[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 1775-1] phpbb3 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : phpbb3
Version        : 3.0.12-5+deb8u3
CVE ID         : CVE-2019-9826

Colin Snover discovered a denial-of-service vulnerability in phpBB3, a
full-featured web forum. Previous versions allowed users to run searches
that might result in long execution times and load on larger boards when
using the fulltext native search engine. To combat this, further
restrictions were introduced on search queries.

For Debian 8 "Jessie", this problem has been fixed in version
3.0.12-5+deb8u3.

We recommend that you upgrade your phpbb3 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlzNfGhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD
RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7
UeTBiA//e7hYMHuBUVVHHUecNxbdLnxRyvFv+uciEVPju2L+GuZmZYFgqHLUk4+q
Bce45c5kZIH+9hZDpkipWsHGJnfQL7neu1X0OK7cwtt8NHLJoIgiflWVfNANgv3n
42LCL9cgdLZMzojykLIxmCkOUd+sNj65lLYokre3RFt9ayANgCvN2bVlTpGxXRwG
SnAZnzQaDpsj8hxuMNbzDK2hmNnkCwaqdmU+MzHd9eG1ZI0MK7N44Vj6RTmmxhhm
pGekQvOAO3bHar6EORDxP1VfdS0z++Tme6QojeHAW1JGZX6qelofp163VzXxIQIc
F9IGwmH3YkNJwJBjlbV0ElBnqWuE6qoYMdgQb/n3sFf/1iIz9WJFQXumGgI2Nx5U
UiRKz/pNsxAiTP5mIgE3wdvnio/tTFE4mDpa6WSbU4pNl6nV7ob8tXisvraBsJV8
im9v/I5fp6NGh1CtAOUPrIz8UZDOXdxmNPus+ywsn4HMGi0J6KjrQKCI1dOQ+819
0KheLmUuQlrEhKKIYuBp17ojs6s258HY3ppwpCyELeVEJKtfoh9e0nw3zOZ92QGr
Voa/RlpWmwA1cpq2sfYI87Axoued+hXe74JJVVk4+Y7DCD0ofk86k+hbJ8Flkbo1
Ky+J4XrRwBofDZE8vquSeubBnUuHr3v/7dLDBxz94AzoAe/GC+w=
=ActZ
-----END PGP SIGNATURE-----


Reply to: