Debian alert DLA-3986-1 (php7.4)
| From: | Guilhem Moulin <guilhem@debian.org> | |
| To: | debian-lts-announce@lists.debian.org | |
| Subject: | [SECURITY] [DLA 3986-1] php7.4 security update | |
| Date: | Sun, 08 Dec 2024 15:46:12 +0100 | |
| Message-ID: | <Z1WxNL0Vw0ES6Y0Y@debian.org> |
------------------------------------------------------------------------- Debian LTS Advisory DLA-3986-1 debian-lts@lists.debian.org https://www.debian.org/lts/security/ Guilhem Moulin December 08, 2024 https://wiki.debian.org/LTS ------------------------------------------------------------------------- Package : php7.4 Version : 7.4.33-1+deb11u7 CVE ID : CVE-2024-8929 CVE-2024-8932 CVE-2024-11233 CVE-2024-11234 CVE-2024-11236 Debian Bug : 1088688 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language, which could result in denial of service, authorization bypass, or information disclosure. CVE-2024-8929 Sébastien Rolland discovered a partial content leak of the heap through heap buffer over-read in mysqlnd. By connecting to a fake MySQL server or tampering with network packets and initiating a SQL Query, it is possible to abuse php_mysqlnd_rset_field_rea() when parsing MySQL fields packets in order to include the rest of the heap content starting from the address of the cursor of the currently read buffer. CVE-2024-8932 Yiheng Cao discovered that uncontrolled long string inputs to ldap_escape() on 32-bit systems can cause an integer overflow, resulting in an out-of-bounds write. CVE-2024-11233 A memory-related vulnerability was discovered in the filter handling system, particularly when processing input with convert.quoted-printable-decode filters, which could lead to a segmentation fault. This vulnerability is triggered through specific sequences of input data, causing PHP to crash. When exploited, it allows an attacker to extract a single byte of data from the heap or result in denial of service. CVE-2024-11234 Lorenzo Leonardini discovered that Configuring a proxy in a stream context might allow for CRLF injection in URIs, which could lead to authorization bypass by Server Side Request Forgery attack (SSRF). CVE-2024-11236 An integer overflow vulnerability was found in the firebird and dblib quoters, which can result in out-of-bounds writes. GHSA-4w77-75f9-2c8w A heap-use-after-free vulnerability was discovered in the sapi_read_post_data() function, which could allow an attacker to exploit memory safety issues during POST request processing. For Debian 11 bullseye, these problems have been fixed in version 7.4.33-1+deb11u7. We recommend that you upgrade your php7.4 packages. For the detailed security status of php7.4 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php7.4 Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS
Attachment: signature.asc (type=application/pgp-signature)
-----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEERpy6p3b9sfzUdbME05pJnDwhpVIFAmdVsTIACgkQ05pJnDwh pVKyhBAAvZHAMEE2ShJyFtw3KcPiApFslcced/KcL06AfmMpGFdzhP3w/Z4XTNzm +gbPKwfyp71koLsjgXSc8bDyQjIu1TWUaSwg9q2i7RwlAHduNqupHbmfrp2uIovJ uVbwoDG2sR4DXLG+XtgyrA29AISZa2suX+xNC3ENb1nAx7gu4YQrh4ASba9kmGQ4 Xo/IiAiq2TUbik5bwYDz/LGyHLrYeqm2710A6WoOioKTOfQxw6fCKyoxV5Q1Mxyq 1SrO+rUIzaSO3gIxwVgGqppj6014ZZGCnF3SxkRks2pHuzbd6yxbiHIjBtLcF8Cq wxjJt/I6olgKG/bb/aPfVFy6t6PnhT3PkfpXpKd6e2zx9VjNZBx99EDe6QMaZVAC 7F0eChL301yRaB7cCXG1PpGx6QtxDmKoxVvDRjjGEZxLr1QYEdLIGjJIOFCIvWnZ uJW9Zezqi360NEjstFja/VT4PIVdB/s9/gKits/LXi8yGNiK7RRYG1dGoyklE2b9 5aflKb1xiWU3FQSn93YsS9hydqXOxopBN58KFOxW/L4EtKKriWimN2W8OVASGpwg 6eGWgRbYNPD4kt5hfl3rFx8fiXCAeaM2E6v592Rr3O//VPNhyi7ZXymzNS5MiD3U 0tpuVPGIPhCY8eTsnj51lOxF5FUHaEFwBNZXsq0cry97JN11xr4= =JZ+/ -----END PGP SIGNATURE-----