Updated php packages fix multiple security vulnerabilitiesPublication date: 19 Dec 2013
Affected Mageia releases : 3
CVE: CVE-2013-6420 , CVE-2013-6712
Updated php packages fix security vulnerabilities: Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2013-6420). It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP to crash, resulting in a denial of service (CVE-2013-6712).