{"id":"MGASA-2014-0283","summary":"Updated php packages fix multiple vulnerabilities","details":"Updated php packages fix security vulnerabilities:\n\nThe unserialize() function in PHP before 5.4.30 and 5.5.14 has a Type\nConfusion issue related to the SPL ArrayObject and SPLObjectStorage Types\n(CVE-2014-3515).\n\nIt was discovered that PHP is vulnerable to a heap-based buffer overflow in\nthe DNS TXT record parsing. A malicious server or man-in-the-middle attacker\ncould possibly use this flaw to execute arbitrary code as the PHP interpreter\nif a PHP application uses dns_get_record() to perform a DNS query\n(CVE-2014-4049).\n\nA flaw was found in the way file parsed property information from Composite\nDocument Files (CDF) files, where the mconvert() function did not correctly\ncompute the truncated pascal string size (CVE-2014-3478).\n\nMultiple flaws were found in the way file parsed property information from\nComposite Document Files (CDF) files, due to insufficient boundary checks on\nbuffers (CVE-2014-0207, CVE-2014-3479, CVE-2014-3480, CVE-2014-3487).\n\nPHP contains a bundled copy of the file utility's libmagic library, so it was\nvulnerable to this issue. It has been updated to versions 5.4.30 and 5.5.14,\nwhich fix this issue and several other bugs.\n\nAlso, PHP contains a bundled copy of the GD image library, and has been\npatched to correct an issue in the imagecreatefromxpm function which allows\nremote attackers to cause a denial of service (NULL pointer dereference and\napplication crash) via a crafted color table in an XPM file (CVE-2014-2497).\n\nThe phpinfo() function in PHP before 5.4.30 and 5.5.14 has a Type Confusion\nissue that can cause it to leak arbitrary process memory (CVE-2014-4721).\n\nAdditionally, php-apc has been rebuilt against the updated php packages.\n","modified":"2026-04-16T06:23:49.545497974Z","published":"2014-07-08T22:29:20Z","upstream":["CVE-2014-0207","CVE-2014-2497","CVE-2014-3478","CVE-2014-3479","CVE-2014-3480","CVE-2014-3487","CVE-2014-3515","CVE-2014-4049","CVE-2014-4721"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0283.html"},{"type":"WEB","url":"http://www.php.net/archive/2014.php#id2014-06-26-1"},{"type":"WEB","url":"http://www.php.net/ChangeLog-5.php#5.4.30"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=13532"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.30-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0283.json"}},{"package":{"name":"php-apc","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/php-apc?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.1.14-7.10.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0283.json"}},{"package":{"name":"php-gd-bundled","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/php-gd-bundled?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.30-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0283.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}