Updated php package fixes several issues
Publication date: 19 Jun 2013Modification date: 17 Jul 2013
Type: security
Affected Mageia releases : 2
CVE: CVE-2013-2110 , CVE-2013-4635
Description
Fixed php bug #64879 (Heap based buffer overflow in quoted_printable_encode, CVE-2013-2110). Integer overflow in the SdnToJewish function in jewish.c in the Calendar component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows context-dependent attackers to cause a denial of service (application hang) via a large argument to the jdtojewish function. (CVE-2013-4635) See the changelog for additional bug fixes.
References
SRPMS
2/core
- php-5.3.26-1.mga2
- php-apc-3.1.13-1.8.mga2
- php-eaccelerator-0.9.6.1-10.10.mga2
- php-gd-bundled-5.3.26-1.mga2
- php-timezonedb-2013.3-1.mga2
- php-firebird-5.3.26-1.mga2
- php-pdo_firebird-5.3.26-1.mga2