• [SECURITY] [DSA 4935-1] php7.3 security update

    From Moritz Muehlenhoff@21:1/5 to All on Mon Jul 5 20:30:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4935-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    July 05, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : php7.3
    CVE ID : CVE-2021-21704 CVE-2021-21705

    Multiple security issues were found in PHP, a widely-used open source
    general purpose scripting language which could result an SSRF bypass
    of the FILTER_VALIDATE_URL check and denial of service or potentially
    the execution of arbitrary code in the Firebird PDO.

    For the stable distribution (buster), these problems have been fixed in
    version 7.3.29-1~deb10u1.

    We recommend that you upgrade your php7.3 packages.

    For the detailed security status of php7.3 please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/php7.3

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmDjTqYACgkQEMKTtsN8 Tjb9thAApXkYm6fyLT8BpRPj21y0JaMGirAH4Z6N32Jnb9Uqt5r1/CORTEZ6ZF0t ruJwebu9cvikv5RO/Lmz3vUSlvfqrsxviEP09yGC1cH2OByvutkSETG5mVaSiC8Q rmivT1vgTBywZAajHgZLJZxk+YfWDEZRH9aSovFUUVzQajEnBeMq0rGrGUCgP8AW 0q/Ro6Mo0tdJx5ci8eUxXCk2gpwmmJKrmOKQjiNpJmjKStM5ovQYCrcaPkF7B7/g eLRbGv9s+ZGqVsa7J9/VY32C2YiKMJ78Ry4+YYFOAg7KAd+7IiOIF3HxZs/lTWvN ud8lirN0pc9TB7ji30vKnah2R1sO0X2hEu0XG0wGHJLhrUJkF9U5uy4JyVV8Aksp a/2GyFBK7Lz0kTpUOSCi16I8+vOgvpANXsRX146dfUVVb7tXjVdMWneCuS4a6A6k 0hZo3mQPHUlat70hJXv3po6qQAVayvKiOI/FbUzThkepWIolFnaRXMq5cAOTwB6O fG2ht0tAADtAi6gUTDwrlmViwdEUXPrn2MNPqT+6gp8XpteXW9fRZ51DtmSle0eh hG5Dwu9bLoS2okCXqQKVAUGwOzwKykq6RcvoGxqr54jF3554+LtYbpoIdibqAyOw L3/G1MK4HIr2ktKL/kSghF7KHFOC0Cntz3P6Pe7SmeU2RCvPuWU=
    =muSI
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)