1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4398-1] php7.0 security update

    From Moritz Muehlenhoff@1:229/2 to All on Thu Feb 28 23:10:02 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4398-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff February 28, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : php7.0
    CVE ID : CVE-2019-9020 CVE-2019-9021 CVE-2019-9022 CVE-2019-9023
    CVE-2019-9024

    Multiple security issues were found in PHP, a widely-used open source
    general purpose scripting language: Multiple out-of-bounds memory
    accesses were found in the xmlrpc, mbstring and phar extensions and
    the dns_get_record() function.

    For the stable distribution (stretch), these problems have been fixed in version 7.0.33-0+deb9u2.

    We recommend that you upgrade your php7.0 packages.

    For the detailed security status of php7.0 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/php7.0

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlx4WgIACgkQEMKTtsN8 TjZMXQ/+OPjr90meyXOol5+cpyBgoTNAMilfIgmadI6cKjZp9SEeDUYsbwmufSD0 Ijj5MACGM2o8D4IOybibE1xYNKe7IFajyCi51Mq/KCEYRIsIRjL8Uc2IuIu7+u4e nOz3C4PDV+MjBvapzFARtwa04IPsiicT71DrBFjOEbISgRBkzhlFdTQfIGen8WWK sDb+iGDGMyFn4CGiHJixlFjYjkUmQ2sD8SH8/+UGN4uRJ4I4dlcL5C8xA8qb6pQi HWigJ9nXpKjLsONPf7wLsJ1zTTo5LzrxEHfA1bt79SxBgtCvrTut/n1YDrTOtqzO EDZ1SWSBZJ8pbBHCBwGZymu+km8QiK6jALXxgWj4Exrq3IXW3pJFrY5CSiDAGL1i OU6aJEJe5XbG6cbUq2o1MKTZz28zO1zsVnpnCjyE8+Rqar9WtTWEG8MX/VXY28iv aHK5BOpL8KutqDyN0R2pgKjbL/M0xb0iTHYywvx54GSEZU9D3ZbpFJdChTk1pj3q mKzAUdw2C/oriuAzmdK070qNVtMTe+1bXuxXDroRNWJ4mpInUcmIgIwS+DKN7/1F Jbnl0/UvNfEVsv4UuUSwvZWnE7ufRYQrnH6IAjcpjfCy37WEq7gMEPNZ/LiM3BeV 2cXq0eMgmv/CYE1gvv1ZZGOaqeKXoK8pN0bziFGqpNQKboCi+uk=
    =02HS
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)