PHP Vulnerability Fixes in All Supported Ubuntu OSes

Build it and learn to secure your system/server.


PHP Vulnerability Fixes in All Supported Ubuntu OSes

Postby Micro » Thu Mar 14, 2013 9:58 am

On March 13, Canonical published in a security notice details about a GnuTLS vulnerability for its Ubuntu 12.10, Ubuntu 12.04 LTS, Ubuntu 11.10, Ubuntu 10.04 LTS, and Ubuntu 8.04 LTS operating systems. According to Canonical, PHP could be made to expose sensitive information over the network. It was discovered that PHP incorrectly handled XML external entities in SOAP WSDL files. A remote attacker could use this flaw to read arbitrary files off the server. The security flaws can be fixed if you upgrade your system(s) to the latest php5 package, specific to each distribution. To apply the update, run the Update Manager:
Ubuntu 12.10:
php5 5.4.6-1ubuntu1.2
Ubuntu 12.04 LTS:
php5 5.3.10-1ubuntu3.6
Ubuntu 11.10:
php5 5.3.6-13ubuntu3.10
Ubuntu 10.04 LTS:
php5 5.3.2-1ubuntu4.19
Ubuntu 8.04 LTS:
php5 5.2.4-2ubuntu5.27
Image
https://www.linkedin.com/in/josephperrello
Thermaltake Series Core X9 SPCC E-ATX Cube Case
CORSAIR Vengeance LPX 64GB Quad Channel DDR4
EVGA 120-G1-0750-XR 80 PLUS GOLD 750W PSU
APC BR1300G Back-UPS Pro 780W/1300VA UPS
ASRock X99 Extreme4 LGA X99 Motherboard
OC-Intel Core i7-5820K @ 4.1GHz × 12
Corsair H100i V2 CPU Cooler. 240mm
Kernel Linux 4.6.4-1-ARCH x86_64
MATE Desktop Environment 1.12.1
OS - SAMSUNG 950 PRO M.2 512GB
DATA - 2 SSD 840 EVO RAID 0
MEDIA - 4 HDD 3TB RAID 0
NVIDIA GeForce GTX750 Ti
ViewSonic PJD7820HD
OS - Filesystem F2FS
Arch Linux
User avatar
Micro
Site Admin
 
Posts: 485
Joined: Tue Apr 24, 2012 1:16 pm
Age: 40
Operating System: Other Linux

Return to Server and Security

Who is online

Users browsing this forum: No registered users and 1 guest