1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 4529-1] php7.0 security update

    From Moritz Muehlenhoff@1:229/2 to All on Fri Sep 20 20:00:02 2019
    From: [email protected]

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4529-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff September 20, 2019 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : php7.0
    CVE ID : CVE-2019-11034 CVE-2019-11035 CVE-2019-11036 CVE-2019-11038
    CVE-2019-11039 CVE-2019-11040 CVE-2019-11041 CVE-2019-11042

    Multiple security issues were found in PHP, a widely-used open source
    general purpose scripting language: Missing sanitising in the EXIF
    extension and the iconv_mime_decode_headers() function could result in information disclosure or denial of service.

    For the oldstable distribution (stretch), these problems have been fixed
    in version 7.0.33-0+deb9u5.

    We recommend that you upgrade your php7.0 packages.

    For the detailed security status of php7.0 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/php7.0

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: [email protected]
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl2FEwcACgkQEMKTtsN8 TjYhOw/6A14STaxTtWWzxjW27LMhwP0ysH7oCn/GQQLQQVpUPbKIVCU/IUwYW+xL YIyafT1leaWWn4wyYvecHQ6AdP+2LjYFJiM1ImFdlSaOGHOQdRB35rItfPf9QoOJ C8FssugyV2371uWvZdpnPwb0GoiT5+rEN//nh+RdO2O5P6SxUmA/kdB0DKEwyEYw zspX/sEgIAyvmkQ48LkSZ4kXrdrwPfRnzw17oJvdnUpHhAUlCkiMdnWnuNYKBES4 VFQJH/L/zSLJGZFF/77rvAoE62W4kSwIsYkTN5k3P7Z5tMadTm4zbNNjQy2GI82K 4hi+l+iocuo2+iPmOmcCTNaltzjSPM8ULysQoYDPjjrvg1dCT9XzZG9z5gGJ2cAh izgW1wU133Us8NE6gpksSlEJtJtqOEPm9hqvHZ9H21kYPzpmiCt90t0+gD/T3Q5y RqraK7henPd39dI1bI3POdMSC4TB528pNI3C7AH2l6ntmYujAvfGALq6Ky7hvdSs DcounmAUlbhS+hhZmdN/3eiltTmffZy8d8NwkMBaATb3+j4nTqAC38L1EnnEp9hE zopvVR/RXBqMETQJHslGaCRMR5Q+F/qWRg9ozik2DmJ9epPpBeLLfOzsBxMVs/x2 WnJfX6+NauWOg6M03Ss8QoyeA/7t66MKXhWt49SDEMYn8jzt3I8=
    =wlCm
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: you cannot sedate... all the things you hate (1:229/2)