Advisories » MGASA-2017-0412

Updated php packages fix security vulnerabilities

Publication date: 16 Nov 2017
Modification date: 16 Nov 2017
Type: security
Affected Mageia releases : 5 , 6

Description

Updated php packages fix security vulnerabilities:

Out-Of-Bounds Read in timelib_meridian() in the Date module (php#75055).

Arcfour encryption stream filter crashes php-mcrypt (php#72535).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21991
• http://php.net/ChangeLog-5.php#5.6.32

SRPMS

5/core

• php-5.6.32-1.mga5

6/core

• php-5.6.32-1.mga6