-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3560-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso April 27, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2015-8865 CVE-2016-4070 CVE-2016-4071 CVE-2016-4072 CVE-2016-4073 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.20, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.20 For the stable distribution (jessie), these problems have been fixed in version 5.6.20+dfsg-0+deb8u1. We recommend that you upgrade your php5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCgAGBQJXIRu7AAoJEAVMuPMTQ89EOIkP/2cXsRMyH6G6iBCZ+wupzNIe YDKfm1FBor9sQrCwVaL6Ljq3ivWJTVNvL0X/jbekzUPZxef4H53JbLeeirjRLx7J DCBsr2OOoJW+/Ks4jJ3sPYrDMcTIwfMCgj5LtCKTYSzw4PCnahCwSTA0tXwwGPPn pqEtl+TKPr0GV+fvlG/9eFVtwOYQp80NoF0efLgM8VNpkBDVbMvZD8TBF6YD7e4q u4Q1OAYUHVzj7ngbV3l8wyJycJHzqNttOXpup66beGCNysKIYYxPUn5wUDzCxM9l sAQVBbseKfLfrxVIlaNj/rgbMI6PI6PCn75hTn9wwN2Ju3Yy8++XinUqyltPs4xS EwrRqnxmo74IEtyb6SxTgF56fCOg5zttDEJY01UwsyU/RJCgEss0Fr4uzOJXGZU0 QNT0oMTKM3Ud5QoO/Daz6qdgrHT6tH4HbKpMD/OuIefe2sy1Zo7SYz5hx4jGvtZT AMHpg1nlIbhMcXV0qFoxX4+cb8zQi7WOcmHbAUqZ0DDh+FLyHHl8w+z7/9J8BvgT 7tWTee7cp/Jojpu+JN4DgyepKme6wG1+dpKNWVqPLWE02FWUkNa//IECBbkOO9Ky rv7aLlSxlgSDsTSMZI+y05sNflbJHyZD3Nlq/c2V0WpVQd6virDaca/gVSNmymS9 u8f/oKnKcUYGsG3d8Yt/ =9LnB -----END PGP SIGNATURE-----