-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:080
http://www.mandriva.com/en/support/security/
_______________________________________________________________________
Package : php
Date : March 28, 2015
Affected: Business Server 2.0
_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been discovered and corrected in php:
It was discovered that the file utility contains a flaw in the handling
of indirect magic rules in the libmagic library, which leads to an
infinite recursion when trying to determine the file type of certain
files (CVE-2014-1943).
A flaw was found in the way the file utility determined the type of
Portable Executable (PE) format files, the executable format used on
Windows. A malicious PE file could cause the file utility to crash or,
potentially, execute