This is a maintenance and bugfix release that upgrades php to the
latest 5.5.19 version which resolves various upstream bugs in php.

Additionally, the php-timezonedb packages has been upgraded to the
latest 2014.10 version and the PECL packages which requires so has
been rebuilt for php-5.5.19.

Updated krb5 packages fix security vulnerability:

The kadm5_randkey_principal_3 function in lib/kadm5/srv/svr_principal.c
in kadmind in MIT Kerberos 5 (aka krb5) before 1.13 sends old keys
in a response to a -randkey -keepold request, which allows remote
authenticated users to forge tickets by leveraging administrative
access (CVE-2014-5351).

Updated qemu packages fix security vulnerabilities:

Michael S. Tsirkin discovered that QEMU incorrectly handled vmxnet3
devices. A local guest could possibly use this issue to cause a
denial of service, or possibly execute arbitrary code on the host
(CVE-2013-4544).

Multiple integer overflow, input validation, logic error, and buffer
overflow flaws were discovered in various QEMU block drivers. An
attacker able to modify a disk image file loaded by a guest could
use these flaws to crash the guest, or corrupt QEMU process memory
on the host, potentially resulting in arbitrary code execution on
the host with the privileges of the QEMU process (CVE-2014-0143,
CVE-2014-0144, CVE-2014-0145, CVE-2014-0147).

A buffer overflow flaw was found in the way the virtio_net_handle_mac()
function of QEMU processed guest requests to update the table of MAC
addresses. A privileged guest user could use this flaw to corrupt
QEMU process memory on the host, potentially resulting in arbitrary
code execution on the host with the privileges of the QEMU process
(CVE-2014-0150).

A divide-by-zero flaw was found in the seek_to_sector() function of
the parallels block driver in QEMU. An attacker able to modify a disk
image file loaded by a guest could use this flaw to crash the guest
(CVE-2014-0142).

A NULL pointer dereference flaw was found in the QCOW2 block driver
in QEMU. An attacker able to modify a disk image file loaded by a
guest could use this flaw to crash the guest (CVE-2014-0146).

It was found that the block driver for Hyper-V VHDX images did not
correctly calculate BAT (Block Allocation Table) entries due to
a missing bounds check. An attacker able to modify a disk image
file loaded by a guest could use this flaw to crash the guest
(CVE-2014-0148).

An out-of-bounds memory access flaw was found in the way QEMU’s
IDE device driver handled the execution of SMART EXECUTE OFFLINE
commands. A privileged guest user could use this flaw to corrupt
QEMU process memory on the host, which could potentially result in
arbitrary code execution on the host with the privileges of the QEMU
process (CVE-2014-2894).

Two integer overflow flaws were found in the QEMU block driver for
QCOW version 1 disk images. A user able to alter the QEMU disk image
files loaded by a guest could use either of these flaws to corrupt
QEMU process memory on the host, which could potentially result in
arbitrary code execution on the host with the privileges of the QEMU
process (CVE-2014-0222, CVE-2014-0223).

Multiple buffer overflow, input validation, and out-of-bounds write
flaws were found in the way the virtio, virtio-net, virtio-scsi, and
usb drivers of QEMU handled state loading after migration. A user
able to alter the savevm data (either on the disk or over the wire
during migration) could use either of these flaws to corrupt QEMU
process memory on the (destination) host, which could potentially
result in arbitrary code execution on the host with the privileges
of the QEMU process (CVE-2013-4148, CVE-2013-4151, CVE-2013-4535,
CVE-2013-4536, CVE-2013-4541, CVE-2013-4542, CVE-2013-6399,
CVE-2014-0182, CVE-2014-3461).

An information leak flaw was found in the way QEMU’s VGA emulator
accessed frame buffer memory for high resolution displays. A privileged
guest user could use this flaw to leak memory contents of the host to
the guest by setting the display to use a high resolution in the guest
(CVE-2014-3615).

When guest sends udp packet with source port and source addr 0,
uninitialized socket is picked up when looking for matching and already
created udp sockets, and later passed to sosendto() where NULL pointer
dereference is hit during so->slirp->vnetwork_mask.s_addr access Only
guests using qemu user networking are affected (CVE-2014-3640).

The Advanced Threat Research team at Intel Security reported that guest
provided parameter were insufficiently validated in rectangle functions
in the vmware-vga driver. A privileged guest user could use this flaw
to write into qemu address space on the host, potentially escalating
their privileges to those of the qemu host process (CVE-2014-3689).

It was discovered that QEMU incorrectly handled USB xHCI controller
live migration. An attacker could possibly use this issue to cause a
denial of service, or possibly execute arbitrary code (CVE-2014-5263).

James Spadaro of Cisco reported insufficiently sanitized bits_per_pixel
from the client in the QEMU VNC display driver. An attacker having
access to the guest’s VNC console could use this flaw to crash the
guest (CVE-2014-7815).

Additionally qemu-1.6+ requires usbredir-0.6+ for USB redirection
support which is also being provided with this advisory.

Updated libvirt packages fix security vulnerability:

Eric Blake discovered that libvirt incorrectly handled permissions
when processing the qemuDomainFormatXML command. An attacker with
read-only privileges could possibly use this to gain access to certain
information from the domain xml file (CVE-2014-7823).

Updated wireshark packages fix security vulnerabilities:

SigComp UDVM buffer overflow (CVE-2014-8710).

AMQP crash (CVE-2014-8711).

NCP crashes (CVE-2014-8712, CVE-2014-8713).

TN5250 infinite loops (CVE-2014-8714).

Multiple vulnerabilities has been discovered and corrected in asterisk:

Remote crash when handling out of call message in certain dialplan
configurations (CVE-2014-6610).

Asterisk Susceptibility to POODLE Vulnerability (CVE-2014-3566).

Mixed IP address families in access control lists may permit unwanted
traffic.

High call load may result in hung channels in ConfBridge.

Permission escalation through ConfBridge actions/dialplan functions.

The updated packages has been upgraded to the 11.14.1 version which
is not vulnerable to these issues.

Updated srtp package fixes security vulnerability:

Fernando Russ from Groundworks Technologies reported a buffer
overflow flaw in srtp, Cisco’s reference implementation
of the Secure Real-time Transport Protocol (SRTP), in how
the crypto_policy_set_from_profile_for_rtp() function applies
cryptographic profiles to an srtp_policy. A remote attacker could
exploit this vulnerability to crash an application linked against
libsrtp, resulting in a denial of service (CVE-2013-2139).

A vulnerability has been found and corrected in php-ZendFramework:

The (1) Zend_Ldap class in Zend before 1.12.9 and (2) ZendLdap
component in Zend 2.x before 2.2.8 and 2.3.x before 2.3.3 allows
remote attackers to bypass authentication via a password starting with
a null byte, which triggers an unauthenticated bind (CVE-2014-8088).

The updated packages have been upgraded to the latest ZendFramework
(1.12.9) version which is not vulnerable to this issue.

ClamAV 0.98.5 addresses several reported potential security bugs.

Certain javascript files causes ClamAV to segfault when scanned with
the -a (list archived files) (CVE-2013-6497).