RHSA-2014:1013Medium
Red Hat Security Advisory: php security update
🔗 CVE IDs covered (10)
📋 Description
CVE-2013-7345 — file: extensive backtracking in awk rule regular expression CVE-2014-0207 — file: cdf_read_short_sector insufficient boundary check CVE-2014-0237 — file: cdf_unpack_summary_info() excessive looping DoS CVE-2014-0238 — file: CDF property info parsing nelements infinite loop CVE-2014-3479 — file: cdf_check_stream_offset insufficient boundary check CVE-2014-3480 — file: cdf_count_chain insufficient boundary check CVE-2014-3487 — file: cdf_read_property_info insufficient boundary check CVE-2014-3515 — php: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw CVE-2014-4049 — php: heap-based buffer overflow in DNS TXT record parsing CVE-2014-4721 — php: type confusion issue in phpinfo() leading to information leak
🔗 References (13)
- selfhttps://access.redhat.com/errata/RHSA-2014:1013
- externalhttps://access.redhat.com/security/updates/classification/#moderate
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1079846
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1091842
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1098155
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1098193
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1104858
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1104869
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1107544
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1108447
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1112154
- externalhttps://bugzilla.redhat.com/show_bug.cgi?id=1116662
- selfhttps://security.access.redhat.com/data/csaf/v2/advisories/2014/rhsa-2014_1013.json