MGASA-2013-0379

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2013-0379.html
Import Source
https://advisories.mageia.org/MGASA-2013-0379.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2013-0379
Upstream
  • CVE-2013-6420
  • CVE-2013-6712
Published
2013-12-19T21:08:56Z
Modified
2026-04-16T06:23:41.400058963Z
Summary
Updated php packages fix multiple security vulnerabilities
Details

Updated php packages fix security vulnerabilities:

Stefan Esser discovered that PHP incorrectly parsed certificates. An attacker could use a malformed certificate to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code (CVE-2013-6420).

It was discovered that PHP incorrectly handled DateInterval objects. An attacker could use this issue to cause PHP to crash, resulting in a denial of service (CVE-2013-6712).

References
Credits

Affected packages

Mageia:3 / php

Package

Name
php
Purl
pkg:rpm/mageia/php?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.23-1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2013-0379.json"

Mageia:3 / php-gd-bundled

Package

Name
php-gd-bundled
Purl
pkg:rpm/mageia/php-gd-bundled?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.23-1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2013-0379.json"

Mageia:3 / php-apc

Package

Name
php-apc
Purl
pkg:rpm/mageia/php-apc?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.14-7.5.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2013-0379.json"