Release Info

Advisory: CLSA-2023:1680618977

OS: Ubuntu 20.04 PHP

Public date: 2023-04-04 00:00:00

Project: php

Version: 7.3.33-11

Errata link: https://errata.cloudlinux.com/php-els/ubuntu20_04/CLSA-2023-1680618977.html

Changelog

* Fix for hardened PHP - CVE-2023-0567: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php73_7.3.33-11_amd64.deb alt-php73-bcmath_7.3.33-11_amd64.deb alt-php73-cli_7.3.33-11_amd64.deb alt-php73-common_7.3.33-11_amd64.deb alt-php73-dba_7.3.33-11_amd64.deb alt-php73-dev_7.3.33-11_amd64.deb alt-php73-enchant_7.3.33-11_amd64.deb alt-php73-firebird_7.3.33-11_amd64.deb alt-php73-gd_7.3.33-11_amd64.deb alt-php73-imap_7.3.33-11_amd64.deb alt-php73-intl_7.3.33-11_amd64.deb alt-php73-ldap_7.3.33-11_amd64.deb alt-php73-mbstring_7.3.33-11_amd64.deb alt-php73-mysqlnd_7.3.33-11_amd64.deb alt-php73-odbc_7.3.33-11_amd64.deb alt-php73-opcache_7.3.33-11_amd64.deb alt-php73-pdo_7.3.33-11_amd64.deb alt-php73-pgsql_7.3.33-11_amd64.deb alt-php73-process_7.3.33-11_amd64.deb alt-php73-pspell_7.3.33-11_amd64.deb alt-php73-recode_7.3.33-11_amd64.deb alt-php73-snmp_7.3.33-11_amd64.deb alt-php73-soap_7.3.33-11_amd64.deb alt-php73-sodium_7.3.33-11_amd64.deb alt-php73-tidy_7.3.33-11_amd64.deb alt-php73-xml_7.3.33-11_amd64.deb alt-php73-xmlrpc_7.3.33-11_amd64.deb

CVEs

CVE-2023-0568
CVE-2023-0662
CVE-2023-0567