Alerts This Week
Warning Icon 1 697
Alerts This Week
Warning Icon 1 697

Slackware: 2023-045-02 Critical: PHP DoS Threat Mitigation

slackware
Calendar Grey February 15, 2023
Dist Slackware Esm H88
Latest PHP modules for Slackware 15.0 resolve serious security issues, featuring fixes for Denial of Service vulnerabilities. Update immediately!
New php packages are available for Slackware 15.0 and -current to fix security issues

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/php-7.4.33-i586-3_slack15.0.txz: Rebuilt. This update fixes security issues: Core: Password_verify() always return true with some hash. Core: 1-byte array overrun in common path resolve code. SAPI: DOS vulnerability when parsing multipart request body. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-0567 https://www.cve.org/CVERecord?id=CVE-2023-0568 https://www.cve.org/CVERecord?id=CVE-2023-0662 (* Security fix *) extra/php80/php80-8.0.28-i586-1_slack15.0.txz: Upgraded. This update fixes security issues: Core: Password_verify() always return true with some hash. Core: 1-byte array overrun in common path resolve code. SAPI: DOS vulnerability when parsing multipart request body. For more information, see: https://www.cve.org/CVERecord?id=CVE-2023-0567 https://www.cve.org/CVERecord?id=CVE-2023-0568

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue update critical php slackware dos

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you.
Updated packages for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/php-7.4.33-i586-3_slack15.0.txz
Updated packages for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/php-7.4.33-x86_64-3_slack15.0.txz
Updated packages for Slackware -current:
Updated packages for Slackware x86_64 -current:

MD5 Signatures

Slackware 15.0 packages: 42f70860c20e4d8e7919632643b5d1e9 php-7.4.33-i586-3_slack15.0.txz ca921cbd3e1913f168678b309478bb04 php80-8.0.28-i586-1_slack15.0.txz 3c315b9477355d47d90121e7f95309fa php81-8.1.16-i586-1_slack15.0.txz
Slackware x86_64 15.0 packages: 99e509806237a9f9ab01e023f384d622 php-7.4.33-x86_64-3_slack15.0.txz 32f5653c682942e82be61a113193fd9a php80-8.0.28-x86_64-1_slack15.0.txz e0ef677a63dc35962226d828ae53ffbf php81-8.1.16-x86_64-1_slack15.0.txz
Slackware -current packages: 93196b6545a6699bd9ad6a59dd24298e n/php-7.4.33-i586-3.txz 9128ba44e5ad38c5898dd8445f415aa2 extra/php80/php80-8.0.28-i586-1.txz 23fd959729ed20f7a5ba4cb965217e66 extra/php81/php81-8.1.16-i586-1.txz
Slackware x86_64 -current packages: 7b59cd25c8065f8ddc713d883a8fbda2 n/php-7.4.33-x86_64-3.txz edcb77db2ea1c340425241002ff5bd8f extra/php80/php80-8.0.28-x86_64-1.txz 0075cef00072f4fabee60241271e8213 extra/php81/php81-8.1.16-x86_64-1.txz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory security issue update critical php slackware dos

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg php-7.4.33-i586-3_slack15.0.txz Then, restart Apache httpd: # /etc/rc.d/rc.httpd stop # /etc/rc.d/rc.httpd start

Related News

Your message here