diff options
author | Thorsten Alteholz <debian@alteholz.de> | 2020-03-31 09:13:48 +0200 |
---|---|---|
committer | Thorsten Alteholz <debian@alteholz.de> | 2020-03-31 09:13:48 +0200 |
commit | 4f3091355e142513acf946fa22017cba5fca0ba8 (patch) | |
tree | b3b72e38f6ff67558712dd9cdc557a709cfd78c5 /english | |
parent | ddb43a4cc232a5b81fa127797cf453620de2902a (diff) |
dla 2160
Diffstat (limited to 'english')
-rw-r--r-- | english/lts/security/2020/dla-2160.data | 10 | ||||
-rw-r--r-- | english/lts/security/2020/dla-2160.wml | 31 |
2 files changed, 41 insertions, 0 deletions
diff --git a/english/lts/security/2020/dla-2160.data b/english/lts/security/2020/dla-2160.data new file mode 100644 index 00000000000..22e238f39e5 --- /dev/null +++ b/english/lts/security/2020/dla-2160.data @@ -0,0 +1,10 @@ +<define-tag pagetitle>DLA-2160-1 php5</define-tag> +<define-tag report_date>2020-3-26</define-tag> +<define-tag secrefs>CVE-2020-7062 CVE-2020-7063</define-tag> +<define-tag packages>php5</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + diff --git a/english/lts/security/2020/dla-2160.wml b/english/lts/security/2020/dla-2160.wml new file mode 100644 index 00000000000..d529524bb80 --- /dev/null +++ b/english/lts/security/2020/dla-2160.wml @@ -0,0 +1,31 @@ +<define-tag description>LTS security update</define-tag> +<define-tag moreinfo> + +<p>Two security issues have been identified and fixed in php5, a +server-side, HTML-embedded scripting language.</p> + +<ul> + +<li><a href="https://security-tracker.debian.org/tracker/CVE-2020-7062">CVE-2020-7062</a> + +<p>is about a possible null pointer derefernce, which would +likely lead to a crash, during a failed upload with progress tracking. +<a href="https://security-tracker.debian.org/tracker/CVE-2020-7063">CVE-2020-7063</a> is about wrong file permissions of files added to tar with +Phar::buildFromIterator when extracting them again.</p> + + +<p>For Debian 8 <q>Jessie</q>, these problems have been fixed in version +5.6.40+dfsg-0+deb8u10.</p> + +<p>We recommend that you upgrade your php5 packages.</p> + +<p>Further information about Debian LTS security advisories, how to apply +these updates to your system and frequently asked questions can be +found at: <a href="https://wiki.debian.org/LTS">https://wiki.debian.org/LTS</a></p></li> + +</ul> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/lts/security/2020/dla-2160.data" +# $Id: $ |