USN-3566-1: PHP vulnerabilities<\/p>\n
12th February, 2018<\/em><\/p>\n A security issue affects these releases of Ubuntu and its Several security issues were fixed in PHP.\n<\/p>\n It was discovered that PHP incorrectly handled the PHAR 404 error page. A It was discovered that PHP incorrectly handled memory when unserializing It was discovered that PHP incorrectly handled 'front of' and 'back of' The problem can be corrected by updating your system to the following To update your system, please follow these instructions: In general, a standard system update will make all the necessary changes.<\/p>\n CVE-2017-12933<\/a>, <\/p>\n CVE-2017-16642<\/a>, <\/p>\n CVE-2018-5712<\/a><\/p>\n Source: USN-3566-1: PHP vulnerabilities<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" USN-3566-1: PHP vulnerabilities Ubuntu Security Notice USN-3566-1 12th February, 2018 php5 vulnerabilities A security issue affects these releases of Ubuntu and its derivatives: Ubuntu 14.04 LTS Summary Several security issues were fixed in PHP. Software description php5 – HTML-embedded scripting language interpreter Details It was discovered that PHP incorrectly handled the PHAR 404 error page. Aremote attacker could possibly use this issue to conduct cross-sitescripting (XSS) attacks. (CVE-2018-5712) It was discovered that PHP incorrectly handled memory when unserializingcertain data. A remote attacker could use this issue to cause PHP to crash,resulting in a denial of service, or possibly execute arbitrary code.(CVE-2017-12933) It was discovered that PHP incorrectly handled 'front of' and 'back of'date directives. A remote attacker could possibly use this issue to obtainsensitive information. (CVE-2017-16642) Update instructions The problem can be corrected by updating your system to the following [ more… ]<\/a><\/p>\n<\/div>","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[586],"tags":[587],"class_list":["post-22312","post","type-post","status-publish","format-standard","hentry","category-ubuntu-usn","tag-ubuntu-usn"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/22312","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/comments?post=22312"}],"version-history":[{"count":1,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/22312\/revisions"}],"predecessor-version":[{"id":22313,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/posts\/22312\/revisions\/22313"}],"wp:attachment":[{"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/media?parent=22312"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/categories?post=22312"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/jirak.net\/wp\/wp-json\/wp\/v2\/tags?post=22312"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}php5 vulnerabilities<\/h3>\n
\n derivatives:<\/p>\n\n
Summary<\/h3>\n
Software description<\/h3>\n
\n
\n – HTML-embedded scripting language interpreter<\/p>\n<\/li>\n<\/ul>\nDetails<\/h3>\n
remote attacker could possibly use this issue to conduct cross-site
scripting (XSS) attacks. (CVE-2018-5712<\/a>)<\/p>\n
certain data. A remote attacker could use this issue to cause PHP to crash,
resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2017-12933<\/a>)<\/p>\n
date directives. A remote attacker could possibly use this issue to obtain
sensitive information. (CVE-2017-16642<\/a>)<\/p>\nUpdate instructions<\/h3>\n
\npackage version:<\/p>\n\n
\n
\n 5.5.9+dfsg-1ubuntu4.23<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 5.5.9+dfsg-1ubuntu4.23<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 5.5.9+dfsg-1ubuntu4.23<\/a>
\n <\/span>\n <\/dd>\n
\n
\n 5.5.9+dfsg-1ubuntu4.23<\/a>
\n <\/span>\n <\/dd>\n<\/dl>\n
\nhttps:\/\/wiki.ubuntu.com\/Security\/Upgrades<\/a>.\n<\/p>\nReferences<\/h3>\n