/[advisories]/10492.adv
ViewVC logotype

Contents of /10492.adv

Parent Directory Parent Directory | Revision Log Revision Log


Revision 209 - (show annotations) (download)
Wed Jul 17 06:37:30 2013 UTC (3 years, 10 months ago) by claire
File size: 1015 byte(s)
Adding CVE-2013-4635 to mgasa-2013-0176 2 php mga#10492
1 type: security
2 subject: Updated php package fixes several issues
3 CVE:
4 - CVE-2013-2110
5 - CVE-2013-4635
6 src:
7 2:
8 core:
9 - php-5.3.26-1.mga2
10 - php-apc-3.1.13-1.8.mga2
11 - php-eaccelerator-0.9.6.1-10.10.mga2
12 - php-gd-bundled-5.3.26-1.mga2
13 - php-timezonedb-2013.3-1.mga2
14 - php-firebird-5.3.26-1.mga2
15 - php-pdo_firebird-5.3.26-1.mga2
16 description: |
17 Fixed php bug #64879 (Heap based buffer overflow in quoted_printable_encode,
18 CVE-2013-2110).
19
20 Integer overflow in the SdnToJewish function in jewish.c in the Calendar
21 component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows
22 context-dependent attackers to cause a denial of service (application hang)
23 via a large argument to the jdtojewish function. (CVE-2013-4635)
24
25 See the changelog for additional bug fixes.
26 references:
27 - https://bugs.mageia.org/show_bug.cgi?id=10492
28 - https://bugs.php.net/bug.php?id=64879
29 - http://www.php.net/ChangeLog-5.php
30 - http://lwn.net/Vulnerabilities/559055
31 ID: MGASA-2013-0176

  ViewVC Help
Powered by ViewVC 1.1.26