what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Debian Security Advisory 2816-1

Debian Security Advisory 2816-1
Posted Dec 14, 2013
Authored by Debian | Site debian.org

Debian Linux Security Advisory 2816-1 - Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

tags | advisory, web, php, vulnerability
systems | linux, debian
advisories | CVE-2013-6420, CVE-2013-6712
SHA-256 | a0155be6343e9327de45b565e42824097017d0c21bade638fa6da7395e180c7f

Debian Security Advisory 2816-1

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2816-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
December 12, 2013 http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : php5
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2013-6420 CVE-2013-6712
Debian Bug : 731112 731895

Several vulnerabilities were found in PHP, a general-purpose scripting
language commonly used for web application development. The Common
Vulnerabilities and Exposures project identifies the following issues:

CVE-2013-6420

Stefan Esser reported possible memory corruption in
openssl_x509_parse().

CVE-2013-6712

Creating DateInterval objects from parsed ISO dates was
not properly restricted, which allowed to cause a
denial of service.

In addition, the update for Debian 7 "Wheezy" contains several bugfixes
originally targeted for the upcoming Wheezy point release.

For the oldstable distribution (squeeze), these problems have been fixed in
version 5.3.3-7+squeeze18.

For the stable distribution (wheezy), these problems have been fixed in
version 5.4.4-14+deb7u7.

For the unstable distribution (sid), these problems have been fixed in
version 5.5.6+dfsg-2.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQEcBAEBAgAGBQJSqiIFAAoJEFb2GnlAHawEi9QH/1GwRze23Ebet++Lp83SCDpU
5RvM+0n+RuPbpJEJ0Tk+ta0uIj8uooS4nPODYqPspMVOw5vxPB7DzHB8CLYCfCjO
SCBsPmNk8quDLSSvBvobRNOzALePrpzuEkuRMvatPS+EJ5Wtuw7rYc6bJu04GOJe
FYYuarT+wK52jLYfSf8OE08SH323m9bIF/1lKkkFR1GmLd15cKPs3s6V2MD/Vb/5
tnhojbGEFXjKf7n19MHq0UYPCj6DUKQGM1er2t48iRY3TCpXtJ9YhUo034U+d51l
3/7rSVINnFfAB+DXN9GB90aQJ/I82ZHDqGaXJF61I/Yjk5/auxrqZEJTEbRup98=
=gJk6
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

February 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Feb 1st
    11 Files
  • 2
    Feb 2nd
    0 Files
  • 3
    Feb 3rd
    0 Files
  • 4
    Feb 4th
    0 Files
  • 5
    Feb 5th
    0 Files
  • 6
    Feb 6th
    0 Files
  • 7
    Feb 7th
    0 Files
  • 8
    Feb 8th
    0 Files
  • 9
    Feb 9th
    0 Files
  • 10
    Feb 10th
    0 Files
  • 11
    Feb 11th
    0 Files
  • 12
    Feb 12th
    0 Files
  • 13
    Feb 13th
    0 Files
  • 14
    Feb 14th
    0 Files
  • 15
    Feb 15th
    0 Files
  • 16
    Feb 16th
    0 Files
  • 17
    Feb 17th
    0 Files
  • 18
    Feb 18th
    0 Files
  • 19
    Feb 19th
    0 Files
  • 20
    Feb 20th
    0 Files
  • 21
    Feb 21st
    0 Files
  • 22
    Feb 22nd
    0 Files
  • 23
    Feb 23rd
    0 Files
  • 24
    Feb 24th
    0 Files
  • 25
    Feb 25th
    0 Files
  • 26
    Feb 26th
    0 Files
  • 27
    Feb 27th
    0 Files
  • 28
    Feb 28th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close