drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in php7.3
Name: |
Zwei Probleme in php7.3 |
|
ID: |
DSA-4935-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian buster |
|
Datum: |
Mo, 5. Juli 2021, 22:45 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21705
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-21704 |
|
Applikationen: |
PHP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4935-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 05, 2021 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : php7.3 CVE ID : CVE-2021-21704 CVE-2021-21705
Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result an SSRF bypass of the FILTER_VALIDATE_URL check and denial of service or potentially the execution of arbitrary code in the Firebird PDO.
For the stable distribution (buster), these problems have been fixed in version 7.3.29-1~deb10u1.
We recommend that you upgrade your php7.3 packages.
For the detailed security status of php7.3 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.3
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDjTqYACgkQEMKTtsN8 Tjb9thAApXkYm6fyLT8BpRPj21y0JaMGirAH4Z6N32Jnb9Uqt5r1/CORTEZ6ZF0t ruJwebu9cvikv5RO/Lmz3vUSlvfqrsxviEP09yGC1cH2OByvutkSETG5mVaSiC8Q rmivT1vgTBywZAajHgZLJZxk+YfWDEZRH9aSovFUUVzQajEnBeMq0rGrGUCgP8AW 0q/Ro6Mo0tdJx5ci8eUxXCk2gpwmmJKrmOKQjiNpJmjKStM5ovQYCrcaPkF7B7/g eLRbGv9s+ZGqVsa7J9/VY32C2YiKMJ78Ry4+YYFOAg7KAd+7IiOIF3HxZs/lTWvN ud8lirN0pc9TB7ji30vKnah2R1sO0X2hEu0XG0wGHJLhrUJkF9U5uy4JyVV8Aksp a/2GyFBK7Lz0kTpUOSCi16I8+vOgvpANXsRX146dfUVVb7tXjVdMWneCuS4a6A6k 0hZo3mQPHUlat70hJXv3po6qQAVayvKiOI/FbUzThkepWIolFnaRXMq5cAOTwB6O fG2ht0tAADtAi6gUTDwrlmViwdEUXPrn2MNPqT+6gp8XpteXW9fRZ51DtmSle0eh hG5Dwu9bLoS2okCXqQKVAUGwOzwKykq6RcvoGxqr54jF3554+LtYbpoIdibqAyOw L3/G1MK4HIr2ktKL/kSghF7KHFOC0Cntz3P6Pe7SmeU2RCvPuWU= =muSI -----END PGP SIGNATURE-----
|
|
|
|