[ MDVSA-2015:079 ] php

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:079
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : php
 Date    : March 28, 2015
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been discovered and corrected in php:
 
 S. Paraschoudis discovered that PHP incorrectly handled memory in
 the enchant binding. A remote attacker could use this issue to cause
 PHP to crash, resulting in a denial of service, or possibly execute
 arbitrary code (CVE-2014-9705).
 
 Taoguang Chen discovered that PHP incorrectly handled unserializing
 objects. A remote attacker could use this issue to cause PHP to crash,
 resulting in a denial of service, or possibly execute arbitrary code
 (CVE-2015-0273).

Leave a Reply