[SECURITY] [DSA 5425-1] php8.2 security update

2023-06-1320:05:07

lists.debian.org

php8.2

cve

unix

weak randomness

debian

stack information leak

soap http digest

security update

JSON

Debian Security Advisory DSA-5425-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
June 13, 2023 https://www.debian.org/security/faq

Package : php8.2
CVE ID : not yet available

It was discovered that PHP's implementation of SOAP HTTP Digest
authentication performed insufficient error validation, which may result
in a stack information leak or use of weak randomness.

For the stable distribution (bookworm), this problem has been fixed in
version 8.2.7-1~deb12u1.

We recommend that you upgrade your php8.2 packages.

For the detailed security status of php8.2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php8.2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian12mips64elphp8.2-interbase-dbgsym< 8.2.7-1~deb12u1php8.2-interbase-dbgsym_8.2.7-1~deb12u1_mips64el.deb
Debian12armhfphp8.2-interbase< 8.2.7-1~deb12u1php8.2-interbase_8.2.7-1~deb12u1_armhf.deb
Debian12s390xphp8.2-odbc-dbgsym< 8.2.7-1~deb12u1php8.2-odbc-dbgsym_8.2.7-1~deb12u1_s390x.deb
Debian12amd64php8.2-curl< 8.2.7-1~deb12u1php8.2-curl_8.2.7-1~deb12u1_amd64.deb
Debian12armhfphp8.2-tidy-dbgsym< 8.2.7-1~deb12u1php8.2-tidy-dbgsym_8.2.7-1~deb12u1_armhf.deb
Debian12armhfphp8.2-sybase< 8.2.7-1~deb12u1php8.2-sybase_8.2.7-1~deb12u1_armhf.deb
Debian12arm64php8.2-cli-dbgsym< 8.2.7-1~deb12u1php8.2-cli-dbgsym_8.2.7-1~deb12u1_arm64.deb
Debian12armelphp8.2-enchant-dbgsym< 8.2.7-1~deb12u1php8.2-enchant-dbgsym_8.2.7-1~deb12u1_armel.deb
Debian12mipselphp8.2-cgi-dbgsym< 8.2.7-1~deb12u1php8.2-cgi-dbgsym_8.2.7-1~deb12u1_mipsel.deb
Debian12amd64php8.2-pspell< 8.2.7-1~deb12u1php8.2-pspell_8.2.7-1~deb12u1_amd64.deb

OS	Version	Architecture	Package	Version	Filename
Debian	12	mips64el	php8.2-interbase-dbgsym	< 8.2.7-1~deb12u1	php8.2-interbase-dbgsym_8.2.7-1~deb12u1_mips64el.deb
Debian	12	armhf	php8.2-interbase	< 8.2.7-1~deb12u1	php8.2-interbase_8.2.7-1~deb12u1_armhf.deb
Debian	12	s390x	php8.2-odbc-dbgsym	< 8.2.7-1~deb12u1	php8.2-odbc-dbgsym_8.2.7-1~deb12u1_s390x.deb
Debian	12	amd64	php8.2-curl	< 8.2.7-1~deb12u1	php8.2-curl_8.2.7-1~deb12u1_amd64.deb
Debian	12	armhf	php8.2-tidy-dbgsym	< 8.2.7-1~deb12u1	php8.2-tidy-dbgsym_8.2.7-1~deb12u1_armhf.deb
Debian	12	armhf	php8.2-sybase	< 8.2.7-1~deb12u1	php8.2-sybase_8.2.7-1~deb12u1_armhf.deb
Debian	12	arm64	php8.2-cli-dbgsym	< 8.2.7-1~deb12u1	php8.2-cli-dbgsym_8.2.7-1~deb12u1_arm64.deb
Debian	12	armel	php8.2-enchant-dbgsym	< 8.2.7-1~deb12u1	php8.2-enchant-dbgsym_8.2.7-1~deb12u1_armel.deb
Debian	12	mipsel	php8.2-cgi-dbgsym	< 8.2.7-1~deb12u1	php8.2-cgi-dbgsym_8.2.7-1~deb12u1_mipsel.deb
Debian	12	amd64	php8.2-pspell	< 8.2.7-1~deb12u1	php8.2-pspell_8.2.7-1~deb12u1_amd64.deb

Rows per page:

1-10 of 5871

JSON