-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with undefined - http://www.enigmail.net/
iQIbBAEBCgAGBQJRt3cpAAoJEGVp2FWnRL6T9K8P+Pv39YOwWMoAk9mDFUYphC9H
b0s3KvFsYB3wAjuXvb5tB+bOBzVGdNP3To1lJoD2Ok+h00krH8LvmA7dprTYWWQr
2UUqCb3dJNhPxcrEKm++UzqKQsx5MHoJpkkLG4HXaZCocXBRTWjgsGuUS6+iAm3B
8hlKJkTe5R9sn0vWqz3i09pfz4ud1WxGtlfrTU1xxgGduY2raRe5QLMHmiInbf6t
Er5CvzaC2UI6cdNMJLB9tCdaw8THdoYZf2xUwszHzmZkvcb1YKMVZMgQc+h8Yodt
xUkFgiMvAGaJZNqR3LAeR49YGuJaDO7RgCAeGDIbDZrrIUzqqCpJ7W5SqFErQFxb
CUattUTbWLn/CMzS6TKVPR4dn0kPqS0q9H0rAaUoHtY2MiDjx/wGC44l1NK1V9EY
njZNTgRaPyDLvaIAgvi3esRCDA9gy2mQQOeUA29nwLsSgsykVDl0sXYjwA3z6t12
6FxMm9nTPaK8BoE2RcYhkTEwi5DeBOgckv56OGR7kUvD44iIDUrbCN8xUD52S2T0
7k1VN/wWTrV1AV6PYq0O7TRkFBiv9C976MNVa+7YJgrhZUglCC17SvEd4pEcsX0B
tPXGix/HyCQLyaV1CKyq6Pc+JuuSN1ucV4+SFDU/vUYqZSdKrEoEVq+fCND6yN26
X/7AxjAMuRqmEghpfMU=
=XTlB
-----END PGP SIGNATURE-----
==========================================================================
Ubuntu Security Notice USN-1872-1
June 11, 2013
php5 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 13.04
Summary:
PHP could be made to crash or run programs if it received specially crafted
input.
Software Description:
- php5: HTML-embedded scripting language interpreter
Details:
It was discovered that PHP incorrectly handled the quoted_printable_encode
function. An attacker could use this flaw to cause PHP to crash, resulting
in a denial of service, or to possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 13.04:
php5 5.4.9-4ubuntu2.1
In general, a standard system update will make all the necessary changes.
References:
http://www.ubuntu.com/usn/usn-1872-1
CVE-2013-2110
Package Information:
https://launchpad.net/ubuntu/+source/php5/5.4.9-4ubuntu2.1
No comments:
Post a Comment