Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0441)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2014.0441

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2014-0441)

Resumen: The remote host is missing an update for the 'php, php-timezonedb' package(s) announced via the MGASA-2014-0441 advisory.

Descripción: Summary:
The remote host is missing an update for the 'php, php-timezonedb' package(s) announced via the MGASA-2014-0441 advisory.

Vulnerability Insight:
An out-of-bounds read flaw was found in file's donote() function in the way
the file utility determined the note headers of a elf file. This could
possibly lead to file executable crash (CVE-2014-3710).

PHP uses an embedded copy of file's libmagic library, and was therefore
affected. It has been patched to correct this issue.

This update also provides an updated php-timezonedb.

Affected Software/OS:
'php, php-timezonedb' package(s) on Mageia 3, Mageia 4.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-3710
http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html
BugTraq ID: 70807
http://www.securityfocus.com/bid/70807
Debian Security Information: DSA-3072 (Google Search)
http://www.debian.org/security/2014/dsa-3072
FreeBSD Security Advisory: FreeBSD-SA-14:28
https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc
https://security.gentoo.org/glsa/201503-03
https://security.gentoo.org/glsa/201701-42
RedHat Security Advisories: RHSA-2014:1765
http://rhn.redhat.com/errata/RHSA-2014-1765.html
RedHat Security Advisories: RHSA-2014:1766
http://rhn.redhat.com/errata/RHSA-2014-1766.html
RedHat Security Advisories: RHSA-2014:1767
http://rhn.redhat.com/errata/RHSA-2014-1767.html
RedHat Security Advisories: RHSA-2014:1768
http://rhn.redhat.com/errata/RHSA-2014-1768.html
RedHat Security Advisories: RHSA-2016:0760
http://rhn.redhat.com/errata/RHSA-2016-0760.html
http://www.securitytracker.com/id/1031344
http://secunia.com/advisories/60630
http://secunia.com/advisories/60699
http://secunia.com/advisories/61763
http://secunia.com/advisories/61970
http://secunia.com/advisories/61982
http://secunia.com/advisories/62347
http://secunia.com/advisories/62559
SuSE Security Announcement: openSUSE-SU-2014:1516 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html
http://www.ubuntu.com/usn/USN-2391-1
http://www.ubuntu.com/usn/USN-2494-1

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2014.0441
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2014-0441)
Resumen:	The remote host is missing an update for the 'php, php-timezonedb' package(s) announced via the MGASA-2014-0441 advisory.
Descripción:	Summary: The remote host is missing an update for the 'php, php-timezonedb' package(s) announced via the MGASA-2014-0441 advisory. Vulnerability Insight: An out-of-bounds read flaw was found in file's donote() function in the way the file utility determined the note headers of a elf file. This could possibly lead to file executable crash (CVE-2014-3710). PHP uses an embedded copy of file's libmagic library, and was therefore affected. It has been patched to correct this issue. This update also provides an updated php-timezonedb. Affected Software/OS: 'php, php-timezonedb' package(s) on Mageia 3, Mageia 4. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-3710 http://lists.apple.com/archives/security-announce/2015/Apr/msg00001.html BugTraq ID: 70807 http://www.securityfocus.com/bid/70807 Debian Security Information: DSA-3072 (Google Search) http://www.debian.org/security/2014/dsa-3072 FreeBSD Security Advisory: FreeBSD-SA-14:28 https://www.freebsd.org/security/advisories/FreeBSD-SA-14:28.file.asc https://security.gentoo.org/glsa/201503-03 https://security.gentoo.org/glsa/201701-42 RedHat Security Advisories: RHSA-2014:1765 http://rhn.redhat.com/errata/RHSA-2014-1765.html RedHat Security Advisories: RHSA-2014:1766 http://rhn.redhat.com/errata/RHSA-2014-1766.html RedHat Security Advisories: RHSA-2014:1767 http://rhn.redhat.com/errata/RHSA-2014-1767.html RedHat Security Advisories: RHSA-2014:1768 http://rhn.redhat.com/errata/RHSA-2014-1768.html RedHat Security Advisories: RHSA-2016:0760 http://rhn.redhat.com/errata/RHSA-2016-0760.html http://www.securitytracker.com/id/1031344 http://secunia.com/advisories/60630 http://secunia.com/advisories/60699 http://secunia.com/advisories/61763 http://secunia.com/advisories/61970 http://secunia.com/advisories/61982 http://secunia.com/advisories/62347 http://secunia.com/advisories/62559 SuSE Security Announcement: openSUSE-SU-2014:1516 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-11/msg00113.html http://www.ubuntu.com/usn/USN-2391-1 http://www.ubuntu.com/usn/USN-2494-1
Copyright	Copyright (C) 2022 Greenbone AG