drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in PHP (Aktualisierung)
Name: |
Mehrere Probleme in PHP (Aktualisierung) |
|
ID: |
USN-3922-2 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 14.04 LTS |
|
Datum: |
Di, 23. April 2019, 17:11 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9675
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9639
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9638
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9022
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9637
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9640 |
|
Applikationen: |
PHP |
|
Update von: |
Mehrere Probleme in PHP |
|
Originalnachricht |
--===============1134021199472745608== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-CwYKmk4GRnfsXGQYBxjH"
--=-CwYKmk4GRnfsXGQYBxjH Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3922-2 April 23, 2019
php5 vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 14.04 LTS
Summary:
Several security issues were fixed in PHP.
Software Description: - php5: HTML-embedded scripting language interpreter
Details:
USN-3922-1 fixed vulnerabilities in PHP. This update provides the corresponding update for Ubuntu 14.04 LTS.
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to access sensitive information. (CVE-2019-9022)
It was discovered that PHP incorrectly handled certain files. An attacker could possibly use this issue to execute arbitrary code. (CVE-2019-9675)
Original advisory details:
It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to expose sensitive information. (CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-9641)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.29 php5-cgi 5.5.9+dfsg-1ubuntu4.29 php5-cli 5.5.9+dfsg-1ubuntu4.29 php5-fpm 5.5.9+dfsg-1ubuntu4.29 php5-xmlrpc 5.5.9+dfsg-1ubuntu4.29
In general, a standard system update will make all the necessary changes.
References: https://usn.ubuntu.com/usn/usn-3922-2 https://usn.ubuntu.com/usn/usn-3922-1 CVE-2019-9022, CVE-2019-9637, CVE-2019-9638, CVE-2019-9639, CVE-2019-9640, CVE-2019-9641, CVE-2019-9675
Package Information: https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.29 --=-CwYKmk4GRnfsXGQYBxjH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJcvyJqAAoJEEW851uECx9pPrEP/3nP9yoq+ccnzgiKNXvTt/6V hCPLkcutNFXyMPQR/AjOO3rEDqLrbF+r2y43pf8nP1k3vsVaPla0f1ICXsKqqDuj /Cwb2KxyMZOeNe15ql3fNn7kOUmOeU/HzQFkqF32i99PGvL+4Ib5CWuuasKBedtx NcCdSGIlTA5F4kQu3BV/S3Uwwy4DCAxF/DiajHhv7lEIkNCtGPVhXABlGjHc+KH9 ZUavvUwPK+qW/sGBceY55ujryLBxTUo1h+DUrWgc914D5TKOZTaY+Ku98pvu7yxp pCQ+PAi/K1VO2ofRJ6I+rl+Jo2SHLdJXTuNhibsFIuPjuskI9Pnz+pCRHwe1Zw4H u+1wRdjR3ceMgpIy5xMkPkxpUq0pBUk5DNAeuhzys/kD8xYL82x4EnnHdTbd8YTn +3V+4R9H64+EfZ5S/UYsvwuvb26cI3J1cYjBoozB55RgRDTXYDEalUDxIfRJ+eVQ yh4QNVNjw6kOd+LtwDV9mrhWZbLqO93TUDBmMlx8Fs/qsdEPl+u/kxktJqQg3++K +Kr2Ixukpv/LNtRw4YtrHLHUlZ79YGge9LaVqQuszmSJc91SdjP4zJM9+o6Rt0R4 rgGPzo3WWK7/W4Jv/PkLZNmlqlCW/zynwhOC71isXWn1pBhNuY9DpbclaTNAhZVx Q7VAU52Bec06cjDqJ9th =VT/Y -----END PGP SIGNATURE-----
--=-CwYKmk4GRnfsXGQYBxjH--
--===============1134021199472745608== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============1134021199472745608==--
|
|
|
|