[ MDVSA-2014:202 ] php

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2014:202
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : php
 Date    : October 23, 2014
 Affected: Business Server 1.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been discovered and corrected in php:
 
 A heap corruption issue was reported in PHP's exif_thumbnail()
 function. A specially-crafted JPEG image could cause the PHP
 interpreter to crash or, potentially, execute arbitrary code
 (CVE-2014-3670).
 
 The updated php packages have been upgraded to the 5.5.18 version
 resolve this security flaw.
 
 Additionally, php-apc has been rebuilt against the updated php
 packages.
 _______________________________________________________________________

 References:

 ht

007 Software

Leave a Reply Cancel reply

Software and Security Information