Free and open-source vulnerability scanner
Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.
Install NowAvailable for macOS, Windows, and Linux
Mandriva Update for php MDVSA-2010:140 (php)
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Check for the Version of php
Insight
Insight
This is a maintenance and security update that upgrades php to 5.3.3 for 2010.0/2010.1. Security Enhancements and Fixes in PHP 5.3.3: * Rewrote var_export() to use smart_str rather than output buffering, prevents data disclosure if a fatal error occurs (CVE-2010-2531). * Fixed a possible resource destruction issues in shm_put_var(). * Fixed a possible information leak because of interruption of XOR operator. * Fixed a possible memory corruption because of unexpected call-time pass by references and following memory clobbering through callbacks. * Fixed a possible memory corruption in ArrayObject::uasort(). * Fixed a possible memory corruption in parse_str(). * Fixed a possible memory corruption in pack(). * Fixed a possible memory corruption in substr_replace(). * Fixed a possible memory corruption in addcslashes(). * Fixed a possible stack exhaustion inside fnmatch(). * Fixed a possible dechunking filter buffer overflow. * Fixed a possible arbitrary memory access inside sqlite extension. * Fixed string format validation inside phar extension. * Fixed handling of session variable serialization on certain prefix characters. * Fixed a NULL pointer dereference when processing invalid XML-RPC requests (Fixes CVE-2010-0397, bug #51288). * Fixed SplObjectStorage unserialization problems (CVE-2010-2225). * Fixed possible buffer overflows in mysqlnd_list_fields, mysqlnd_change_user. * Fixed possible buffer overflows when handling error packets in mysqlnd. Additionally some of the third party extensions and required dependencies has been upgraded and/or rebuilt for the new php version.
Affected Software
Affected Software
php on Mandriva Linux 2010.0, Mandriva Linux 2010.0/X86_64
Solution
Solution
Please Install the Updated Packages.