it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5878-1] php8.2 security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5878-1] php8.2 security update
Date: Fri, 14 Mar 2025 19:10:55 +0000
Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
List-archive: https://lists.debian.org/msgid-search/Z9R/P8tu/5rDQPbT AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From:Date :Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=TQV8cwMD+xkg24ZRp06golq/YINyslqPLmgy0qQyD+w=; b=Ff ++LctBprdu+QzzXOEF+h4K1EoEMm6+q8Nuc6UUoaU45WXAWg6SHnXd7+BNOSVJ80uirPE0OEk+keW 4x0JXBswbnasU5CxJvXlyhbBtm9EtwG8zJ1DvySjJjKbVyMfQCZ5oNQojMAr6GrhS/XIdvqtB61/7 puMZzryqvtucAy/0nqE9aNYuVMuQcGqquBJ7M4SaiiYG4OtDuxv79bV30vB+3xExzbnbYP87IQaa6 MPgSFUlGeqhXPiQ/4aYThfSeqB6pY9E9K0MMYpof9m0QsTIYr9RMHlKX6LbazCgmWDsW1QkYY1i1G 0bLAqXO9NOyBOIXWc2iQWmkaTmdhauAg==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Fri, 14 Mar 2025 19:11:17 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <HSNlpGUPb1N.A._LON.V9H1nB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5878-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 14, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : php8.2
CVE ID : CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736
CVE-2025-1861

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in denial of
service or HTTP request smuggling.

For the stable distribution (bookworm), these problems have been fixed in
version 8.2.28-1~deb12u1.

We recommend that you upgrade your php8.2 packages.

For the detailed security status of php8.2 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php8.2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmfUfhsACgkQEMKTtsN8
TjZGCBAAn8nVFh9VJEv7zQQBTPvzr3vbg+h/3iy10MceOjgT6g9YZNvIwoa7f+y+
ZHk/KGN5eyzTl1ddov2WiFTuauRnuzaAdZA0EQCSofg5U/LcFH3tukdg4NezfV9K
yeadoM3OLTMp6SfQ5pr7/+ttzLM+X4uozvV0gODG19555iwW9vlMOupHvMksYAUN
k1iqTENc6/efxtEch02UMTZIufUCvusX+SX1TTo8MRH/n3gfRmhB+GSJPR/tXaFW
Qj/0OMjUtNwb7SqAJ1njhdhP7clKaIUzAcMoJ47ov+tnVdTp2vTN+noAR1FEt0q+
wShzWDVchtNXiZRsmpzRTJERRE63YFrQwykYtWrVF9786QcTRS/dWN4RdkBB9M1W
V4etRloCC1wwD2OBYLGFMIaTHFZ86cKE5ykdRIMHqY1kycWfxp1EbyHDdSrxzCeC
2o5RouRJ60YiDWEcGLterEZA6m5NWU4h+mUUANrtBqio+OwrP30LGF46O/N/eWsU
lvG7rDa5Pu7f4aV1QwTbleOOvU7yRefj0P7GoLAI9SRV4ky6H0hSq3u9fZNmSZEU
a5r+vd2mRvS/lpO3Sx0oOXdrGMQ9qQfGHCMTAza38aFVdiwcVuUvLZtzNftgMv/+
85IwWWwIwXxZMrjbBVRs/iKE9MxQjK6JwBr2hEttdgsdkwiwj3s=
=fIH4
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5878-1] php8.2 security update, Moritz Muehlenhoff, 14.03.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.