aru Posted August 25, 2005 Report Share Posted August 25, 2005 Mandriva Security Advisories MDKSA-2005:152 : php Updated php packages fix integer overflow vulnerability August 25th, 2005 Integer overflow in pcre_compile.c in Perl Compatible Regular Expressions (PCRE) before 6.2, as used in multiple products, allows attackers to execute arbitrary code via quantifier values in regular expressions, which leads to a heap-based buffer overflow. The php packages, as shipped, were built using a private copy of pcre. The updated packages have been rebuilt against the system pcre libs to correct this problem. The released versions of Mandriva GNU/Linux affected are: 10.0 10.1 CS2.1 CS3.0 MNF2.0 10.2 Full information about this advisory, including the updated packages, is available at: www.mandriva.com/security/advisories?name=MDKSA-2005:152 Other references: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2491 Posted automatically by aru (mdksec2mub v: mdksec2mub,v 0.14 2005/05/15 18:06:11 aru Exp aru $) Link to comment Share on other sites More sharing options...
Recommended Posts