Summary: | <dev-lang/php-{5.4.26,5.5.10}: Fileinfo libmagic Infinite Recursion Denial of Service Vulnerability (CVE-2014-{1943,2270}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/56993/ | ||
Whiteboard: | A3 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2014-03-06 14:57:21 UTC
Fixed in 5.5.10 and 5.4.26, which should now be in the tree. You can goahead with stabilisation if necessary. Arches, please test and mark stable: =dev-lang/php-5.4.26 =dev-lang/php-5.5.10 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86" Stable for HPPA. amd64 stable x86 stable sparc stable arm stable ppc stable ia64 stable alpha stable ppc64 stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one. Arches, Thank you for your work Maintainer(s), please drop the vulnerable version. Added to existing GLSA Request Maintainer(s), Thank you for cleanup! This issue was resolved and addressed in GLSA 201408-11 at http://security.gentoo.org/glsa/glsa-201408-11.xml by GLSA coordinator Kristian Fiskerstrand (K_F). |