Advisories ยป MGASA-2013-0176

Updated php package fixes several issues

Publication date: 19 Jun 2013
Modification date: 17 Jul 2013
Type: security
Affected Mageia releases : 2
CVE: CVE-2013-2110 , CVE-2013-4635

Description

Fixed php bug #64879 (Heap based buffer overflow in quoted_printable_encode,
CVE-2013-2110).

Integer overflow in the SdnToJewish function in jewish.c in the Calendar
component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows
context-dependent attackers to cause a denial of service (application hang)
via a large argument to the jdtojewish function. (CVE-2013-4635)

See the changelog for additional bug fixes.
                

References

SRPMS

2/core