-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3631-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 26, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php5 CVE ID : CVE-2016-5385 CVE-2016-5399 CVE-2016-6289 CVE-2016-6290 CVE-2016-6291 CVE-2016-6292 CVE-2016-6294 CVE-2016-6295 CVE-2016-6296 CVE-2016-6297 Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development. The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more information: https://php.net/ChangeLog-5.php#5.6.24 For the stable distribution (jessie), these problems have been fixed in version 5.6.24+dfsg-0+deb8u1. For the unstable distribution (sid), these problems have been fixed in version 7.0.9-1 of the php7.0 source package. We recommend that you upgrade your php5 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJXl8vVAAoJEBDCk7bDfE423hAQAIPEiALq8HQACO7oVQWG1X14 T5M+RjjR/EYHqN0VLZ6JprRZDmN4noANfvWX2onKzF/KhA+1cKBvWrUz+X9623kb 6T5Cd2tsLJI9Cke83UcDJlD3wbPTW//9TRVLdPU1FI5LgJ4FU1pdxQ6KTMlcjiZ8 xAPCjwae8MOT+p4ajxjRS5DWM+oqEXi9oOIE4Ru+zUFY2y2zmV1u5rgSRRJbbeCv RUsPj6XGWHkEc36eoOLH3AC0ZKBfW6eQAC5NTUyMxFCYghD94QCHIGGNzeRrvnfX fvejjNAvgXcSle4xs2D4ltFUpF0uDWqrqflJKO7IvnNXB1uBgrCVcXsK+laz9dIX hYEy/HX/+lAcjPFSlZGj1LMKKHjVAvNJpjMGcC7hizOPVSOT/r0BvBhdID4sV26S WtkE60R6NcSwe589N+aIBLSPeR1YMs5wVi+Ez4iUR5VPOkqxOio412I5s1GiGeAg RJbZVHgxMPpsRpWhrXho+ZdDNI4Nd865MdQn8yIbCK4FmjsnN/gz5urWyLQcsSTT 8xnq3yaWK3dbfzWC6ZcvAdTBrDVXHTUeFU7XFMylMiCUGBHw7cgznJ47amWDmnnc Y2usZhlKV/c7rBDgYYH0dQfAIm93SSi5236wpWNA9utxbks0Lg0Uh2HpJ0zAZv1V LaE1mifVk8/cCxLvmcXn =7J9V -----END PGP SIGNATURE-----