Mandriva Linux Security Advisory : libmbfl (MDVSA-2010:225-1)
Medium Nessus Plugin ID 50536
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability was discovered and corrected in libmbfl (php) :
- Fix bug #53273 (mb_strcut() returns garbage with the excessive length parameter) (CVE-2010-4156).
The updated packages have been patched to correct these issues.
The MDVSA-2010:225 advisory used the wrong patch to address the problem, however it did fix the issue. This advisory provides the correct upstream patch.
SolutionUpdate the affected packages.