Advisories ยป MGASA-2018-0390

Updated php packages fix security vulnerability

Publication date: 21 Sep 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-14851 , CVE-2018-14883

Description

- Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c
  (CVE-2018-14883)
- heap-buffer-overflow (READ of size 48) while reading exif data
  (CVE-2018-14851)
- XSS due to the header Transfer-Encoding: chunked 
                

References

SRPMS

6/core