[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 2124-1] php5 security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : php5
Version        : 5.6.40+dfsg-0+deb8u9
CVE ID         : CVE-2020-7059 CVE-2020-7060


Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure or crash.


For Debian 8 "Jessie", these problems have been fixed in version
5.6.40+dfsg-0+deb8u9.

We recommend that you upgrade your php5 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl5ZkwhfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEcXeA//ZyVc5ZUBy44U+WKJYrOqGPDmbJQX9VWsDg1+UmS6T+59RXoI/jBt3XQj
bfcoekeglrSjHLpQjU1d+zs6DL8PQrLXDGYNFKEqFDz9fmJmrMF3shii3UCusqlB
sENpgqmStWniUjgamEjIYade1sTshshExxUPkRdkdsCZS+Glormrk8JmUe54JSJO
7kCnVBN1w8ODD20Wi0b7vyyFcnn3W7kcJGeh8JA4Nr6BPGu7KkQCTouDOkvpkwKA
mEgbOa+EJO5Xe0Yj1740brLlkW0jk8BI2ftvEc/nPSAuphMXspUT7k4XQYxvqM6t
+wnXpiJDPuO4C1wJR2DKleAH2aRnVTwZ5gxOOwt6Xeb96VQkPvUmXhxNFcF2NrAv
lVXDv8fZcRVGq3ASAMigMcRDaQWu870x/Cd4CVLeDZyr3BcRy6Fvw4cX6+Id78xG
GoHgLzMtCBXCtDd/Wx+mZoGHtkgJk5Lw+Iu9sO7uEMwa8RTpU7qktEveK8cSKHGD
qqt3N7MiwuHw3aqJnGq3Ni1MQrbxJyP41eCnQtGrLOOydKghs1MV4m2P2lfdNdB4
hGvoDslKEn/h4MsDfZDJn+77w7tMY7U2u9Kr3Dq/WfUhw2xW+Mb3XVQTtpLoxO/X
pZDlypjoHFIg4bUDDogsW6yf96QvY/W9jIcCyq0LkJjczbiG1xY=
=x1Ky
-----END PGP SIGNATURE-----


Reply to: