| |||||||||||||||||||
Pardus alert 2011-51 (php php-cli php-common)
------------------------------------------------------------------------ Pardus Linux Security Advisory 2011-51 security@pardus.org.tr ------------------------------------------------------------------------ Date: 2011-02-28 Severity: 2 Type: Local ------------------------------------------------------------------------ Summary ======= A vulnerability have been fixed in php, which allows attackers to cause a denial of service. Description =========== CVE-2011-0708: PHP Exif extension allows developers to work with image metadata within their PHP code. For instance, using exif functions it is possible to read metadata from digital camera pictures. PHP Exif extension for 64bit platforms is affected by a casting vulnerability that occurs during the image header parsing. Affected packages: Pardus 2011: php, all before 5.2.14-90-p11 php-cli, all before 5.2.14-90-p11 php-common, all before 5.2.14-90-p11 Resolution ========== There are update(s) for php, php-cli, php-common. You can update them via Package Manager or with a single command from console: pisi up php php-cli php-common References ========== * http://bugs.pardus.org.tr/show_bug.cgi?id=16934 * http://seclists.org/oss-sec/2011/q1/192 ------------------------------------------------------------------------ _______________________________________________ Pardus-Security mailing list Pardus-Security@pardus.org.tr http://liste.pardus.org.tr/mailman/listinfo/pardus-security (Log in to post comments)
|
|||||||||||||||||||