You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa php7.2

Sigurnosni nedostatak programskog paketa php7.2

by Marina Dimic Vugec - 0
  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-3702-1
July 04, 2018

php7.2 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 18.04 LTS

Summary:

PHP could be made to crash or run programs if it opened a specially crafted
file.

Software Description:
– php7.2: HTML-embedded scripting language interpreter

Details:

It was discovered that PHP incorrectly handled exif tags in certain images.
A remote attacker could use this issue to cause PHP to crash, resulting in
a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 18.04 LTS:
libapache2-mod-php7.2 7.2.7-0ubuntu0.18.04.1
php7.2-cgi 7.2.7-0ubuntu0.18.04.1
php7.2-cli 7.2.7-0ubuntu0.18.04.1
php7.2-fpm 7.2.7-0ubuntu0.18.04.1

This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.

References:
https://usn.ubuntu.com/usn/usn-3702-1
CVE-2018-12882

Package Information:
https://launchpad.net/ubuntu/+source/php7.2/7.2.7-0ubuntu0.18.04.1

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAls80kcACgkQZWnYVadE
vpMn4w/8DUZjxD94L5i/EPNBqz9E9FlKXW5MKqkyyksi9r7CdZDOcTKQc8KshmFa
GfmIVdtGGnShbvOkFXVgXOdQWGBdqnQrZt0RYdaQa6YFBTR3io11dGG4SmHMc42a
IVNgfoWodaL47U7o3Pjf0YrWFIAbmqLFHEwnDqTkGhY4sVxQDHRT4U27UEmSxxcr
wdgPbyac4UXevf0059mDGCVWFs5SXpSpItNeCZInGDQlMZWXo6xEBixjVn5sgJqz
8R7SfdKBGDzmzyPpf6YV1V0qd4swj86LNMKctAvpmRr/m/YB+WOB3ZotXwui1G+H
zQvAi1BLszkkw2brpDytv8oCGY62XfArwxMuFaGsbO8J+4qgKIJPyZzpuxv1n01u
5KvYskjoC/14raKIMiKSXZCY9UpXW8sEG7xjVRB0H6ja91PdYs81X2TZTgfDGjzo
pML8b1iEXRFpUiJnPS/FZTyy/64sWr4oT6U8WPyW2LgSSliHbTcaUibJhct/7Trn
FwyMDL+Vx0tJr5iCthuTB81Q42EZxGyQngo3dCAWZiAnfcQ8oUjsJPM96lb0v14c
mfKlH7ADY5WLWbotrjCYl+8o9PDaSIljkykO/oUQ5MtI16GIk1WSHjLkOvxbWjf6
7hk2+9UWCSOQ0LvmXyi78ICBHMYiiL9JOO+Eye2qBT620XdQF8Q=
=Og17
—–END PGP SIGNATURE—–

AutorVlatka Misic
Cert idNCERT-REF-2018-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Marina Dimic Vugec
Top
More in Preporuke
Sigurnosni nedostaci jezgre operacijskog sustava

Otkriveni su sigurnosni nedostaci jezgre operacijskog sustava Ubuntu. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja ili otkrivanje osjetljivih informacija....

Close