This fixes CVE-2016-8659.
—-
First release into EPEL.
Monthly Archives: October 2016
CVE-2005-4900
SHA-1 is not collision resistant, which makes it easier for context-dependent attackers to conduct spoofing attacks, as demonstrated by attacks on the use of SHA-1 in TLS 1.2. NOTE: this CVE exists to provide a common identifier for referencing this SHA-1 issue; the existence of an identifier is not, by itself, a technology recommendation.
php-pecl-zip-1.13.5-1.fc23
**Version 1.13.5**
– Fixed bug php#72660 (NULL Pointer dereference in zend_virtual_cwd). (Laruence)
– Fixed bug php#68302 (impossible to compile php with zip support). (cmb)
– Fixed bug php#70752 (Depacking with wrong password leaves 0 length files). (cmb)
php-pecl-zip-1.13.5-1.fc25
**Version 1.13.5**
– Fixed bug php#72660 (NULL Pointer dereference in zend_virtual_cwd). (Laruence)
– Fixed bug php#68302 (impossible to compile php with zip support). (cmb)
– Fixed bug php#70752 (Depacking with wrong password leaves 0 length files). (cmb)
php-pecl-zip-1.13.5-1.fc24
**Version 1.13.5**
– Fixed bug php#72660 (NULL Pointer dereference in zend_virtual_cwd). (Laruence)
– Fixed bug php#68302 (impossible to compile php with zip support). (cmb)
– Fixed bug php#70752 (Depacking with wrong password leaves 0 length files). (cmb)
Red Hat Security Advisory 2016-2058-01
Red Hat Security Advisory 2016-2058-01 – MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
Red Hat Security Advisory 2016-2059-01
Red Hat Security Advisory 2016-2059-01 – MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
Red Hat Security Advisory 2016-2060-01
Red Hat Security Advisory 2016-2060-01 – MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
Red Hat Security Advisory 2016-2061-01
Red Hat Security Advisory 2016-2061-01 – MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands with root privileges on the system running the database server.
Red Hat Security Advisory 2016-2062-01
Red Hat Security Advisory 2016-2062-01 – MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. Galera is a synchronous multi-master cluster for MariaDB. Security Fix: A permissions flaw was discovered in the MySQL logging functionality, which allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly exploit this flaw to run arbitrary commands with root privileges on the system running the database server.