MGASA-2014-0215

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2014-0215.html
Import Source
https://advisories.mageia.org/MGASA-2014-0215.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2014-0215
Upstream
  • CVE-2014-0185
Published
2014-05-14T22:02:58Z
Modified
2026-04-16T06:26:12.342033062Z
Summary
Updated php packages fix CVE-2014-0185
Details

Updated php packages fix security vulnerability:

PHP FPM in PHP versions before 5.4.28 and 5.5.12 uses a UNIX domain socket with world-writable permissions by default, which allows any local user to connect to it and execute PHP scripts as the apache user (CVE-2014-0185).

Additionally updated php-suhosin package corrects an issue which could cause a segfault in apache. Also updated is php-timezonedb.

References
Credits

Affected packages

Mageia:3
php

Package

Name
php
Purl
pkg:rpm/mageia/php?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.28-1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-gd-bundled

Package

Name
php-gd-bundled
Purl
pkg:rpm/mageia/php-gd-bundled?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.4.28-1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-apc

Package

Name
php-apc
Purl
pkg:rpm/mageia/php-apc?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.14-7.8.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-suhosin

Package

Name
php-suhosin
Purl
pkg:rpm/mageia/php-suhosin?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.9.35-1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-timezonedb

Package

Name
php-timezonedb
Purl
pkg:rpm/mageia/php-timezonedb?arch=source&distro=mageia-3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2014.3-1.mga3

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
Mageia:4
php

Package

Name
php
Purl
pkg:rpm/mageia/php?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.5.12-1.mga4

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-apc

Package

Name
php-apc
Purl
pkg:rpm/mageia/php-apc?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.15-4.3.mga4

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-suhosin

Package

Name
php-suhosin
Purl
pkg:rpm/mageia/php-suhosin?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.9.35-1.mga4

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"
php-timezonedb

Package

Name
php-timezonedb
Purl
pkg:rpm/mageia/php-timezonedb?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2014.3-1.mga4

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2014-0215.json"