Univention Bugzilla – Bug 56549
php7.3: Multiple issues (5.0)
Last modified: 2023-09-06 16:42:00 CEST
New Debian php7.3 7.3.31-1~deb10u5 fixes: This update addresses the following issues: 7.3.31-1~deb10u5 (Mon, 04 Sep 2023 23:49:25 +0200) * Non-maintainer upload by the LTS Security Team. * Fix CVE-2023-3823: Security issue with external entity loading in XML without enabling it. * Fix CVE-2023-3824: Buffer overflow and overread in phar_dir_read().
--- mirror/ftp/pool/main/p/php7.3/php7.3_7.3.31-1~deb10u4.dsc +++ apt/ucs_5.0-0-errata5.0-4/source/php7.3_7.3.31-1~deb10u5.dsc @@ -1,3 +1,10 @@ +7.3.31-1~deb10u5 [Mon, 04 Sep 2023 23:49:25 +0200] Guilhem Moulin <guilhem@debian.org>: + + * Non-maintainer upload by the LTS Security Team. + * Fix CVE-2023-3823: Security issue with external entity loading in XML + without enabling it. + * Fix CVE-2023-3824: Buffer overflow and overread in phar_dir_read(). + 7.3.31-1~deb10u4 [Mon, 19 Jun 2023 21:10:11 +0200] Guilhem Moulin <guilhem@debian.org>: * Non-maintainer upload by the LTS Security Team. <http://piuparts.knut.univention.de/5.0-4/#6088024165104733488>
OK: bug OK: yaml OK: announce_errata OK: patch OK: piuparts [5.0-4] 3ddb133f74 Bug #56549: php7.3 7.3.31-1~deb10u5 doc/errata/staging/php7.3.yaml | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) [5.0-4] feb5f8c5c5 Bug #56549: php7.3 7.3.31-1~deb10u5 doc/errata/staging/php7.3.yaml | 17 +++++++++++++++++ 1 file changed, 17 insertions(+)
<https://errata.software-univention.de/#/?erratum=5.0x797>