What Are You Looking For?

Popular Tags

Sign Up
-------------------------------------------------------------------------Debian LTS Advisory DLA-3458-1                [email protected]
https://www.debian.org/lts/security/                       Guilhem Moulin
June 20, 2023                                 https://wiki.debian.org/LTS
-------------------------------------------------------------------------Package        : php7.3
Version        : 7.3.31-1~deb10u4
CVE ID         : CVE-2023-3247

Niels Dossche and Tim Düsterhus discovered that PHP's implementation of
the SOAP HTTP Digest authentication did not check for failures, which
may result in a stack information leak.  Furthermore, the code used an
insufficient number of random bytes.

For Debian 10 buster, this problem has been fixed in version
7.3.31-1~deb10u4.

We recommend that you upgrade your php7.3 packages.

For the detailed security status of php7.3 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.3

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Debian LTS: DLA-3458-1: php7.3 security update

June 20, 2023
Niels Dossche and Tim Düsterhus discovered that PHP's implementation of the SOAP HTTP Digest authentication did not check for failures, which may result in a stack information l...

Summary


Severity
-------------------------------------------------------------------------Package : php7.3
Version : 7.3.31-1~deb10u4
CVE ID : CVE-2023-3247

News

Advisories

HOWTOs

Features

Everything You Need to Know About Linux Proxy Servers
Simple Steps for Identifying & Troubleshooting a Kernel Panic
Linux Endpoint Detection and Response (EDR): A Crucial Part of a Successful Cybersecurity Strategy
Supercharging Linux: Tips & Tricks to Beat the Threat Landscape
LinuxSecurity.com Migrates to Joomla 4 and PHP 8: Our Experience & Key Takeaways

About Us

Powered By

Footer Logo

Feedback