Release Info

Advisory: CLSA-2023:1680621038

OS: Ubuntu 20.04 PHP

Public date: 2023-04-04 00:00:00

Project: php

Version: 7.1.33-40

Errata link: https://errata.cloudlinux.com/php-els/ubuntu20_04/CLSA-2023-1680621038.html

Changelog

* Fix for hardened PHP - CVE-2023-0567: Fix validation of malformed BCrypt hashes - CVE-2023-0568: Fix array overrun when appending slash to paths - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once

Update

Update command: apt-get update apt-get --only-upgrade install alt-php*

Packages list

alt-php71_7.1.33-40_amd64.deb alt-php71-bcmath_7.1.33-40_amd64.deb alt-php71-cli_7.1.33-40_amd64.deb alt-php71-common_7.1.33-40_amd64.deb alt-php71-dba_7.1.33-40_amd64.deb alt-php71-dev_7.1.33-40_amd64.deb alt-php71-enchant_7.1.33-40_amd64.deb alt-php71-firebird_7.1.33-40_amd64.deb alt-php71-gd_7.1.33-40_amd64.deb alt-php71-imap_7.1.33-40_amd64.deb alt-php71-intl_7.1.33-40_amd64.deb alt-php71-ldap_7.1.33-40_amd64.deb alt-php71-mbstring_7.1.33-40_amd64.deb alt-php71-mcrypt_7.1.33-40_amd64.deb alt-php71-mysqlnd_7.1.33-40_amd64.deb alt-php71-odbc_7.1.33-40_amd64.deb alt-php71-opcache_7.1.33-40_amd64.deb alt-php71-pdo_7.1.33-40_amd64.deb alt-php71-pgsql_7.1.33-40_amd64.deb alt-php71-process_7.1.33-40_amd64.deb alt-php71-pspell_7.1.33-40_amd64.deb alt-php71-recode_7.1.33-40_amd64.deb alt-php71-snmp_7.1.33-40_amd64.deb alt-php71-soap_7.1.33-40_amd64.deb alt-php71-tidy_7.1.33-40_amd64.deb alt-php71-xml_7.1.33-40_amd64.deb alt-php71-xmlrpc_7.1.33-40_amd64.deb

CVEs

CVE-2023-0567
CVE-2023-0662
CVE-2023-0568