Debian Security Advisory 4573-1

Debian Security Advisory 4573-1: Posted Nov 19, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4573-1 - Multiple vulnerabilities have been found in the Symfony PHP framework which could lead to a timing attack/information leak, argument injection and code execution via unserialization.; tags | advisory, php, vulnerability, code execution; systems | linux, debian; advisories | CVE-2019-18887, CVE-2019-18888, CVE-2019-18889; SHA-256 | 649856298cb28fd4e777cfd64eb702d40e46dbe90be03da023d6599457196f3d; Download | Favorite | View

Debian Security Advisory 4573-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4573-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
November 18, 2019                     https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : symfony
CVE ID         : CVE-2019-18887 CVE-2019-18888 CVE-2019-18889

Multiple vulnerabilities have been found in the Symfony PHP framework
which could lead to a timing attack/information leak, argument injection
and code execution via unserialization.

For the oldstable distribution (stretch), these problems have been fixed
in version 2.8.7+dfsg-1.3+deb9u3.

For the stable distribution (buster), these problems have been fixed in
version 3.4.22+dfsg-2+deb10u1.

We recommend that you upgrade your symfony packages.

For the detailed security status of symfony please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/symfony

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl3TFFQACgkQEMKTtsN8
TjbEshAAh2IMq7UliNw+lXUEvxZ6Me3f29jdI9qco8nwoEXcVI99NK9wbJQnHG3j
0r8d4DsonNxTrTcCfEH8u24QZwWBiJmsuPIcIq7oiYyaN34W+Q/Wh+Xx+GwLN9ij
bWIdGiFi786MJIyLTLipXUCHNfqi4XDXY76WJqVhCSZru39tff5ah9KMeLB/5VuZ
x2pfAdRAom4zxMiNwYlR2qELDTAbEUvtAIuQH4HGtZeApVDYRsyaa0l6f0nSeo7U
nuRCUG9syoFxgmz6x3+OkTCMZ83tCxcB7s1NA9jNk3+NhA+RkHkhFKRkCJAHTJzV
8EngG9HxNJZydPMXilzzWTqofAxpHHVmshrixukIof5Vjskxbx7DeWc6YruE+DBV
5/8iSZkO2pjGJUYNMiZAfZoppjAWSG7e1Hn3dNZTREFnWL3BwOzZz5fxynS96o5u
Y1VBnFwBKt/QT5FybvXVznvupfAZDow5ss9XcKwax40odFtVTK1jeQVu9em65dlB
9erPpVsTxT+l36Zlmd9ia7WRCp0Pmx+B+dLa6jmr6aQrbB2ZoelFMBiDeLEgd2Mj
EUmmatF8pE0v5O8+7yJG/MEB2DkQt0L+k0Vru8AG7Iy03TPlhKK9V0Zh9wiAHfYi
dBwhJ1oeJUOWlHTTe2Mm3Qr8cpoePvWVPdNfC5N3cpRHu8gTcVc=
=Rzxs
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 419 files
Ubuntu 107 files
Debian 30 files
Rahad Chowdhury 21 files
BugsBD Limited 21 files
Gentoo 18 files
tmrswrr 12 files
Google Security Research 7 files
Ph0s 5 files
R0ckE7 5 files

File Archives

Systems

AIX (429)
Apple (2,037)
BSD (375)
CentOS (57)
Cisco (1,926)
Debian (6,914)
Fedora (1,692)
FreeBSD (1,246)
Gentoo (4,379)
HPUX (880)
iOS (363)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (47,896)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (486)
RedHat (14,654)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,152)
UNIX (9,340)
UnixWare (187)
Windows (6,609)
Other

Debian Security Advisory 4573-1

Debian Security Advisory 4573-1

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4573-1

Share This

Debian Security Advisory 4573-1

File Archive:

December 2023

Top Authors In Last 30 Days

File Tags

File Archives

Systems