Red Hat Bugzilla – Bug 1188599
CVE-2014-9652 file: out of bounds read in mconvert()
Last modified: 2018-06-29 18:03:46 EDT
Out of bounds memory read was reported in file utility [1], which also affects PHP fileinfo module. Upstream fix that resolves this for file utility: https://github.com/file/file/commit/59e63838913eee47f5c120a6c53d4565af638158 PHP upstream fix: https://github.com/php/php-src/commit/ede59c8feb4b80e1b94e4abdaa0711051e2912ab [1]: http://bugs.gw.com/view.php?id=398
Fixed upstream in PHP 5.6.5, 5.5.21 and 5.4.37: http://php.net/ChangeLog-5.php#5.6.5 http://php.net/ChangeLog-5.php#5.5.21 http://php.net/ChangeLog-5.php#5.4.37
Fixed upstream in file 5.21: http://bugs.gw.com/changelog_page.php?version_id=36
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS Via RHSA-2015:1066 https://rhn.redhat.com/errata/RHSA-2015-1066.html
This issue has been addressed in the following products: Red Hat Software Collections for Red Hat Enterprise Linux 7 Red Hat Software Collections for Red Hat Enterprise Linux 6 Red Hat Software Collections for Red Hat Enterprise Linux 6.6 EUS Red Hat Software Collections for Red Hat Enterprise Linux 6.5 EUS Via RHSA-2015:1053 https://rhn.redhat.com/errata/RHSA-2015-1053.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:1135 https://rhn.redhat.com/errata/RHSA-2015-1135.html
This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2015:2155 https://rhn.redhat.com/errata/RHSA-2015-2155.html