[SECURITY] [DSA 3358-1] php5 security update

Type securityvulns
Reporter Securityvulns
Modified 2015-09-15T00:00:00


Debian Security Advisory DSA-3358-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso September 13, 2015 https://www.debian.org/security/faq

Package : php5 CVE ID : CVE-2015-6834 CVE-2015-6835 CVE-2015-6836 CVE-2015-6837 CVE-2015-6838

Several vulnerabilities were found in PHP, a general-purpose scripting language commonly used for web application development.

The vulnerabilities are addressed by upgrading PHP to new upstream versions (5.4.45 and 5.6.13), which include additional bug fixes. Please refer to the upstream changelog for more information:

https://php.net/ChangeLog-5.php#5.4.45 https://php.net/ChangeLog-5.php#5.6.13

For the oldstable distribution (wheezy), these problems have been fixed in version 5.4.45-0+deb7u1.

For the stable distribution (jessie), these problems have been fixed in version 5.6.13+dfsg-0+deb8u1.

We recommend that you upgrade your php5 packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org