Updated php packages fix CVE-2014-8142
Publication date: 21 Dec 2014Modification date: 22 Dec 2014
Type: security
Affected Mageia releases : 4
CVE: CVE-2014-8142
Description
Updated php packages fix security vulnerability: A use-after-free flaw was found in PHP unserialize(). An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize() (CVE-2014-8142). PHP has been updated to version 5.5.20, which fixes these issues and other bugs.
References
SRPMS
4/core
- php-5.5.20-1.mga4
- php-apc-3.1.15-4.10.mga4