[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 4935-1] php7.3 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4935-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
July 05, 2021                         https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php7.3
CVE ID         : CVE-2021-21704 CVE-2021-21705

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result an SSRF bypass
of the FILTER_VALIDATE_URL check and denial of service or potentially
the execution of arbitrary code in the Firebird PDO.

For the stable distribution (buster), these problems have been fixed in
version 7.3.29-1~deb10u1.

We recommend that you upgrade your php7.3 packages.

For the detailed security status of php7.3 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.3

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDjTqYACgkQEMKTtsN8
Tjb9thAApXkYm6fyLT8BpRPj21y0JaMGirAH4Z6N32Jnb9Uqt5r1/CORTEZ6ZF0t
ruJwebu9cvikv5RO/Lmz3vUSlvfqrsxviEP09yGC1cH2OByvutkSETG5mVaSiC8Q
rmivT1vgTBywZAajHgZLJZxk+YfWDEZRH9aSovFUUVzQajEnBeMq0rGrGUCgP8AW
0q/Ro6Mo0tdJx5ci8eUxXCk2gpwmmJKrmOKQjiNpJmjKStM5ovQYCrcaPkF7B7/g
eLRbGv9s+ZGqVsa7J9/VY32C2YiKMJ78Ry4+YYFOAg7KAd+7IiOIF3HxZs/lTWvN
ud8lirN0pc9TB7ji30vKnah2R1sO0X2hEu0XG0wGHJLhrUJkF9U5uy4JyVV8Aksp
a/2GyFBK7Lz0kTpUOSCi16I8+vOgvpANXsRX146dfUVVb7tXjVdMWneCuS4a6A6k
0hZo3mQPHUlat70hJXv3po6qQAVayvKiOI/FbUzThkepWIolFnaRXMq5cAOTwB6O
fG2ht0tAADtAi6gUTDwrlmViwdEUXPrn2MNPqT+6gp8XpteXW9fRZ51DtmSle0eh
hG5Dwu9bLoS2okCXqQKVAUGwOzwKykq6RcvoGxqr54jF3554+LtYbpoIdibqAyOw
L3/G1MK4HIr2ktKL/kSghF7KHFOC0Cntz3P6Pe7SmeU2RCvPuWU=
=muSI
-----END PGP SIGNATURE-----


Reply to: