[SECURITY] [DSA 3560-1] php5 security update

To: debian-security-announce@lists.debian.org
Subject: [SECURITY] [DSA 3560-1] php5 security update
From: Salvatore Bonaccorso <carnil@debian.org>
Date: Wed, 27 Apr 2016 20:06:49 +0000
Message-id: <[🔎] E1avVjV-0006VI-41@master.debian.org>
Reply-to: debian-security@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3560-1                   security@debian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 27, 2016                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
CVE ID         : CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072
                 CVE-2016-4073

Several vulnerabilities were found in PHP, a general-purpose scripting
language commonly used for web application development.

The vulnerabilities are addressed by upgrading PHP to the new upstream
version 5.6.20, which includes additional bug fixes. Please refer to the
upstream changelog for more information:

 https://php.net/ChangeLog-5.php#5.6.20

For the stable distribution (jessie), these problems have been fixed in
version 5.6.20+dfsg-0+deb8u1.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXIRu7AAoJEAVMuPMTQ89EOIkP/2cXsRMyH6G6iBCZ+wupzNIe
YDKfm1FBor9sQrCwVaL6Ljq3ivWJTVNvL0X/jbekzUPZxef4H53JbLeeirjRLx7J
DCBsr2OOoJW+/Ks4jJ3sPYrDMcTIwfMCgj5LtCKTYSzw4PCnahCwSTA0tXwwGPPn
pqEtl+TKPr0GV+fvlG/9eFVtwOYQp80NoF0efLgM8VNpkBDVbMvZD8TBF6YD7e4q
u4Q1OAYUHVzj7ngbV3l8wyJycJHzqNttOXpup66beGCNysKIYYxPUn5wUDzCxM9l
sAQVBbseKfLfrxVIlaNj/rgbMI6PI6PCn75hTn9wwN2Ju3Yy8++XinUqyltPs4xS
EwrRqnxmo74IEtyb6SxTgF56fCOg5zttDEJY01UwsyU/RJCgEss0Fr4uzOJXGZU0
QNT0oMTKM3Ud5QoO/Daz6qdgrHT6tH4HbKpMD/OuIefe2sy1Zo7SYz5hx4jGvtZT
AMHpg1nlIbhMcXV0qFoxX4+cb8zQi7WOcmHbAUqZ0DDh+FLyHHl8w+z7/9J8BvgT
7tWTee7cp/Jojpu+JN4DgyepKme6wG1+dpKNWVqPLWE02FWUkNa//IECBbkOO9Ky
rv7aLlSxlgSDsTSMZI+y05sNflbJHyZD3Nlq/c2V0WpVQd6virDaca/gVSNmymS9
u8f/oKnKcUYGsG3d8Yt/
=9LnB
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DSA 3559-1] iceweasel security update
Next by Date: [SECURITY] [DSA 3561-1] subversion security update
Previous by thread: [SECURITY] [DSA 3559-1] iceweasel security update
Next by thread: [SECURITY] [DSA 3561-1] subversion security update
Index(es):
- Date
- Thread