A NULL pointer dereference flaw was found in the way PHP's Phar extension parsed Phar archives. A specially crafted archive could cause PHP to crash. Upstream bug: https://bugs.php.net/bug.php?id=69720 Upstream patch: https://git.php.net/?p=php-src.git;a=patch;h=d698f0ae51f67c9cce870b09c59df3d6ba959244
Fixed in all versions of Fedora: php-5.6.14-1.fc21 php-5.6.14-1.fc22 php-5.6.14-1.fc23 php-5.6.14-1.fc24
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7.1 EUS Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 7.2 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.7 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6 Via RHSA-2016:0457 https://rhn.redhat.com/errata/RHSA-2016-0457.html