PHP and VMWare Updates
PHP 5.4.19 and PHP 5.5.3
The PHP development team announces the immediate availability of PHP 5.4.19 and PHP 5.5.3. These releases fix a bug in the patch for
CVE-2013-4248 in OpenSSL module and compile failure with ZTS enabled in PHP 5.4, which were introduced in previously released 5.4.18 and 5.5.2.
All PHP users are encouraged to upgrade to either PHP 5.5.3 or PHP 5.4.19.
For source downloads of PHP 5.4.19 and PHP 5.5.3 please visit our downloads page: http://www.php.net/downloads.php
Windows binaries can be found on: http://windows.php.net/download/
The list of changes is recorded in the ChangeLog at: http://www.php.net/ChangeLog-5.php
VMWare VMSA-2013-0010
Summary
VMware Workstation addresses a vulnerability in the vmware-mount component which could result in a privilege escalation on linux-based host machines.
Relevant releases
VMware Workstation 9.x
VMware Workstation 8.x
VMware Player 5.x
VMware Player 4.x
Problem Description
VMware mount privilege escalation
VMware Workstation and Player contain a vulnerability in the handling of the vmware-mount command. A local malicious user may exploit this vulnerability to escalate their privileges to root on the host OS. The issue is present when Workstation or Player are installed on a Debian-based version of Linux.
The vulnerability does not allow for privilege escalation from the Guest Operating System to the host or vice-versa. This means that host memory can not be manipulated from the Guest Operating System.
Keywords:
0 comment(s)
×
Diary Archives
Comments