MDVSA-2010:225-1

Package name

libmbfl

Date

2010-11-10

Advisory ID

MDVSA-2010:225-1

Affected versions

2010.1 x86_64 , 2010.1 i586 , 2010.0 x86_64 , 2010.0 i586

Problem description

A vulnerability was discovered and corrected in libmbfl (php):

* Fix bug #53273 (mb_strcut() returns garbage with the excessive
length parameter) (CVE-2010-4156).

The updated packages have been patched to correct these issues.

Update:

The MDVSA-2010:225 advisory used the wrong patch to address the
problem, however it did fix the issue. This advisory provides the
correct upstream patch.

Updated packages

2010.1 x86_64

 d94a733a8caa5d715037f7520a9bcf6c  2010.1/x86_64/lib64mbfl1-1.1.0-0.3mdv2010.1.x86_64.rpm
 a20db60b6211f97d0c49b4f00f7c9222  2010.1/x86_64/lib64mbfl-devel-1.1.0-0.3mdv2010.1.x86_64.rpm 
 d2342d41d387636e4279f21375afad9d  2010.1/SRPMS/libmbfl-1.1.0-0.3mdv2010.1.src.rpm

2010.1 i586

 46e5a0ede89a00c1d853d83f8b3e4cd9  2010.1/i586/libmbfl1-1.1.0-0.3mdv2010.1.i586.rpm
 3697bab667857726176e305ccfe67af9  2010.1/i586/libmbfl-devel-1.1.0-0.3mdv2010.1.i586.rpm 
 d2342d41d387636e4279f21375afad9d  2010.1/SRPMS/libmbfl-1.1.0-0.3mdv2010.1.src.rpm

2010.0 x86_64

 5cc948f64a74d0be4e1c93d19f4699eb  2010.0/x86_64/lib64mbfl1-1.1.0-0.3mdv2010.0.x86_64.rpm
 85bc8266cbb3594ae01d8dfe7698dc85  2010.0/x86_64/lib64mbfl-devel-1.1.0-0.3mdv2010.0.x86_64.rpm 
 6d64c52b17d268a7361b4e2b84ba68dd  2010.0/SRPMS/libmbfl-1.1.0-0.3mdv2010.0.src.rpm

2010.0 i586

 78dd51cd031e9ec143e4bbe8461b4bd5  2010.0/i586/libmbfl1-1.1.0-0.3mdv2010.0.i586.rpm
 9d563d63a8e1718c5c8fd9cd6157aec6  2010.0/i586/libmbfl-devel-1.1.0-0.3mdv2010.0.i586.rpm 
 6d64c52b17d268a7361b4e2b84ba68dd  2010.0/SRPMS/libmbfl-1.1.0-0.3mdv2010.0.src.rpm

References

• http://bugs.php.net/bug.php?id=53273
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4156
• http://bugs.php.net/bug.php?id=49354