Jump to content

Advisories MDVSA-2010:225-1: libmbfl


paul
 Share

Recommended Posts

A vulnerability was discovered and corrected in libmbfl (php):

 

* Fix bug #53273 (mb_strcut() returns garbage with the excessive

length parameter) (CVE-2010-4156).

 

The updated packages have been patched to correct these issues.

 

Update:

 

The MDVSA-2010:225 advisory used the wrong patch to address the

problem, however it did fix the issue. This advisory provides the

corect upstream patch.

Link to comment
Share on other sites

Guest
This topic is now closed to further replies.
 Share

×
×
  • Create New...