• [SECURITY] [DSA 5780-1] php8.2 security update

    From Moritz Muehlenhoff@21:1/5 to All on Wed Oct 2 22:30:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5780-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 02, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : php8.2
    CVE ID : CVE-2024-8925 CVE-2024-8926 CVE-2024-8927

    Multiple security issues were found in PHP, a widely-used open source
    general purpose scripting language which could result in incorrect
    parsing of multipart/form-data, bypass of the cgi.force_direct directive
    or incorrect logging.

    For the stable distribution (bookworm), these problems have been fixed in version 8.2.24-1~deb12u1.

    We recommend that you upgrade your php8.2 packages.

    For the detailed security status of php8.2 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/php8.2

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmb9q3oACgkQEMKTtsN8 TjZ4oA/+Nl36uyLTq/85ouNISRwFOBJ66HUlPr/wkb8OQHNjHZiWFRfinFlR3nzw tIl8P8Te8NthAc/N8S87Qjq/mgtpSioVJyXQ+e+oILAubxP5BTwAMdiwPcBbeWdM KJNMNTWdgUJvt6ds8AZm2+Cvr/utWe6R0FzxKEiHDk5EhnYZxyrh9rPYAtzq12pa dBmy2d8PFMyCnBhdniK/vz6Icnx+qmRKChwau9YRXLh5gxxR19bTRw6yfq0xwtbG g3Cg/0XnsB03/5iKq4QS9bsP8q9rmqjb9E1DQNBxKyneCC7iDWOpQBo7UgPJKCyV Q+R4wu0s0I5Jz7aCMFq75FLjy1MwnhSxJ4hMPx+ouWj7J7hWGZxv+nVPzBHrB9N9 IGLeisKIMw6mH9H3rZlPZvUgirSJG/wmy5OkWgJA0hN85Xg0nheJ32ohvvvqDTdO +eV7w89eufOB+WehBCLKCtHYtMpQ8f3FVunGKW2xZO811p3+dqgYmb8FmBb53il/ Wt7C/RLq2H+QuMjUcQZyHKJyKMmFnd4vW8Z7Jy6uJrFt/WqzvwBv56g3sZ5r+Yob HSNuiz6h//WOG+VzKNYvuPVpQzC+KEMSFdi8CE2ldG1OAdCv+rheUj5PxkcwwPnM OjS/JPu+5jwg6Nt59w0HiSIJBIyHjfOG+/O+F8AD1khUIFRi5CM=
    =f6sC
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)