el5_3.i386.rpm\n\nia64:\nphp-5.1.6-23.5.el5_3.ia64.rpm\nphp-bcmath-5.1.6-23.5.el5_3.ia64.rpm\nphp-cli-5.1.6-23.5.el5_3.ia64.rpm\nphp-common-5.1.6-23.5.el5_3.ia64.rpm\nphp-dba-5.1.6-23.5.el5_3.ia64.rpm\nphp-debuginfo-5.1.6-23.5.el5_3.ia64.rpm\nphp-devel-5.1.6-23.5.el5_3.ia64.rpm\nphp-gd-5.1.6-23.5.el5_3.ia64.rpm\nphp-imap-5.1.6-23.5.el5_3.ia64.rpm\nphp-ldap-5.1.6-23.5.el5_3.ia64.rpm\nphp-mbstring-5.1.6-23.5.el5_3.ia64.rpm\nphp-mysql-5.1.6-23.5.el5_3.ia64.rpm\nphp-ncurses-5.1.6-23.5.el5_3.ia64.rpm\nphp-odbc-5.1.6-23.5.el5_3.ia64.rpm\nphp-pdo-5.1.6-23.5.el5_3.ia64.rpm\nphp-pgsql-5.1.6-23.5.el5_3.ia64.rpm\nphp-snmp-5.1.6-23.5.el5_3.ia64.rpm\nphp-soap-5.1.6-23.5.el5_3.ia64.rpm\nphp-xml-5.1.6-23.5.el5_3.ia64.rpm\nphp-xmlrpc-5.1.6-23.5.el5_3.ia64.rpm\n\nx86_64:\nphp-5.1.6-23.5.el5_3.x86_64.rpm\nphp-bcmath-5.1.6-23.5.el5_3.x86_64.rpm\nphp-cli-5.1.6-23.5.el5_3.x86_64.rpm\nphp-common-5.1.6-23.5.el5_3.x86_64.rpm\nphp-dba-5.1.6-23.5.el5_3.x86_64.rpm\nphp-debuginfo-5.1.6-23.5.el5_3.x86_64.rpm\nphp-devel-5.1.6-23.5.el5_3.x86_64.rpm\nphp-gd-5.1.6-23.5.el5_3.x86_64.rpm\nphp-imap-5.1.6-23.5.el5_3.x86_64.rpm\nphp-ldap-5.1.6-23.5.el5_3.x86_64.rpm\nphp-mbstring-5.1.6-23.5.el5_3.x86_64.rpm\nphp-mysql-5.1.6-23.5.el5_3.x86_64.rpm\nphp-ncurses-5.1.6-23.5.el5_3.x86_64.rpm\nphp-odbc-5.1.6-23.5.el5_3.x86_64.rpm\nphp-pdo-5.1.6-23.5.el5_3.x86_64.rpm\nphp-pgsql-5.1.6-23.5.el5_3.x86_64.rpm\nphp-snmp-5.1.6-23.5.el5_3.x86_64.rpm\nphp-soap-5.1.6-23.5.el5_3.x86_64.rpm\nphp-xml-5.1.6-23.5.el5_3.x86_64.rpm\nphp-xmlrpc-5.1.6-23.5.el5_3.x86_64.rpm\n\nRed Hat Enterprise Linux EUS (v. 5.6 server):\n\nSource:\nphp-5.1.6-27.el5_6.6.src.rpm\n\ni386:\nphp-5.1.6-27.el5_6.6.i386.rpm\nphp-bcmath-5.1.6-27.el5_6.6.i386.rpm\nphp-cli-5.1.6-27.el5_6.6.i386.rpm\nphp-common-5.1.6-27.el5_6.6.i386.rpm\nphp-dba-5.1.6-27.el5_6.6.i386.rpm\nphp-debuginfo-5.1.6-27.el5_6.6.i386.rpm\nphp-devel-5.1.6-27.el5_6.6.i386.rpm\nphp-gd-5.1.6-27.el5_6.6.i386.rpm\nphp-imap-5.1.6-27.el5_6.6.i386.rpm\nphp-ldap-5.1.6-27.el5_6.6.i386.rpm\nphp-mbstring-5.1.6-27.el5_6.6.i386.rpm\nphp-mysql-5.1.6-27.el5_6.6.i386.rpm\nphp-ncurses-5.1.6-27.el5_6.6.i386.rpm\nphp-odbc-5.1.6-27.el5_6.6.i386.rpm\nphp-pdo-5.1.6-27.el5_6.6.i386.rpm\nphp-pgsql-5.1.6-27.el5_6.6.i386.rpm\nphp-snmp-5.1.6-27.el5_6.6.i386.rpm\nphp-soap-5.1.6-27.el5_6.6.i386.rpm\nphp-xml-5.1.6-27.el5_6.6.i386.rpm\nphp-xmlrpc-5.1.6-27.el5_6.6.i386.rpm\n\nia64:\nphp-5.1.6-27.el5_6.6.ia64.rpm\nphp-bcmath-5.1.6-27.el5_6.6.ia64.rpm\nphp-cli-5.1.6-27.el5_6.6.ia64.rpm\nphp-common-5.1.6-27.el5_6.6.ia64.rpm\nphp-dba-5.1.6-27.el5_6.6.ia64.rpm\nphp-debuginfo-5.1.6-27.el5_6.6.ia64.rpm\nphp-devel-5.1.6-27.el5_6.6.ia64.rpm\nphp-gd-5.1.6-27.el5_6.6.ia64.rpm\nphp-imap-5.1.6-27.el5_6.6.ia64.rpm\nphp-ldap-5.1.6-27.el5_6.6.ia64.rpm\nphp-mbstring-5.1.6-27.el5_6.6.ia64.rpm\nphp-mysql-5.1.6-27.el5_6.6.ia64.rpm\nphp-ncurses-5.1.6-27.el5_6.6.ia64.rpm\nphp-odbc-5.1.6-27.el5_6.6.ia64.rpm\nphp-pdo-5.1.6-27.el5_6.6.ia64.rpm\nphp-pgsql-5.1.6-27.el5_6.6.ia64.rpm\nphp-snmp-5.1.6-27.el5_6.6.ia64.rpm\nphp-soap-5.1.6-27.el5_6.6.ia64.rpm\nphp-xml-5.1.6-27.el5_6.6.ia64.rpm\nphp-xmlrpc-5.1.6-27.el5_6.6.ia64.rpm\n\nppc:\nphp-5.1.6-27.el5_6.6.ppc.rpm\nphp-bcmath-5.1.6-27.el5_6.6.ppc.rpm\nphp-cli-5.1.6-27.el5_6.6.ppc.rpm\nphp-common-5.1.6-27.el5_6.6.ppc.rpm\nphp-dba-5.1.6-27.el5_6.6.ppc.rpm\nphp-debuginfo-5.1.6-27.el5_6.6.ppc.rpm\nphp-devel-5.1.6-27.el5_6.6.ppc.rpm\nphp-gd-5.1.6-27.el5_6.6.ppc.rpm\nphp-imap-5.1.6-27.el5_6.6.ppc.rpm\nphp-ldap-5.1.6-27.el5_6.6.ppc.rpm\nphp-mbstring-5.1.6-27.el5_6.6.ppc.rpm\nphp-mysql-5.1.6-27.el5_6.6.ppc.rpm\nphp-ncurses-5.1.6-27.el5_6.6.ppc.rpm\nphp-odbc-5.1.6-27.el5_6.6.ppc.rpm\nphp-pdo-5.1.6-27.el5_6.6.ppc.rpm\nphp-pgsql-5.1.6-27.el5_6.6.ppc.rpm\nphp-snmp-5.1.6-27.el5_6.6.ppc.rpm\nphp-soap-5.1.6-27.el5_6.6.ppc.rpm\nphp-xml-5.1.6-27.el5_6.6.ppc.rpm\nphp-xmlrpc-5.1.6-27.el5_6.6.ppc.rpm\n\ns390x:\nphp-5.1.6-27.el5_6.6.s390x.rpm\nphp-bcmath-5.1.6-27.el5_6.6.s390x.rpm\nphp-cli-5.1.6-27.el5_6.6.s390x.rpm\nphp-common-5.1.6-27.el5_6.6.s390x.rpm\nphp-dba-5.1.6-27.el5_6.6.s390x.rpm\nphp-debuginfo-5.1.6-27.el5_6.6.s390x.rpm\nphp-devel-5.1.6-27.el5_6.6.s390x.rpm\nphp-gd-5.1.6-27.el5_6.6.s390x.rpm\nphp-imap-5.1.6-27.el5_6.6.s390x.rpm\nphp-ldap-5.1.6-27.el5_6.6.s390x.rpm\nphp-mbstring-5.1.6-27.el5_6.6.s390x.rpm\nphp-mysql-5.1.6-27.el5_6.6.s390x.rpm\nphp-ncurses-5.1.6-27.el5_6.6.s390x.rpm\nphp-odbc-5.1.6-27.el5_6.6.s390x.rpm\nphp-pdo-5.1.6-27.el5_6.6.s390x.rpm\nphp-pgsql-5.1.6-27.el5_6.6.s390x.rpm\nphp-snmp-5.1.6-27.el5_6.6.s390x.rpm\nphp-soap-5.1.6-27.el5_6.6.s390x.rpm\nphp-xml-5.1.6-27.el5_6.6.s390x.rpm\nphp-xmlrpc-5.1.6-27.el5_6.6.s390x.rpm\n\nx86_64:\nphp-5.1.6-27.el5_6.6.x86_64.rpm\nphp-bcmath-5.1.6-27.el5_6.6.x86_64.rpm\nphp-cli-5.1.6-27.el5_6.6.x86_64.rpm\nphp-common-5.1.6-27.el5_6.6.x86_64.rpm\nphp-dba-5.1.6-27.el5_6.6.x86_64.rpm\nphp-debuginfo-5.1.6-27.el5_6.6.x86_64.rpm\nphp-devel-5.1.6-27.el5_6.6.x86_64.rpm\nphp-gd-5.1.6-27.el5_6.6.x86_64.rpm\nphp-imap-5.1.6-27.el5_6.6.x86_64.rpm\nphp-ldap-5.1.6-27.el5_6.6.x86_64.rpm\nphp-mbstring-5.1.6-27.el5_6.6.x86_64.rpm\nphp-mysql-5.1.6-27.el5_6.6.x86_64.rpm\nphp-ncurses-5.1.6-27.el5_6.6.x86_64.rpm\nphp-odbc-5.1.6-27.el5_6.6.x86_64.rpm\nphp-pdo-5.1.6-27.el5_6.6.x86_64.rpm\nphp-pgsql-5.1.6-27.el5_6.6.x86_64.rpm\nphp-snmp-5.1.6-27.el5_6.6.x86_64.rpm\nphp-soap-5.1.6-27.el5_6.6.x86_64.rpm\nphp-xml-5.1.6-27.el5_6.6.x86_64.rpm\nphp-xmlrpc-5.1.6-27.el5_6.6.x86_64.rpm\n\nRed Hat Enterprise Linux EUS (v. 5.9 server):\n\nSource:\nphp-5.1.6-40.el5_9.1.src.rpm\n\ni386:\nphp-5.1.6-40.el5_9.1.i386.rpm\nphp-bcmath-5.1.6-40.el5_9.1.i386.rpm\nphp-cli-5.1.6-40.el5_9.1.i386.rpm\nphp-common-5.1.6-40.el5_9.1.i386.rpm\nphp-dba-5.1.6-40.el5_9.1.i386.rpm\nphp-debuginfo-5.1.6-40.el5_9.1.i386.rpm\nphp-devel-5.1.6-40.el5_9.1.i386.rpm\nphp-gd-5.1.6-40.el5_9.1.i386.rpm\nphp-imap-5.1.6-40.el5_9.1.i386.rpm\nphp-ldap-5.1.6-40.el5_9.1.i386.rpm\nphp-mbstring-5.1.6-40.el5_9.1.i386.rpm\nphp-mysql-5.1.6-40.el5_9.1.i386.rpm\nphp-ncurses-5.1.6-40.el5_9.1.i386.rpm\nphp-odbc-5.1.6-40.el5_9.1.i386.rpm\nphp-pdo-5.1.6-40.el5_9.1.i386.rpm\nphp-pgsql-5.1.6-40.el5_9.1.i386.rpm\nphp-snmp-5.1.6-40.el5_9.1.i386.rpm\nphp-soap-5.1.6-40.el5_9.1.i386.rpm\nphp-xml-5.1.6-40.el5_9.1.i386.rpm\nphp-xmlrpc-5.1.6-40.el5_9.1.i386.rpm\n\nia64:\nphp-5.1.6-40.el5_9.1.ia64.rpm\nphp-bcmath-5.1.6-40.el5_9.1.ia64.rpm\nphp-cli-5.1.6-40.el5_9.1.ia64.rpm\nphp-common-5.1.6-40.el5_9.1.ia64.rpm\nphp-dba-5.1.6-40.el5_9.1.ia64.rpm\nphp-debuginfo-5.1.6-40.el5_9.1.ia64.rpm\nphp-devel-5.1.6-40.el5_9.1.ia64.rpm\nphp-gd-5.1.6-40.el5_9.1.ia64.rpm\nphp-imap-5.1.6-40.el5_9.1.ia64.rpm\nphp-ldap-5.1.6-40.el5_9.1.ia64.rpm\nphp-mbstring-5.1.6-40.el5_9.1.ia64.rpm\nphp-mysql-5.1.6-40.el5_9.1.ia64.rpm\nphp-ncurses-5.1.6-40.el5_9.1.ia64.rpm\nphp-odbc-5.1.6-40.el5_9.1.ia64.rpm\nphp-pdo-5.1.6-40.el5_9.1.ia64.rpm\nphp-pgsql-5.1.6-40.el5_9.1.ia64.rpm\nphp-snmp-5.1.6-40.el5_9.1.ia64.rpm\nphp-soap-5.1.6-40.el5_9.1.ia64.rpm\nphp-xml-5.1.6-40.el5_9.1.ia64.rpm\nphp-xmlrpc-5.1.6-40.el5_9.1.ia64.rpm\n\nppc:\nphp-5.1.6-40.el5_9.1.ppc.rpm\nphp-bcmath-5.1.6-40.el5_9.1.ppc.rpm\nphp-cli-5.1.6-40.el5_9.1.ppc.rpm\nphp-common-5.1.6-40.el5_9.1.ppc.rpm\nphp-dba-5.1.6-40.el5_9.1.ppc.rpm\nphp-debuginfo-5.1.6-40.el5_9.1.ppc.rpm\nphp-devel-5.1.6-40.el5_9.1.ppc.rpm\nphp-gd-5.1.6-40.el5_9.1.ppc.rpm\nphp-imap-5.1.6-40.el5_9.1.ppc.rpm\nphp-ldap-5.1.6-40.el5_9.1.ppc.rpm\nphp-mbstring-5.1.6-40.el5_9.1.ppc.rpm\nphp-mysql-5.1.6-40.el5_9.1.ppc.rpm\nphp-ncurses-5.1.6-40.el5_9.1.ppc.rpm\nphp-odbc-5.1.6-40.el5_9.1.ppc.rpm\nphp-pdo-5.1.6-40.el5_9.1.ppc.rpm\nphp-pgsql-5.1.6-40.el5_9.1.ppc.rpm\nphp-snmp-5.1.6-40.el5_9.1.ppc.rpm\nphp-soap-5.1.6-40.el5_9.1.ppc.rpm\nphp-xml-5.1.6-40.el5_9.1.ppc.rpm\nphp-xmlrpc-5.1.6-40.el5_9.1.ppc.rpm\n\ns390x:\nphp-5.1.6-40.el5_9.1.s390x.rpm\nphp-bcmath-5.1.6-40.el5_9.1.s390x.rpm\nphp-cli-5.1.6-40.el5_9.1.s390x.rpm\nphp-common-5.1.6-40.el5_9.1.s390x.rpm\nphp-dba-5.1.6-40.el5_9.1.s390x.rpm\nphp-debuginfo-5.1.6-40.el5_9.1.s390x.rpm\nphp-devel-5.1.6-40.el5_9.1.s390x.rpm\nphp-gd-5.1.6-40.el5_9.1.s390x.rpm\nphp-imap-5.1.6-40.el5_9.1.s390x.rpm\nphp-ldap-5.1.6-40.el5_9.1.s390x.rpm\nphp-mbstring-5.1.6-40.el5_9.1.s390x.rpm\nphp-mysql-5.1.6-40.el5_9.1.s390x.rpm\nphp-ncurses-5.1.6-40.el5_9.1.s390x.rpm\nphp-odbc-5.1.6-40.el5_9.1.s390x.rpm\nphp-pdo-5.1.6-40.el5_9.1.s390x.rpm\nphp-pgsql-5.1.6-40.el5_9.1.s390x.rpm\nphp-snmp-5.1.6-40.el5_9.1.s390x.rpm\nphp-soap-5.1.6-40.el5_9.1.s390x.rpm\nphp-xml-5.1.6-40.el5_9.1.s390x.rpm\nphp-xmlrpc-5.1.6-40.el5_9.1.s390x.rpm\n\nx86_64:\nphp-5.1.6-40.el5_9.1.x86_64.rpm\nphp-bcmath-5.1.6-40.el5_9.1.x86_64.rpm\nphp-cli-5.1.6-40.el5_9.1.x86_64.rpm\nphp-common-5.1.6-40.el5_9.1.x86_64.rpm\nphp-dba-5.1.6-40.el5_9.1.x86_64.rpm\nphp-debuginfo-5.1.6-40.el5_9.1.x86_64.rpm\nphp-devel-5.1.6-40.el5_9.1.x86_64.rpm\nphp-gd-5.1.6-40.el5_9.1.x86_64.rpm\nphp-imap-5.1.6-40.el5_9.1.x86_64.rpm\nphp-ldap-5.1.6-40.el5_9.1.x86_64.rpm\nphp-mbstring-5.1.6-40.el5_9.1.x86_64.rpm\nphp-mysql-5.1.6-40.el5_9.1.x86_64.rpm\nphp-ncurses-5.1.6-40.el5_9.1.x86_64.rpm\nphp-odbc-5.1.6-40.el5_9.1.x86_64.rpm\nphp-pdo-5.1.6-40.el5_9.1.x86_64.rpm\nphp-pgsql-5.1.6-40.el5_9.1.x86_64.rpm\nphp-snmp-5.1.6-40.el5_9.1.x86_64.rpm\nphp-soap-5.1.6-40.el5_9.1.x86_64.rpm\nphp-xml-5.1.6-40.el5_9.1.x86_64.rpm\nphp-xmlrpc-5.1.6-40.el5_9.1.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.2):\n\nSource:\nphp-5.3.3-3.el6_2.11.src.rpm\n\nx86_64:\nphp-cli-5.3.3-3.el6_2.11.x86_64.rpm\nphp-common-5.3.3-3.el6_2.11.x86_64.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node EUS (v. 6.3):\n\nSource:\nphp-5.3.3-14.el6_3.3.src.rpm\n\nx86_64:\nphp-cli-5.3.3-14.el6_3.3.x86_64.rpm\nphp-common-5.3.3-14.el6_3.3.x86_64.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux HPC Node EUS (v. 6.4):\n\nSource:\nphp-5.3.3-23.el6_4.1.src.rpm\n\nx86_64:\nphp-cli-5.3.3-23.el6_4.1.x86_64.rpm\nphp-common-5.3.3-23.el6_4.1.x86_64.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.2):\n\nSource:\nphp-5.3.3-3.el6_2.11.src.rpm\n\nx86_64:\nphp-5.3.3-3.el6_2.11.x86_64.rpm\nphp-bcmath-5.3.3-3.el6_2.11.x86_64.rpm\nphp-dba-5.3.3-3.el6_2.11.x86_64.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm\nphp-devel-5.3.3-3.el6_2.11.x86_64.rpm\nphp-embedded-5.3.3-3.el6_2.11.x86_64.rpm\nphp-enchant-5.3.3-3.el6_2.11.x86_64.rpm\nphp-gd-5.3.3-3.el6_2.11.x86_64.rpm\nphp-imap-5.3.3-3.el6_2.11.x86_64.rpm\nphp-intl-5.3.3-3.el6_2.11.x86_64.rpm\nphp-ldap-5.3.3-3.el6_2.11.x86_64.rpm\nphp-mbstring-5.3.3-3.el6_2.11.x86_64.rpm\nphp-mysql-5.3.3-3.el6_2.11.x86_64.rpm\nphp-odbc-5.3.3-3.el6_2.11.x86_64.rpm\nphp-pdo-5.3.3-3.el6_2.11.x86_64.rpm\nphp-pgsql-5.3.3-3.el6_2.11.x86_64.rpm\nphp-process-5.3.3-3.el6_2.11.x86_64.rpm\nphp-pspell-5.3.3-3.el6_2.11.x86_64.rpm\nphp-recode-5.3.3-3.el6_2.11.x86_64.rpm\nphp-snmp-5.3.3-3.el6_2.11.x86_64.rpm\nphp-soap-5.3.3-3.el6_2.11.x86_64.rpm\nphp-tidy-5.3.3-3.el6_2.11.x86_64.rpm\nphp-xml-5.3.3-3.el6_2.11.x86_64.rpm\nphp-xmlrpc-5.3.3-3.el6_2.11.x86_64.rpm\nphp-zts-5.3.3-3.el6_2.11.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.3)\t:\n\nSource:\nphp-5.3.3-14.el6_3.3.src.rpm\n\nx86_64:\nphp-5.3.3-14.el6_3.3.x86_64.rpm\nphp-bcmath-5.3.3-14.el6_3.3.x86_64.rpm\nphp-dba-5.3.3-14.el6_3.3.x86_64.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm\nphp-devel-5.3.3-14.el6_3.3.x86_64.rpm\nphp-embedded-5.3.3-14.el6_3.3.x86_64.rpm\nphp-enchant-5.3.3-14.el6_3.3.x86_64.rpm\nphp-gd-5.3.3-14.el6_3.3.x86_64.rpm\nphp-imap-5.3.3-14.el6_3.3.x86_64.rpm\nphp-intl-5.3.3-14.el6_3.3.x86_64.rpm\nphp-ldap-5.3.3-14.el6_3.3.x86_64.rpm\nphp-mbstring-5.3.3-14.el6_3.3.x86_64.rpm\nphp-mysql-5.3.3-14.el6_3.3.x86_64.rpm\nphp-odbc-5.3.3-14.el6_3.3.x86_64.rpm\nphp-pdo-5.3.3-14.el6_3.3.x86_64.rpm\nphp-pgsql-5.3.3-14.el6_3.3.x86_64.rpm\nphp-process-5.3.3-14.el6_3.3.x86_64.rpm\nphp-pspell-5.3.3-14.el6_3.3.x86_64.rpm\nphp-recode-5.3.3-14.el6_3.3.x86_64.rpm\nphp-snmp-5.3.3-14.el6_3.3.x86_64.rpm\nphp-soap-5.3.3-14.el6_3.3.x86_64.rpm\nphp-tidy-5.3.3-14.el6_3.3.x86_64.rpm\nphp-xml-5.3.3-14.el6_3.3.x86_64.rpm\nphp-xmlrpc-5.3.3-14.el6_3.3.x86_64.rpm\nphp-zts-5.3.3-14.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Compute Node Optional EUS (v. 6.4):\n\nSource:\nphp-5.3.3-23.el6_4.1.src.rpm\n\nx86_64:\nphp-5.3.3-23.el6_4.1.x86_64.rpm\nphp-bcmath-5.3.3-23.el6_4.1.x86_64.rpm\nphp-dba-5.3.3-23.el6_4.1.x86_64.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm\nphp-devel-5.3.3-23.el6_4.1.x86_64.rpm\nphp-embedded-5.3.3-23.el6_4.1.x86_64.rpm\nphp-enchant-5.3.3-23.el6_4.1.x86_64.rpm\nphp-fpm-5.3.3-23.el6_4.1.x86_64.rpm\nphp-gd-5.3.3-23.el6_4.1.x86_64.rpm\nphp-imap-5.3.3-23.el6_4.1.x86_64.rpm\nphp-intl-5.3.3-23.el6_4.1.x86_64.rpm\nphp-ldap-5.3.3-23.el6_4.1.x86_64.rpm\nphp-mbstring-5.3.3-23.el6_4.1.x86_64.rpm\nphp-mysql-5.3.3-23.el6_4.1.x86_64.rpm\nphp-odbc-5.3.3-23.el6_4.1.x86_64.rpm\nphp-pdo-5.3.3-23.el6_4.1.x86_64.rpm\nphp-pgsql-5.3.3-23.el6_4.1.x86_64.rpm\nphp-process-5.3.3-23.el6_4.1.x86_64.rpm\nphp-pspell-5.3.3-23.el6_4.1.x86_64.rpm\nphp-recode-5.3.3-23.el6_4.1.x86_64.rpm\nphp-snmp-5.3.3-23.el6_4.1.x86_64.rpm\nphp-soap-5.3.3-23.el6_4.1.x86_64.rpm\nphp-tidy-5.3.3-23.el6_4.1.x86_64.rpm\nphp-xml-5.3.3-23.el6_4.1.x86_64.rpm\nphp-xmlrpc-5.3.3-23.el6_4.1.x86_64.rpm\nphp-zts-5.3.3-23.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.2):\n\nSource:\nphp-5.3.3-3.el6_2.11.src.rpm\n\ni386:\nphp-5.3.3-3.el6_2.11.i686.rpm\nphp-cli-5.3.3-3.el6_2.11.i686.rpm\nphp-common-5.3.3-3.el6_2.11.i686.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.i686.rpm\nphp-gd-5.3.3-3.el6_2.11.i686.rpm\nphp-ldap-5.3.3-3.el6_2.11.i686.rpm\nphp-mysql-5.3.3-3.el6_2.11.i686.rpm\nphp-odbc-5.3.3-3.el6_2.11.i686.rpm\nphp-pdo-5.3.3-3.el6_2.11.i686.rpm\nphp-pgsql-5.3.3-3.el6_2.11.i686.rpm\nphp-soap-5.3.3-3.el6_2.11.i686.rpm\nphp-xml-5.3.3-3.el6_2.11.i686.rpm\nphp-xmlrpc-5.3.3-3.el6_2.11.i686.rpm\n\nppc64:\nphp-5.3.3-3.el6_2.11.ppc64.rpm\nphp-cli-5.3.3-3.el6_2.11.ppc64.rpm\nphp-common-5.3.3-3.el6_2.11.ppc64.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.ppc64.rpm\nphp-gd-5.3.3-3.el6_2.11.ppc64.rpm\nphp-ldap-5.3.3-3.el6_2.11.ppc64.rpm\nphp-mysql-5.3.3-3.el6_2.11.ppc64.rpm\nphp-odbc-5.3.3-3.el6_2.11.ppc64.rpm\nphp-pdo-5.3.3-3.el6_2.11.ppc64.rpm\nphp-pgsql-5.3.3-3.el6_2.11.ppc64.rpm\nphp-soap-5.3.3-3.el6_2.11.ppc64.rpm\nphp-xml-5.3.3-3.el6_2.11.ppc64.rpm\nphp-xmlrpc-5.3.3-3.el6_2.11.ppc64.rpm\n\ns390x:\nphp-5.3.3-3.el6_2.11.s390x.rpm\nphp-cli-5.3.3-3.el6_2.11.s390x.rpm\nphp-common-5.3.3-3.el6_2.11.s390x.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.s390x.rpm\nphp-gd-5.3.3-3.el6_2.11.s390x.rpm\nphp-ldap-5.3.3-3.el6_2.11.s390x.rpm\nphp-mysql-5.3.3-3.el6_2.11.s390x.rpm\nphp-odbc-5.3.3-3.el6_2.11.s390x.rpm\nphp-pdo-5.3.3-3.el6_2.11.s390x.rpm\nphp-pgsql-5.3.3-3.el6_2.11.s390x.rpm\nphp-soap-5.3.3-3.el6_2.11.s390x.rpm\nphp-xml-5.3.3-3.el6_2.11.s390x.rpm\nphp-xmlrpc-5.3.3-3.el6_2.11.s390x.rpm\n\nx86_64:\nphp-5.3.3-3.el6_2.11.x86_64.rpm\nphp-cli-5.3.3-3.el6_2.11.x86_64.rpm\nphp-common-5.3.3-3.el6_2.11.x86_64.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm\nphp-gd-5.3.3-3.el6_2.11.x86_64.rpm\nphp-ldap-5.3.3-3.el6_2.11.x86_64.rpm\nphp-mysql-5.3.3-3.el6_2.11.x86_64.rpm\nphp-odbc-5.3.3-3.el6_2.11.x86_64.rpm\nphp-pdo-5.3.3-3.el6_2.11.x86_64.rpm\nphp-pgsql-5.3.3-3.el6_2.11.x86_64.rpm\nphp-soap-5.3.3-3.el6_2.11.x86_64.rpm\nphp-xml-5.3.3-3.el6_2.11.x86_64.rpm\nphp-xmlrpc-5.3.3-3.el6_2.11.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.3):\n\nSource:\nphp-5.3.3-14.el6_3.3.src.rpm\n\ni386:\nphp-5.3.3-14.el6_3.3.i686.rpm\nphp-cli-5.3.3-14.el6_3.3.i686.rpm\nphp-common-5.3.3-14.el6_3.3.i686.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.i686.rpm\nphp-gd-5.3.3-14.el6_3.3.i686.rpm\nphp-ldap-5.3.3-14.el6_3.3.i686.rpm\nphp-mysql-5.3.3-14.el6_3.3.i686.rpm\nphp-odbc-5.3.3-14.el6_3.3.i686.rpm\nphp-pdo-5.3.3-14.el6_3.3.i686.rpm\nphp-pgsql-5.3.3-14.el6_3.3.i686.rpm\nphp-soap-5.3.3-14.el6_3.3.i686.rpm\nphp-xml-5.3.3-14.el6_3.3.i686.rpm\nphp-xmlrpc-5.3.3-14.el6_3.3.i686.rpm\n\nppc64:\nphp-5.3.3-14.el6_3.3.ppc64.rpm\nphp-cli-5.3.3-14.el6_3.3.ppc64.rpm\nphp-common-5.3.3-14.el6_3.3.ppc64.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.ppc64.rpm\nphp-gd-5.3.3-14.el6_3.3.ppc64.rpm\nphp-ldap-5.3.3-14.el6_3.3.ppc64.rpm\nphp-mysql-5.3.3-14.el6_3.3.ppc64.rpm\nphp-odbc-5.3.3-14.el6_3.3.ppc64.rpm\nphp-pdo-5.3.3-14.el6_3.3.ppc64.rpm\nphp-pgsql-5.3.3-14.el6_3.3.ppc64.rpm\nphp-soap-5.3.3-14.el6_3.3.ppc64.rpm\nphp-xml-5.3.3-14.el6_3.3.ppc64.rpm\nphp-xmlrpc-5.3.3-14.el6_3.3.ppc64.rpm\n\ns390x:\nphp-5.3.3-14.el6_3.3.s390x.rpm\nphp-cli-5.3.3-14.el6_3.3.s390x.rpm\nphp-common-5.3.3-14.el6_3.3.s390x.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.s390x.rpm\nphp-gd-5.3.3-14.el6_3.3.s390x.rpm\nphp-ldap-5.3.3-14.el6_3.3.s390x.rpm\nphp-mysql-5.3.3-14.el6_3.3.s390x.rpm\nphp-odbc-5.3.3-14.el6_3.3.s390x.rpm\nphp-pdo-5.3.3-14.el6_3.3.s390x.rpm\nphp-pgsql-5.3.3-14.el6_3.3.s390x.rpm\nphp-soap-5.3.3-14.el6_3.3.s390x.rpm\nphp-xml-5.3.3-14.el6_3.3.s390x.rpm\nphp-xmlrpc-5.3.3-14.el6_3.3.s390x.rpm\n\nx86_64:\nphp-5.3.3-14.el6_3.3.x86_64.rpm\nphp-cli-5.3.3-14.el6_3.3.x86_64.rpm\nphp-common-5.3.3-14.el6_3.3.x86_64.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm\nphp-gd-5.3.3-14.el6_3.3.x86_64.rpm\nphp-ldap-5.3.3-14.el6_3.3.x86_64.rpm\nphp-mysql-5.3.3-14.el6_3.3.x86_64.rpm\nphp-odbc-5.3.3-14.el6_3.3.x86_64.rpm\nphp-pdo-5.3.3-14.el6_3.3.x86_64.rpm\nphp-pgsql-5.3.3-14.el6_3.3.x86_64.rpm\nphp-soap-5.3.3-14.el6_3.3.x86_64.rpm\nphp-xml-5.3.3-14.el6_3.3.x86_64.rpm\nphp-xmlrpc-5.3.3-14.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server EUS (v. 6.4):\n\nSource:\nphp-5.3.3-23.el6_4.1.src.rpm\n\ni386:\nphp-5.3.3-23.el6_4.1.i686.rpm\nphp-cli-5.3.3-23.el6_4.1.i686.rpm\nphp-common-5.3.3-23.el6_4.1.i686.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.i686.rpm\nphp-gd-5.3.3-23.el6_4.1.i686.rpm\nphp-ldap-5.3.3-23.el6_4.1.i686.rpm\nphp-mysql-5.3.3-23.el6_4.1.i686.rpm\nphp-odbc-5.3.3-23.el6_4.1.i686.rpm\nphp-pdo-5.3.3-23.el6_4.1.i686.rpm\nphp-pgsql-5.3.3-23.el6_4.1.i686.rpm\nphp-soap-5.3.3-23.el6_4.1.i686.rpm\nphp-xml-5.3.3-23.el6_4.1.i686.rpm\nphp-xmlrpc-5.3.3-23.el6_4.1.i686.rpm\n\nppc64:\nphp-5.3.3-23.el6_4.1.ppc64.rpm\nphp-cli-5.3.3-23.el6_4.1.ppc64.rpm\nphp-common-5.3.3-23.el6_4.1.ppc64.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.ppc64.rpm\nphp-gd-5.3.3-23.el6_4.1.ppc64.rpm\nphp-ldap-5.3.3-23.el6_4.1.ppc64.rpm\nphp-mysql-5.3.3-23.el6_4.1.ppc64.rpm\nphp-odbc-5.3.3-23.el6_4.1.ppc64.rpm\nphp-pdo-5.3.3-23.el6_4.1.ppc64.rpm\nphp-pgsql-5.3.3-23.el6_4.1.ppc64.rpm\nphp-soap-5.3.3-23.el6_4.1.ppc64.rpm\nphp-xml-5.3.3-23.el6_4.1.ppc64.rpm\nphp-xmlrpc-5.3.3-23.el6_4.1.ppc64.rpm\n\ns390x:\nphp-5.3.3-23.el6_4.1.s390x.rpm\nphp-cli-5.3.3-23.el6_4.1.s390x.rpm\nphp-common-5.3.3-23.el6_4.1.s390x.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.s390x.rpm\nphp-gd-5.3.3-23.el6_4.1.s390x.rpm\nphp-ldap-5.3.3-23.el6_4.1.s390x.rpm\nphp-mysql-5.3.3-23.el6_4.1.s390x.rpm\nphp-odbc-5.3.3-23.el6_4.1.s390x.rpm\nphp-pdo-5.3.3-23.el6_4.1.s390x.rpm\nphp-pgsql-5.3.3-23.el6_4.1.s390x.rpm\nphp-soap-5.3.3-23.el6_4.1.s390x.rpm\nphp-xml-5.3.3-23.el6_4.1.s390x.rpm\nphp-xmlrpc-5.3.3-23.el6_4.1.s390x.rpm\n\nx86_64:\nphp-5.3.3-23.el6_4.1.x86_64.rpm\nphp-cli-5.3.3-23.el6_4.1.x86_64.rpm\nphp-common-5.3.3-23.el6_4.1.x86_64.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm\nphp-gd-5.3.3-23.el6_4.1.x86_64.rpm\nphp-ldap-5.3.3-23.el6_4.1.x86_64.rpm\nphp-mysql-5.3.3-23.el6_4.1.x86_64.rpm\nphp-odbc-5.3.3-23.el6_4.1.x86_64.rpm\nphp-pdo-5.3.3-23.el6_4.1.x86_64.rpm\nphp-pgsql-5.3.3-23.el6_4.1.x86_64.rpm\nphp-soap-5.3.3-23.el6_4.1.x86_64.rpm\nphp-xml-5.3.3-23.el6_4.1.x86_64.rpm\nphp-xmlrpc-5.3.3-23.el6_4.1.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.2):\n\nSource:\nphp-5.3.3-3.el6_2.11.src.rpm\n\ni386:\nphp-bcmath-5.3.3-3.el6_2.11.i686.rpm\nphp-dba-5.3.3-3.el6_2.11.i686.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.i686.rpm\nphp-devel-5.3.3-3.el6_2.11.i686.rpm\nphp-embedded-5.3.3-3.el6_2.11.i686.rpm\nphp-enchant-5.3.3-3.el6_2.11.i686.rpm\nphp-imap-5.3.3-3.el6_2.11.i686.rpm\nphp-intl-5.3.3-3.el6_2.11.i686.rpm\nphp-mbstring-5.3.3-3.el6_2.11.i686.rpm\nphp-process-5.3.3-3.el6_2.11.i686.rpm\nphp-pspell-5.3.3-3.el6_2.11.i686.rpm\nphp-recode-5.3.3-3.el6_2.11.i686.rpm\nphp-snmp-5.3.3-3.el6_2.11.i686.rpm\nphp-tidy-5.3.3-3.el6_2.11.i686.rpm\nphp-zts-5.3.3-3.el6_2.11.i686.rpm\n\nppc64:\nphp-bcmath-5.3.3-3.el6_2.11.ppc64.rpm\nphp-dba-5.3.3-3.el6_2.11.ppc64.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.ppc64.rpm\nphp-devel-5.3.3-3.el6_2.11.ppc64.rpm\nphp-embedded-5.3.3-3.el6_2.11.ppc64.rpm\nphp-enchant-5.3.3-3.el6_2.11.ppc64.rpm\nphp-imap-5.3.3-3.el6_2.11.ppc64.rpm\nphp-intl-5.3.3-3.el6_2.11.ppc64.rpm\nphp-mbstring-5.3.3-3.el6_2.11.ppc64.rpm\nphp-process-5.3.3-3.el6_2.11.ppc64.rpm\nphp-pspell-5.3.3-3.el6_2.11.ppc64.rpm\nphp-recode-5.3.3-3.el6_2.11.ppc64.rpm\nphp-snmp-5.3.3-3.el6_2.11.ppc64.rpm\nphp-tidy-5.3.3-3.el6_2.11.ppc64.rpm\nphp-zts-5.3.3-3.el6_2.11.ppc64.rpm\n\ns390x:\nphp-bcmath-5.3.3-3.el6_2.11.s390x.rpm\nphp-dba-5.3.3-3.el6_2.11.s390x.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.s390x.rpm\nphp-devel-5.3.3-3.el6_2.11.s390x.rpm\nphp-embedded-5.3.3-3.el6_2.11.s390x.rpm\nphp-enchant-5.3.3-3.el6_2.11.s390x.rpm\nphp-imap-5.3.3-3.el6_2.11.s390x.rpm\nphp-intl-5.3.3-3.el6_2.11.s390x.rpm\nphp-mbstring-5.3.3-3.el6_2.11.s390x.rpm\nphp-process-5.3.3-3.el6_2.11.s390x.rpm\nphp-pspell-5.3.3-3.el6_2.11.s390x.rpm\nphp-recode-5.3.3-3.el6_2.11.s390x.rpm\nphp-snmp-5.3.3-3.el6_2.11.s390x.rpm\nphp-tidy-5.3.3-3.el6_2.11.s390x.rpm\nphp-zts-5.3.3-3.el6_2.11.s390x.rpm\n\nx86_64:\nphp-bcmath-5.3.3-3.el6_2.11.x86_64.rpm\nphp-dba-5.3.3-3.el6_2.11.x86_64.rpm\nphp-debuginfo-5.3.3-3.el6_2.11.x86_64.rpm\nphp-devel-5.3.3-3.el6_2.11.x86_64.rpm\nphp-embedded-5.3.3-3.el6_2.11.x86_64.rpm\nphp-enchant-5.3.3-3.el6_2.11.x86_64.rpm\nphp-imap-5.3.3-3.el6_2.11.x86_64.rpm\nphp-intl-5.3.3-3.el6_2.11.x86_64.rpm\nphp-mbstring-5.3.3-3.el6_2.11.x86_64.rpm\nphp-process-5.3.3-3.el6_2.11.x86_64.rpm\nphp-pspell-5.3.3-3.el6_2.11.x86_64.rpm\nphp-recode-5.3.3-3.el6_2.11.x86_64.rpm\nphp-snmp-5.3.3-3.el6_2.11.x86_64.rpm\nphp-tidy-5.3.3-3.el6_2.11.x86_64.rpm\nphp-zts-5.3.3-3.el6_2.11.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.3):\n\nSource:\nphp-5.3.3-14.el6_3.3.src.rpm\n\ni386:\nphp-bcmath-5.3.3-14.el6_3.3.i686.rpm\nphp-dba-5.3.3-14.el6_3.3.i686.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.i686.rpm\nphp-devel-5.3.3-14.el6_3.3.i686.rpm\nphp-embedded-5.3.3-14.el6_3.3.i686.rpm\nphp-enchant-5.3.3-14.el6_3.3.i686.rpm\nphp-imap-5.3.3-14.el6_3.3.i686.rpm\nphp-intl-5.3.3-14.el6_3.3.i686.rpm\nphp-mbstring-5.3.3-14.el6_3.3.i686.rpm\nphp-process-5.3.3-14.el6_3.3.i686.rpm\nphp-pspell-5.3.3-14.el6_3.3.i686.rpm\nphp-recode-5.3.3-14.el6_3.3.i686.rpm\nphp-snmp-5.3.3-14.el6_3.3.i686.rpm\nphp-tidy-5.3.3-14.el6_3.3.i686.rpm\nphp-zts-5.3.3-14.el6_3.3.i686.rpm\n\nppc64:\nphp-bcmath-5.3.3-14.el6_3.3.ppc64.rpm\nphp-dba-5.3.3-14.el6_3.3.ppc64.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.ppc64.rpm\nphp-devel-5.3.3-14.el6_3.3.ppc64.rpm\nphp-embedded-5.3.3-14.el6_3.3.ppc64.rpm\nphp-enchant-5.3.3-14.el6_3.3.ppc64.rpm\nphp-imap-5.3.3-14.el6_3.3.ppc64.rpm\nphp-intl-5.3.3-14.el6_3.3.ppc64.rpm\nphp-mbstring-5.3.3-14.el6_3.3.ppc64.rpm\nphp-process-5.3.3-14.el6_3.3.ppc64.rpm\nphp-pspell-5.3.3-14.el6_3.3.ppc64.rpm\nphp-recode-5.3.3-14.el6_3.3.ppc64.rpm\nphp-snmp-5.3.3-14.el6_3.3.ppc64.rpm\nphp-tidy-5.3.3-14.el6_3.3.ppc64.rpm\nphp-zts-5.3.3-14.el6_3.3.ppc64.rpm\n\ns390x:\nphp-bcmath-5.3.3-14.el6_3.3.s390x.rpm\nphp-dba-5.3.3-14.el6_3.3.s390x.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.s390x.rpm\nphp-devel-5.3.3-14.el6_3.3.s390x.rpm\nphp-embedded-5.3.3-14.el6_3.3.s390x.rpm\nphp-enchant-5.3.3-14.el6_3.3.s390x.rpm\nphp-imap-5.3.3-14.el6_3.3.s390x.rpm\nphp-intl-5.3.3-14.el6_3.3.s390x.rpm\nphp-mbstring-5.3.3-14.el6_3.3.s390x.rpm\nphp-process-5.3.3-14.el6_3.3.s390x.rpm\nphp-pspell-5.3.3-14.el6_3.3.s390x.rpm\nphp-recode-5.3.3-14.el6_3.3.s390x.rpm\nphp-snmp-5.3.3-14.el6_3.3.s390x.rpm\nphp-tidy-5.3.3-14.el6_3.3.s390x.rpm\nphp-zts-5.3.3-14.el6_3.3.s390x.rpm\n\nx86_64:\nphp-bcmath-5.3.3-14.el6_3.3.x86_64.rpm\nphp-dba-5.3.3-14.el6_3.3.x86_64.rpm\nphp-debuginfo-5.3.3-14.el6_3.3.x86_64.rpm\nphp-devel-5.3.3-14.el6_3.3.x86_64.rpm\nphp-embedded-5.3.3-14.el6_3.3.x86_64.rpm\nphp-enchant-5.3.3-14.el6_3.3.x86_64.rpm\nphp-imap-5.3.3-14.el6_3.3.x86_64.rpm\nphp-intl-5.3.3-14.el6_3.3.x86_64.rpm\nphp-mbstring-5.3.3-14.el6_3.3.x86_64.rpm\nphp-process-5.3.3-14.el6_3.3.x86_64.rpm\nphp-pspell-5.3.3-14.el6_3.3.x86_64.rpm\nphp-recode-5.3.3-14.el6_3.3.x86_64.rpm\nphp-snmp-5.3.3-14.el6_3.3.x86_64.rpm\nphp-tidy-5.3.3-14.el6_3.3.x86_64.rpm\nphp-zts-5.3.3-14.el6_3.3.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional EUS (v. 6.4):\n\nSource:\nphp-5.3.3-23.el6_4.1.src.rpm\n\ni386:\nphp-bcmath-5.3.3-23.el6_4.1.i686.rpm\nphp-dba-5.3.3-23.el6_4.1.i686.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.i686.rpm\nphp-devel-5.3.3-23.el6_4.1.i686.rpm\nphp-embedded-5.3.3-23.el6_4.1.i686.rpm\nphp-enchant-5.3.3-23.el6_4.1.i686.rpm\nphp-fpm-5.3.3-23.el6_4.1.i686.rpm\nphp-imap-5.3.3-23.el6_4.1.i686.rpm\nphp-intl-5.3.3-23.el6_4.1.i686.rpm\nphp-mbstring-5.3.3-23.el6_4.1.i686.rpm\nphp-process-5.3.3-23.el6_4.1.i686.rpm\nphp-pspell-5.3.3-23.el6_4.1.i686.rpm\nphp-recode-5.3.3-23.el6_4.1.i686.rpm\nphp-snmp-5.3.3-23.el6_4.1.i686.rpm\nphp-tidy-5.3.3-23.el6_4.1.i686.rpm\nphp-zts-5.3.3-23.el6_4.1.i686.rpm\n\nppc64:\nphp-bcmath-5.3.3-23.el6_4.1.ppc64.rpm\nphp-dba-5.3.3-23.el6_4.1.ppc64.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.ppc64.rpm\nphp-devel-5.3.3-23.el6_4.1.ppc64.rpm\nphp-embedded-5.3.3-23.el6_4.1.ppc64.rpm\nphp-enchant-5.3.3-23.el6_4.1.ppc64.rpm\nphp-fpm-5.3.3-23.el6_4.1.ppc64.rpm\nphp-imap-5.3.3-23.el6_4.1.ppc64.rpm\nphp-intl-5.3.3-23.el6_4.1.ppc64.rpm\nphp-mbstring-5.3.3-23.el6_4.1.ppc64.rpm\nphp-process-5.3.3-23.el6_4.1.ppc64.rpm\nphp-pspell-5.3.3-23.el6_4.1.ppc64.rpm\nphp-recode-5.3.3-23.el6_4.1.ppc64.rpm\nphp-snmp-5.3.3-23.el6_4.1.ppc64.rpm\nphp-tidy-5.3.3-23.el6_4.1.ppc64.rpm\nphp-zts-5.3.3-23.el6_4.1.ppc64.rpm\n\ns390x:\nphp-bcmath-5.3.3-23.el6_4.1.s390x.rpm\nphp-dba-5.3.3-23.el6_4.1.s390x.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.s390x.rpm\nphp-devel-5.3.3-23.el6_4.1.s390x.rpm\nphp-embedded-5.3.3-23.el6_4.1.s390x.rpm\nphp-enchant-5.3.3-23.el6_4.1.s390x.rpm\nphp-fpm-5.3.3-23.el6_4.1.s390x.rpm\nphp-imap-5.3.3-23.el6_4.1.s390x.rpm\nphp-intl-5.3.3-23.el6_4.1.s390x.rpm\nphp-mbstring-5.3.3-23.el6_4.1.s390x.rpm\nphp-process-5.3.3-23.el6_4.1.s390x.rpm\nphp-pspell-5.3.3-23.el6_4.1.s390x.rpm\nphp-recode-5.3.3-23.el6_4.1.s390x.rpm\nphp-snmp-5.3.3-23.el6_4.1.s390x.rpm\nphp-tidy-5.3.3-23.el6_4.1.s390x.rpm\nphp-zts-5.3.3-23.el6_4.1.s390x.rpm\n\nx86_64:\nphp-bcmath-5.3.3-23.el6_4.1.x86_64.rpm\nphp-dba-5.3.3-23.el6_4.1.x86_64.rpm\nphp-debuginfo-5.3.3-23.el6_4.1.x86_64.rpm\nphp-devel-5.3.3-23.el6_4.1.x86_64.rpm\nphp-embedded-5.3.3-23.el6_4.1.x86_64.rpm\nphp-enchant-5.3.3-23.el6_4.1.x86_64.rpm\nphp-fpm-5.3.3-23.el6_4.1.x86_64.rpm\nphp-imap-5.3.3-23.el6_4.1.x86_64.rpm\nphp-intl-5.3.3-23.el6_4.1.x86_64.rpm\nphp-mbstring-5.3.3-23.el6_4.1.x86_64.rpm\nphp-process-5.3.3-23.el6_4.1.x86_64.rpm\nphp-pspell-5.3.3-23.el6_4.1.x86_64.rpm\nphp-recode-5.3.3-23.el6_4.1.x86_64.rpm\nphp-snmp-5.3.3-23.el6_4.1.x86_64.rpm\nphp-tidy-5.3.3-23.el6_4.1.x86_64.rpm\nphp-zts-5.3.3-23.el6_4.1.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/#package\n\n7. References:\n\nhttps://www.redhat.com/security/data/cve/CVE-2013-6420.html\nhttps://access.redhat.com/security/updates/classification/#critical\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2013 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.4 (GNU/Linux)\n\niD8DBQFSqKLhXlSAg2UNWIIRAnSIAKCghJudv/nUjGlRyial77jiDvzgOACghRSP\nXX2uwN0qecAwBgiL2cJNyh4=\n=6m6W\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
"sources": [
{
"db": "NVD",
"id": "CVE-2013-6420"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "BID",
"id": "64225"
},
{
"db": "VULHUB",
"id": "VHN-66422"
},
{
"db": "PACKETSTORM",
"id": "124383"
},
{
"db": "PACKETSTORM",
"id": "124407"
},
{
"db": "PACKETSTORM",
"id": "124776"
},
{
"db": "PACKETSTORM",
"id": "125427"
},
{
"db": "PACKETSTORM",
"id": "124382"
},
{
"db": "PACKETSTORM",
"id": "124406"
},
{
"db": "PACKETSTORM",
"id": "124389"
},
{
"db": "PACKETSTORM",
"id": "124390"
}
],
"trust": 2.7
},
"exploit_availability": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"reference": "https://www.scap.org.cn/vuln/vhn-66422",
"trust": 0.1,
"type": "unknown"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66422"
}
]
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2013-6420",
"trust": 3.6
},
{
"db": "BID",
"id": "64225",
"trust": 1.4
},
{
"db": "SECTRACK",
"id": "1029472",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "59652",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU95868425",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585",
"trust": 0.8
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348",
"trust": 0.7
},
{
"db": "SECUNIA",
"id": "56071",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "56055",
"trust": 0.6
},
{
"db": "SECUNIA",
"id": "56070",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "124776",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124389",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124390",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124383",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124407",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124406",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "124391",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124532",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124384",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124436",
"trust": 0.1
},
{
"db": "SEEBUG",
"id": "SSVID-83792",
"trust": 0.1
},
{
"db": "EXPLOIT-DB",
"id": "30395",
"trust": 0.1
},
{
"db": "VULHUB",
"id": "VHN-66422",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "125427",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "124382",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66422"
},
{
"db": "BID",
"id": "64225"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "PACKETSTORM",
"id": "124383"
},
{
"db": "PACKETSTORM",
"id": "124407"
},
{
"db": "PACKETSTORM",
"id": "124776"
},
{
"db": "PACKETSTORM",
"id": "125427"
},
{
"db": "PACKETSTORM",
"id": "124382"
},
{
"db": "PACKETSTORM",
"id": "124406"
},
{
"db": "PACKETSTORM",
"id": "124389"
},
{
"db": "PACKETSTORM",
"id": "124390"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"id": "VAR-201312-0207",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-66422"
}
],
"trust": 0.01
},
"last_update_date": "2024-11-29T19:40:54.633000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "APPLE-SA-2014-02-25-1",
"trust": 0.8,
"url": "http://lists.apple.com/archives/security-announce/2014/Feb/msg00000.html"
},
{
"title": "HT6150",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6150"
},
{
"title": "HT6150",
"trust": 0.8,
"url": "http://support.apple.com/kb/HT6150?viewlocale=ja_JP"
},
{
"title": "InterWorx Version 5.0.14 Released on Beta Channel!",
"trust": 0.8,
"url": "http://forums.interworx.com/threads/8000-InterWorx-Version-5-0-14-Released-on-Beta-Channel!"
},
{
"title": "Bug 1036830",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036830"
},
{
"title": "Multiple Buffer Errors vulnerabilities in PHP",
"trust": 0.8,
"url": "https://blogs.oracle.com/sunsecurity/entry/multiple_buffer_errors_vulnerabilities_in1"
},
{
"title": "Fix CVE-2013-6420 - memory corruption in openssl_x509_parse",
"trust": 0.8,
"url": "http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415"
},
{
"title": "PHP 5 ChangeLog",
"trust": 0.8,
"url": "http://www.php.net/ChangeLog-5.php"
},
{
"title": "php-5.5.7",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47192"
},
{
"title": "php-5.4.23",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47191"
},
{
"title": "php-5.3.28",
"trust": 0.6,
"url": "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=47190"
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66422"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 2.5,
"url": "https://www.sektioneins.de/advisories/advisory-012013-php-openssl_x509_parse-memory-corruption-vulnerability.html"
},
{
"trust": 1.7,
"url": "http://www.php.net/changelog-5.php"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1036830"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1813.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1824.html"
},
{
"trust": 1.2,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1825.html"
},
{
"trust": 1.2,
"url": "http://www.ubuntu.com/usn/usn-2055-1"
},
{
"trust": 1.1,
"url": "http://www.securityfocus.com/bid/64225"
},
{
"trust": 1.1,
"url": "http://forums.interworx.com/threads/8000-interworx-version-5-0-14-released-on-beta-channel%21"
},
{
"trust": 1.1,
"url": "http://support.apple.com/kb/ht6150"
},
{
"trust": 1.1,
"url": "http://www.debian.org/security/2013/dsa-2816"
},
{
"trust": 1.1,
"url": "https://h20564.www2.hp.com/hpsc/doc/public/display?docid=emr_na-c04463322"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1815.html"
},
{
"trust": 1.1,
"url": "http://rhn.redhat.com/errata/rhsa-2013-1826.html"
},
{
"trust": 1.1,
"url": "http://www.securitytracker.com/id/1029472"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/59652"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00125.html"
},
{
"trust": 1.1,
"url": "http://lists.opensuse.org/opensuse-updates/2013-12/msg00126.html"
},
{
"trust": 1.0,
"url": "http://git.php.net/?p=php-src.git%3ba=commit%3bh=c1224573c773b6845e83505f717fbf820fc18415"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2013-6420"
},
{
"trust": 0.8,
"url": "http://jvn.jp/vu/jvnvu95868425/"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2013-6420"
},
{
"trust": 0.8,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6420"
},
{
"trust": 0.7,
"url": "http://git.php.net/?p=php-src.git;a=commit;h=c1224573c773b6845e83505f717fbf820fc18415"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56055"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56070"
},
{
"trust": 0.6,
"url": "http://secunia.com/advisories/56071"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/#package"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/site/articles/11258"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/security/data/cve/cve-2013-6420.html"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#critical"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.3,
"url": "http://www.php.net/"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6712"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.4.9-4ubuntu2.4"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.2-1ubuntu4.22"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.9"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.5.3+dfsg-1ubuntu2.1"
},
{
"trust": 0.1,
"url": "https://launchpad.net/ubuntu/+source/php5/5.4.6-1ubuntu1.5"
},
{
"trust": 0.1,
"url": "http://slackware.com"
},
{
"trust": 0.1,
"url": "http://osuosl.org)"
},
{
"trust": 0.1,
"url": "http://slackware.com/gpg-key"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1255"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-6629"
},
{
"trust": 0.1,
"url": "http://support.apple.com/kb/ht1222"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5179"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1250"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1245"
},
{
"trust": 0.1,
"url": "http://www.apple.com/support/downloads/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1259"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5987"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1254"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1256"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1258"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1249"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1248"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1247"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-3389"
},
{
"trust": 0.1,
"url": "https://www.apple.com/support/security/pgp/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4073"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5178"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5139"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1261"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1896"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1260"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1246"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1862"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1257"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-5986"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4248"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-4113"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2014-1252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2012-2688"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2011-1398.html"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2013-1643"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2011-1398"
},
{
"trust": 0.1,
"url": "https://rhn.redhat.com/errata/rhsa-2013-1814.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2012-2688.html"
},
{
"trust": 0.1,
"url": "https://www.redhat.com/security/data/cve/cve-2013-1643.html"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-66422"
},
{
"db": "BID",
"id": "64225"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "PACKETSTORM",
"id": "124383"
},
{
"db": "PACKETSTORM",
"id": "124407"
},
{
"db": "PACKETSTORM",
"id": "124776"
},
{
"db": "PACKETSTORM",
"id": "125427"
},
{
"db": "PACKETSTORM",
"id": "124382"
},
{
"db": "PACKETSTORM",
"id": "124406"
},
{
"db": "PACKETSTORM",
"id": "124389"
},
{
"db": "PACKETSTORM",
"id": "124390"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-66422"
},
{
"db": "BID",
"id": "64225"
},
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"db": "PACKETSTORM",
"id": "124383"
},
{
"db": "PACKETSTORM",
"id": "124407"
},
{
"db": "PACKETSTORM",
"id": "124776"
},
{
"db": "PACKETSTORM",
"id": "125427"
},
{
"db": "PACKETSTORM",
"id": "124382"
},
{
"db": "PACKETSTORM",
"id": "124406"
},
{
"db": "PACKETSTORM",
"id": "124389"
},
{
"db": "PACKETSTORM",
"id": "124390"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2013-12-17T00:00:00",
"db": "VULHUB",
"id": "VHN-66422"
},
{
"date": "2013-12-09T00:00:00",
"db": "BID",
"id": "64225"
},
{
"date": "2013-12-18T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"date": "2013-12-11T06:56:18",
"db": "PACKETSTORM",
"id": "124383"
},
{
"date": "2013-12-14T00:04:46",
"db": "PACKETSTORM",
"id": "124407"
},
{
"date": "2014-01-14T14:44:00",
"db": "PACKETSTORM",
"id": "124776"
},
{
"date": "2014-02-26T22:21:07",
"db": "PACKETSTORM",
"id": "125427"
},
{
"date": "2013-12-11T06:56:03",
"db": "PACKETSTORM",
"id": "124382"
},
{
"date": "2013-12-14T00:04:19",
"db": "PACKETSTORM",
"id": "124406"
},
{
"date": "2013-12-12T04:29:33",
"db": "PACKETSTORM",
"id": "124389"
},
{
"date": "2013-12-12T04:29:44",
"db": "PACKETSTORM",
"id": "124390"
},
{
"date": "2013-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"date": "2013-12-17T04:46:45.877000",
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-10-30T00:00:00",
"db": "VULHUB",
"id": "VHN-66422"
},
{
"date": "2015-07-15T00:13:00",
"db": "BID",
"id": "64225"
},
{
"date": "2015-08-10T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2013-005585"
},
{
"date": "2013-12-18T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201312-348"
},
{
"date": "2024-11-21T01:59:11.413000",
"db": "NVD",
"id": "CVE-2013-6420"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "124383"
},
{
"db": "PACKETSTORM",
"id": "124382"
},
{
"db": "PACKETSTORM",
"id": "124389"
},
{
"db": "PACKETSTORM",
"id": "124390"
},
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
}
],
"trust": 1.0
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "PHP of ext/openssl/openssl.c Inside asn1_time_to_time_t Vulnerability in arbitrary code execution in function",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2013-005585"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "buffer overflow",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-201312-348"
}
],
"trust": 0.6
}
}
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.