GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Thu May 27, 2021 5:26 am Post subject: [ glsa 202105-23 ] php |
 |
|
Gentoo Linux Security Advisory
Title: PHP: Multiple vulnerabilities (GLSA 202105-23)
Severity: normal
Exploitable: local, remote
Date: 2021-05-26
Bug(s): #764314, #768756, #788892
ID: 202105-23
Synopsis
Multiple vulnerabilities have been found in PHP, the worst of which
could result in a Denial of Service condition.
Background
PHP is an open source general-purpose scripting language that is
especially suited for web development.
Affected Packages
Package: dev-lang/php
Vulnerable: < 8.0.6
Unaffected: >= 7.3.28
Unaffected: >= 7.4.19
Unaffected: >= 8.0.6
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in PHP. Please review the
CVE identifiers and bugs referenced below for details.
Impact
Please review the referenced CVE identifiers and bugs for details.
Workaround
There is no known workaround at this time.
Resolution
All PHP 7.3.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-7.3.28:7.3"
|
All PHP 7.4.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-7.4.19:7.4"
|
All PHP 8.0.x users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-lang/php-8.0.6:8.0"
|
References
CVE-2020-7071
CVE-2021-21702 |
|
News & Announcements
