Mandriva Linux Security Advisory : php (MDVSA-2014:027)
Medium Nessus Plugin ID 72468
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been discovered and corrected in php :
- Fixed bug #66356 (Heap Overflow Vulnerability in imagecrop()) (CVE-2013-7226).
The updated php packages have been upgraded to the 5.5.9 version which is not vulnerable to this issue.
Additionally, the PECL packages which requires so has been rebuilt for php-5.5.9. The libmbfl packages has been synced with the changes as of php-5.5.9 and the onig packages has been upgraded to the 5.9.5 version.
SolutionUpdate the affected packages.