Advisories ยป MGASA-2014-0542

Updated php packages fix CVE-2014-8142

Publication date: 21 Dec 2014
Modification date: 22 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8142

Description

Updated php packages fix security vulnerability:

A use-after-free flaw was found in PHP unserialize().  An untrusted input
could cause PHP interpreter to crash or, possibly, execute arbitrary code
when processed using unserialize() (CVE-2014-8142).

PHP has been updated to version 5.5.20, which fixes these issues and other
bugs.
                

References

SRPMS

4/core