[SECURITY] [DLA 2345-1] php7.0 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
- -------------------------------------------------------------------------
Debian LTS Advisory DLA-2345-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Chris Lamb
August 26, 2020 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------
Package : php7.0
Version : 7.0.33-0+deb9u9
CVE ID : CVE-2020-7068
It was discovered that there was a use-after-free vulnerability when
parsing PHAR files, a method of putting entire PHP applications into
a single file.
For Debian 9 "Stretch", this problem has been fixed in version
7.0.33-0+deb9u9.
We recommend that you upgrade your php7.0 packages.
For the detailed security status of php7.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.0
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl9GPQsACgkQHpU+J9Qx
HljVjBAAjz0h5aeM/9wAZfX4i/SfvXiqX+w40yIlLNC+rtvr8TieFuwLBI53aatI
xWzyvbwd63Jigoc/vbxIfCX03V0pWw8Y7Vs914MCFFPvKRDYn4pi8MNgzbv7hFrM
b28BrOiKjCoLoH50hZ3+beJ1tvROjszyaoimgED/RPTcBmmj69ZeT8GIcEJxnIPX
aw5fJKs8KUYbGcD7Kg9go3jgS7t2yXhFAPAFTOeQcLRJdcfrS3Vv6RyanQ5ml5r2
wQCNnbxAddftX1YOcHtG01GohR4FEjrnPguZruZRDVDraf5C6ar3DdFsncEirYRl
ejKiYbWZHyVmzosTI/LuiR6+QgfgCArxF+QQzZOLzo7isNpVKKN0tJ1AhLAV3pk0
rPTotdLKYJUv32JBBmGggyP32BZ6QBbZbnZmbOvxbvDIIaDoozXqfvp27cFshxrq
jLInlxgCJyPhw71PL43dAPmZPoyA8kGWnlFIMxUY/o1/I2vvTokFVyj08YuEMm0k
7ePTJJc2ipvCQ6yhUuFmiC69n2rpy65lmQgoImEBGhj0XqhqX5nkNHkhahuKUAyj
9OlecHZ9DPDbzEYc5HkJVJT6QtYJ4t80Hzsq3fgt0ultWyJ+7WGVCcNAn2Tu5VVy
Qypp4RIFUVMb0p7nI/FNAnP5IXEoN1pRKnUp6RzuI4cOCBPvYV4=
=yN+e
-----END PGP SIGNATURE-----
Reply to: