Release Info

Advisory: CLSA-2023:1680615865

OS: Ubuntu 22.04 PHP

Public date: 2023-04-04 00:00:00

Project: php

Version: 7.0.33-73

Errata link: https://errata.cloudlinux.com/php-els/ubuntu22_04/CLSA-2023-1680615865.html

Changelog

* Fix for hardened PHP - CVE-2023-0567: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php70_7.0.33-73_amd64.deb alt-php70-bcmath_7.0.33-73_amd64.deb alt-php70-cli_7.0.33-73_amd64.deb alt-php70-common_7.0.33-73_amd64.deb alt-php70-dba_7.0.33-73_amd64.deb alt-php70-dev_7.0.33-73_amd64.deb alt-php70-enchant_7.0.33-73_amd64.deb alt-php70-firebird_7.0.33-73_amd64.deb alt-php70-gd_7.0.33-73_amd64.deb alt-php70-imap_7.0.33-73_amd64.deb alt-php70-intl_7.0.33-73_amd64.deb alt-php70-ldap_7.0.33-73_amd64.deb alt-php70-mbstring_7.0.33-73_amd64.deb alt-php70-mcrypt_7.0.33-73_amd64.deb alt-php70-mysqlnd_7.0.33-73_amd64.deb alt-php70-odbc_7.0.33-73_amd64.deb alt-php70-opcache_7.0.33-73_amd64.deb alt-php70-pdo_7.0.33-73_amd64.deb alt-php70-pgsql_7.0.33-73_amd64.deb alt-php70-process_7.0.33-73_amd64.deb alt-php70-pspell_7.0.33-73_amd64.deb alt-php70-recode_7.0.33-73_amd64.deb alt-php70-snmp_7.0.33-73_amd64.deb alt-php70-soap_7.0.33-73_amd64.deb alt-php70-tidy_7.0.33-73_amd64.deb alt-php70-xml_7.0.33-73_amd64.deb alt-php70-xmlrpc_7.0.33-73_amd64.deb

CVEs

CVE-2023-0662
CVE-2023-0567
CVE-2023-0568