Debian Security Advisory(Debian安全报告) DSA-4403-1 php7.0

时间:2021-08-10 12:25:07

Package        : php7.0

CVE ID         : 还未申请

在广泛使用的开放源码通用脚本语言PHP中发现了多个安全问题:EXIF扩展存在多个无效内存访问的情况,并且发现rename()方法实现不安全。

这个问题在7.0.33-0+deb9u3版本中得到了解决。

有关php7.0的详细安全状态,请参阅其安全跟踪器页面:https://secur-tracker.debian.org/tracker/php7.0

--------------------

Package        : php7.0

CVE ID         : not yet available

Multiple security issues were found in PHP, a widely-used open source general purpose scripting language: The EXIF extension had multiple cases of invalid memory access and rename() was implemented insecurely.

For the stable distribution (stretch), this problem has been fixed in version 7.0.33-0+deb9u3.

For the detailed security status of php7.0 please refer to its security tracker page at:https://security-tracker.debian.org/tracker/php7.0