• [SECURITY] [DSA 4993-1] php7.3 security update

    From Salvatore Bonaccorso@21:1/5 to All on Mon Oct 25 22:30:02 2021
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-4993-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 25, 2021 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : php7.3
    CVE ID : CVE-2021-21703

    An out-of-bounds read and write flaw was discovered in the PHP-FPM code,
    which could result in escalation of privileges from local unprivileged
    user to the root user.

    For the oldstable distribution (buster), this problem has been fixed
    in version 7.3.31-1~deb10u1.

    We recommend that you upgrade your php7.3 packages.

    For the detailed security status of php7.3 please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/php7.3

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmF3EohfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0QTzBAAgt5HqxH7k7LMTK1tnwY2HXoNB9avYOwLrZbuox+D6hU9RO0en+3phMK1 2rwREhAwwvbt2SuqmGOnxnLHfpvuS31ufHmLaiGVsGPJL3qAy3t/w3DZ1euZf60A MLbHuLElmA6PuPnsnQbzNb28PfTFjkYt2u0nRSU4R1Te78mZg4tw/IlrCUAeHOUJ /7AuTpv7zTCP765YqEgqJfg5lL+NhsAxrZ//6Zx7hDvqb1VIc3vHKpC/DJWP56XS YVmGILhEZIY33ixGdQR6/uW0VrvW0AELzveVpiOZVZcGYJH2j2V2xW7cTcPZXiyO hBbnBDHPi+PyH8I461J9RLw/8dJpU6zn+I2w5RSmMhVk+swjkBTiBLbyeOfp5mBS 7wCPyEBUYGD6AiWG96qfpn2/ACHyY+ndrMWabtCfgRGkwcb2kqRhQ4Ai3nYSZm1l 3XDdNIg+Ywtf7NRwblBVlvJ4egy8tj0ERB9wigd2av1buHl6Ji6xRvePYHShm6xi C02qTL7cFfKmTxfk0HdwtUu0zYc9qKZb9VAcPwiwqTbgWXWbnTLivBoIJ1iubQsU kOpzH41nt7vlmaFb6Q5HCGNdrwIQ3CwavFdnIfF7YCV9tN7qJwI61KsBcGM6l5hW 1oCvUbEyeaaVNl2REsDNqtzJE154Prd//3pwShMNHlHcxwf+LV8=
    =1d/J
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)