diff options
author | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-06-14 00:59:39 +0200 |
---|---|---|
committer | Jean-Pierre Giraud <jean-pierregiraud@neuf.fr> | 2023-06-14 00:59:39 +0200 |
commit | cce4e4adbe4bfefc6028d55c31ac6bc4b2999c26 (patch) | |
tree | e5bd078048db0dadf72c1b08020fa660be3ea5a3 | |
parent | c5509af528aa35c1f0f1d4333d57bfc6a7e7e324 (diff) |
[SECURITY] [DSA 5425-1] php8.2 security update
-rw-r--r-- | english/security/2023/dsa-5425.data | 13 | ||||
-rw-r--r-- | english/security/2023/dsa-5425.wml | 20 |
2 files changed, 33 insertions, 0 deletions
diff --git a/english/security/2023/dsa-5425.data b/english/security/2023/dsa-5425.data new file mode 100644 index 00000000000..3328de1513c --- /dev/null +++ b/english/security/2023/dsa-5425.data @@ -0,0 +1,13 @@ +<define-tag pagetitle>DSA-5425-1 php8.2</define-tag> +<define-tag report_date>2023-6-13</define-tag> +<define-tag secrefs>not yet available</define-tag> +<define-tag packages>php8.2</define-tag> +<define-tag isvulnerable>yes</define-tag> +<define-tag fixed>yes</define-tag> +<define-tag fixed-section>no</define-tag> + +#use wml::debian::security + + + +</dl> diff --git a/english/security/2023/dsa-5425.wml b/english/security/2023/dsa-5425.wml new file mode 100644 index 00000000000..6f839d0edde --- /dev/null +++ b/english/security/2023/dsa-5425.wml @@ -0,0 +1,20 @@ +<define-tag description>security update</define-tag> +<define-tag moreinfo> +<p>It was discovered that PHP's implementation of SOAP HTTP Digest +authentication performed insufficient error validation, which may result +in a stack information leak or use of weak randomness.</p> + +<p>For the stable distribution (bookworm), this problem has been fixed in +version 8.2.7-1~deb12u1.</p> + +<p>We recommend that you upgrade your php8.2 packages.</p> + +<p>For the detailed security status of php8.2 please refer to +its security tracker page at: +<a href="https://security-tracker.debian.org/tracker/php8.2">\ +https://security-tracker.debian.org/tracker/php8.2</a></p> +</define-tag> + +# do not modify the following line +#include "$(ENGLISHDIR)/security/2023/dsa-5425.data" +# $Id: $ |