Release Info

Advisory: CLSA-2023:1680618016

OS: Ubuntu 16.04 PHP

Public date: 2023-04-04 00:00:00

Project: php

Version: 7.4.33-5

Errata link: https://errata.cloudlinux.com/php-els/ubuntu16_04/CLSA-2023-1680618016.html

Changelog

* Fix for hardened PHP - CVE-2023-0567: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php74_7.4.33-5_amd64.deb alt-php74-bcmath_7.4.33-5_amd64.deb alt-php74-cli_7.4.33-5_amd64.deb alt-php74-common_7.4.33-5_amd64.deb alt-php74-dba_7.4.33-5_amd64.deb alt-php74-dev_7.4.33-5_amd64.deb alt-php74-enchant_7.4.33-5_amd64.deb alt-php74-firebird_7.4.33-5_amd64.deb alt-php74-gd_7.4.33-5_amd64.deb alt-php74-imap_7.4.33-5_amd64.deb alt-php74-intl_7.4.33-5_amd64.deb alt-php74-ldap_7.4.33-5_amd64.deb alt-php74-mbstring_7.4.33-5_amd64.deb alt-php74-mysqlnd_7.4.33-5_amd64.deb alt-php74-odbc_7.4.33-5_amd64.deb alt-php74-opcache_7.4.33-5_amd64.deb alt-php74-pdo_7.4.33-5_amd64.deb alt-php74-pgsql_7.4.33-5_amd64.deb alt-php74-process_7.4.33-5_amd64.deb alt-php74-pspell_7.4.33-5_amd64.deb alt-php74-snmp_7.4.33-5_amd64.deb alt-php74-soap_7.4.33-5_amd64.deb alt-php74-sodium_7.4.33-5_amd64.deb alt-php74-tidy_7.4.33-5_amd64.deb alt-php74-xml_7.4.33-5_amd64.deb alt-php74-xmlrpc_7.4.33-5_amd64.deb

CVEs

CVE-2023-0568
CVE-2023-0662
CVE-2023-0567