Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!Close

USN-5818-1: PHP vulnerability

23 January 2023

PHP could be made do crash or execute arbitrary code if it received a specially crafted input.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

Releases

Packages

  • php7.2 - HTML-embedded scripting language interpreter
  • php7.4 - HTML-embedded scripting language interpreter
  • php8.1 - HTML-embedded scripting language interpreter

Details

It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a crash or
execute arbitrary code.

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Learn more about Ubuntu Pro

References

Related notices

  • USN-5905-1: php7.0-mysql, php7.0-snmp, php7.0-interbase, php7.0-mbstring, php7.0-sqlite3, php7.0-tidy, php7.0-gmp, php7.0-pgsql, php7.0-zip, php7.0-cgi, php7.0-ldap, php7.0-dev, php7.0-curl, php7.0-readline, php7.0-cli, php7.0-odbc, php7.0-bz2, php7.0-pspell, php7.0-xml, php7.0-xmlrpc, php7.0-common, php7.0-phpdbg, php7.0-enchant, php7.0-imap, php7.0, php7.0-intl, php7.0-opcache, php7.0-gd, php7.0-xsl, php7.0-dba, php7.0-mcrypt, php7.0-soap, php7.0-bcmath, php7.0-fpm, php7.0-sybase, php7.0-recode, libphp7.0-embed, libapache2-mod-php7.0, php7.0-json