From ${URL} : Description Some vulnerabilities have been reported in PHP, which can be exploited by malicious people to potentially compromise a vulnerable system. The vulnerabilities are caused due to some errors related to the "imagecrop()" function implementation and can be exploited to cause heap-based buffer overflows. Successful exploitation may allow execution of arbitrary code. The vulnerabilities are reported in 5.5.x versions prior to 5.5.9. Other versions may also be affected. Solution: Update to version 5.5.9. Provided and/or discovered by: kuba.brecka within a bug ticket. Original Advisory: PHP: http://www.php.net/archive/2014.php#id2014-02-05-4 @maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Go ahead and stabilise
Arches, please test and mark stable: =dev-lang/php-5.5.9 Target Keywords : "alpha amd64 arm hppa ia64 ppc ppc64 spark x86" Thank you!
amd64 stable
x86 stable
alpha stable
ia64 stable
Stable for HPPA.
arm stable
ppc64 stable
ppc stable
sparc stable. Maintainer(s), please cleanup. Security, please add it to the existing request, or file a new one.
Arches and Mainter(s), Thank you for your work. Added to an existing GLSA request.
This issue was resolved and addressed in GLSA 201408-11 at http://security.gentoo.org/glsa/glsa-201408-11.xml by GLSA coordinator Kristian Fiskerstrand (K_F).
