lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Wed, 27 Apr 2016 20:06:49 +0000
From: Salvatore Bonaccorso <carnil@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3560-1] php5 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3560-1                   security@...ian.org
https://www.debian.org/security/                     Salvatore Bonaccorso
April 27, 2016                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : php5
CVE ID         : CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072
                 CVE-2016-4073

Several vulnerabilities were found in PHP, a general-purpose scripting
language commonly used for web application development.

The vulnerabilities are addressed by upgrading PHP to the new upstream
version 5.6.20, which includes additional bug fixes. Please refer to the
upstream changelog for more information:

 https://php.net/ChangeLog-5.php#5.6.20

For the stable distribution (jessie), these problems have been fixed in
version 5.6.20+dfsg-0+deb8u1.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXIRu7AAoJEAVMuPMTQ89EOIkP/2cXsRMyH6G6iBCZ+wupzNIe
YDKfm1FBor9sQrCwVaL6Ljq3ivWJTVNvL0X/jbekzUPZxef4H53JbLeeirjRLx7J
DCBsr2OOoJW+/Ks4jJ3sPYrDMcTIwfMCgj5LtCKTYSzw4PCnahCwSTA0tXwwGPPn
pqEtl+TKPr0GV+fvlG/9eFVtwOYQp80NoF0efLgM8VNpkBDVbMvZD8TBF6YD7e4q
u4Q1OAYUHVzj7ngbV3l8wyJycJHzqNttOXpup66beGCNysKIYYxPUn5wUDzCxM9l
sAQVBbseKfLfrxVIlaNj/rgbMI6PI6PCn75hTn9wwN2Ju3Yy8++XinUqyltPs4xS
EwrRqnxmo74IEtyb6SxTgF56fCOg5zttDEJY01UwsyU/RJCgEss0Fr4uzOJXGZU0
QNT0oMTKM3Ud5QoO/Daz6qdgrHT6tH4HbKpMD/OuIefe2sy1Zo7SYz5hx4jGvtZT
AMHpg1nlIbhMcXV0qFoxX4+cb8zQi7WOcmHbAUqZ0DDh+FLyHHl8w+z7/9J8BvgT
7tWTee7cp/Jojpu+JN4DgyepKme6wG1+dpKNWVqPLWE02FWUkNa//IECBbkOO9Ky
rv7aLlSxlgSDsTSMZI+y05sNflbJHyZD3Nlq/c2V0WpVQd6virDaca/gVSNmymS9
u8f/oKnKcUYGsG3d8Yt/
=9LnB
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ