Mandriva Linux Security Advisory : php (MDVSA-2015:004)
High Nessus Plugin ID 80385
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionUpdated php packages fix security vulnerability :
A use-after-free flaw was found in PHP unserialize(). An untrusted input could cause PHP interpreter to crash or, possibly, execute arbitrary code when processed using unserialize() (CVE-2014-8142).
PHP has been updated to version 5.5.20, which fixes these issues and other bugs.
SolutionUpdate the affected packages.