/[advisories]/10456.adv
ViewVC logotype

Diff of /10456.adv

Parent Directory Parent Directory | Revision Log Revision Log | View Patch Patch

revision 37 by boklm, Tue Jun 18 15:00:02 2013 UTC revision 208 by claire, Tue Jul 16 18:14:40 2013 UTC
# Line 1  Line 1 
1  type: security  type: security
2  subject: Updated php packages fix security vulnerability  subject: Updated php packages fix security vulnerabilies
3  CVE:  CVE:
4   - CVE-2013-2110   - CVE-2013-2110
5     - CVE-2013-4635
6  src:  src:
7    3:    3:
8     core:     core:
# Line 13  description: | Line 14  description: |
14    Heap based buffer overflow in quoted_printable_encode() in PHP before    Heap based buffer overflow in quoted_printable_encode() in PHP before
15    version 5.4.16 (CVE-2013-2110).    version 5.4.16 (CVE-2013-2110).
16    
17      Integer overflow in the SdnToJewish function in jewish.c in the Calendar
18      component in PHP before 5.3.26 and 5.4.x before 5.4.16 allows
19      context-dependent attackers to cause a denial of service (application hang)
20      via a large argument to the jdtojewish function. (CVE-2013-4635)
21      
22    This update provides PHP version 5.4.16 which fixes this as well as    This update provides PHP version 5.4.16 which fixes this as well as
23    several other issues.    several other issues.
24  references:  references:
25   - https://bugs.mageia.org/show_bug.cgi?id=10456   - https://bugs.mageia.org/show_bug.cgi?id=10456
26   - http://www.php.net/ChangeLog-5.php   - http://www.php.net/ChangeLog-5.php
27     - http://lwn.net/Vulnerabilities/559055/
28  ID: MGASA-2013-0172  ID: MGASA-2013-0172

Legend:
Removed from v.37  
changed lines
  Added in v.208

  ViewVC Help
Powered by ViewVC 1.1.28