Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5967-1] php8.2 security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5967-1] php8.2 security update


Chronologisch Thread  
  • From: Salvatore Bonaccorso <carnil AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5967-1] php8.2 security update
  • Date: Mon, 28 Jul 2025 19:52:41 +0000
  • Authentication-results: lists.piratenpartei.de; dkim=none; spf=none (lists.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 2001:41b8:202:deb:216:36ff:fe40:4002) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"; dmarc=none
  • List-archive: https://lists.debian.org/msgid-search/E1ugTtp-002Ol0-0B AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Date:Message-Id:Subject:To:From:Reply-To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=sVZInGkXjmjzeWrBUS4KPAFySMA3UW8nQlVrwfSe7DA=; b=mo 5uccAL7NXIfOdIPJcb5nvD8NuChqFJ5tg4jRSrLnB6kITnrOLGmE/urYQF55YcW88VHDtW39zr5v/ mF1MsGgw0Tu5brlpf/iIi5ujx/RhHaLSRX3C95YrdJSzV+jZkRkvgAjEipjOp5GJVPP43wXq+aGXq jmsDqq+m4h6e/5NBFyKoBA1tVlkGl737m8ygASJUHN5gIj3XmoKXrt5mSFo9wradHHPf5JdSVPGHb J56IW/2hxZKCIR33iCUqsNHNybz1RElzNKLl1cUsp+yZ+1lXhBUZYDsDZDsfVmEwEtrtukqsGWtlT IckCq95Y41ZqnDLEAiWAwdH1uxADUNMg==;
  • Old-return-path: <carnil AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Mon, 28 Jul 2025 19:53:06 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <d03c7XLkZxF.A.Iu_M.hU9hoB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5967-1 security AT debian.org
https://www.debian.org/security/ Salvatore Bonaccorso
July 28, 2025 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : php8.2
CVE ID : CVE-2025-1220 CVE-2025-1735 CVE-2025-6491

Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in denial of
service or server side request forgery.

For the stable distribution (bookworm), these problems have been fixed in
version 8.2.29-1~deb12u1.

We recommend that you upgrade your php8.2 packages.

For the detailed security status of php8.2 please refer to its security
tracker page at:
https://security-tracker.debian.org/tracker/php8.2

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmiH1CxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND
z0RjVg/+M1jK/TjYRbH/bT89R3gmauY7WfeQpalqGe1PqExVP3oPMJlZu3lKuRWN
uI/wU6UADGfm9MTUNqvqh+Rj6Pl4z7zupJ0J3jiKdhNgBBCKBrIVB3ZeAwx0YuKh
y3lu96IzTRlXnvDtEL/F2yF9IX6wNuvmfFjmPN7qNC8ib7jM2JjAg1LGslwwpXRM
3SQAbHs0JGtTNQB7tGcDtE6a5AQjeicJkfsj8/KrIqoC5qlzjwsoiRy+hXB5IOMN
4A+CjQBmvtmEyN+ixpEtzO7wC3mFwu9O7XDljnIic31nDBrGmEIiRqLFxVZtiq4V
XIeBbfSDq6Kzc5Y3Zr4JpT+60dO6brndVatBRfLgWdHEyTvdJ3qYvKoXrVROU4Vh
RB1FH1KWwu8Pi1MobgcHbHAqx6izxdAHxDmR1XXiAR7UB7H16ksCWxkqWuKoXEv8
0DyDkkLvA4tjwWw/BTUnFwSd5zvAj0vxiP4HqFjGhnKHYEG5AeyqvHE4ukAlqACx
Tv88rpBc85CPFmE2EjuM3MSHyHye/x4ciHGH9bcnUKSmU3wvoBDTtQ/T5RFZBuEv
6Lyi7K8KoTyXfayY7q72tGVXeZ4Z/Nih8UWjKIFxCeFG2XOhfTIN10p6o1shja/V
0bDVhCN/Fpqi34+kF1t6mROTU9O8UyTowwdHh8bj0SuZU7rrNhs=
=U8kN
-----END PGP SIGNATURE-----



  • [IT-SecNots] [SECURITY] [DSA 5967-1] php8.2 security update, Salvatore Bonaccorso, 28.07.2025

Archiv bereitgestellt durch MHonArc 2.6.19+.

Seitenanfang