{"id":"MGASA-2014-0441","summary":"Updated php packages fix security vulnerability","details":"An out-of-bounds read flaw was found in file's donote() function in the way\nthe file utility determined the note headers of a elf file. This could\npossibly lead to file executable crash (CVE-2014-3710).\n\nPHP uses an embedded copy of file's libmagic library, and was therefore\naffected.  It has been patched to correct this issue.\n\nThis update also provides an updated php-timezonedb.\n","modified":"2026-01-31T07:33:21.778947Z","published":"2014-11-12T09:56:47Z","related":["CVE-2014-3710"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2014-0441.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=14412"},{"type":"REPORT","url":"https://rhn.redhat.com/errata/RHSA-2014-1767.html"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.4.34-1.1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0441.json"}},{"package":{"name":"php-timezonedb","ecosystem":"Mageia:3","purl":"pkg:rpm/mageia/php-timezonedb?arch=source&distro=mageia-3"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2014.9-1.mga3"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0441.json"}},{"package":{"name":"php","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"5.5.18-1.2.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0441.json"}},{"package":{"name":"php-timezonedb","ecosystem":"Mageia:4","purl":"pkg:rpm/mageia/php-timezonedb?arch=source&distro=mageia-4"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2014.9-1.mga4"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2014-0441.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}