MGASA-2015-0258

See a problem?
Please try reporting it to the source first.
Source
https://advisories.mageia.org/MGASA-2015-0258.html
Import Source
https://advisories.mageia.org/MGASA-2015-0258.json
JSON Data
https://api.osv.dev/v1/vulns/MGASA-2015-0258
Upstream
  • CVE-2015-4598
  • CVE-2015-4642
  • CVE-2015-4643
  • CVE-2015-4644
Published
2015-07-05T17:22:03Z
Modified
2026-04-16T06:24:32.845615282Z
Summary
Updated php package fixes security vulnerability
Details

Incorrect handling of paths with NULs (CVE-2015-4598).

OS command injection vulnerability in escapeshellarg (CVE-2015-4642).

Integer overflow in ftp_genlist() resulting in heap overflow (CVE-2015-4643).

Segfault in phppgsqlmeta_data (CVE-2015-4644).

PHP has been updated to version 5.5.26, which fixes multiple bugs and potential security issues. Please see the upstream ChangeLog for details.

References
Credits

Affected packages

Mageia:4 / php

Package

Name
php
Purl
pkg:rpm/mageia/php?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
5.5.26-1.mga4

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2015-0258.json"

Mageia:4 / php-apc

Package

Name
php-apc
Purl
pkg:rpm/mageia/php-apc?arch=source&distro=mageia-4

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
3.1.15-4.16.mga4

Ecosystem specific 

{
    "section": "core"
}

Database specific

source 
"https://advisories.mageia.org/MGASA-2015-0258.json"