Debian Security Advisory
DSA-3126-1 php5 -- security update
- Date Reported:
- 12 Jan 2015
- Affected Packages:
- Security database references:
- No other external database security references currently available.
- More information:
It was discovered that libmagic as used by PHP, would trigger an out of bounds memory access when trying to identify a crafted file.
Additionally, this updates fixes a potential dependency loop in dpkg trigger handling.
For the stable distribution (wheezy), this problem has been fixed in version 5.4.36-0+deb7u3.
For the unstable distribution (sid), this problem will be fixed soon.
We recommend that you upgrade your php5 packages.