-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : php5 Version : 5.4.45-0+deb7u11 CVE ID : CVE-2017-12933
The finish_nested_data function in ext/standard/var_unserializer.re in PHP is prone to a buffer over-read while unserializing untrusted data. Exploitation of this issue can have an unspecified impact on the integrity of PHP. For Debian 7 "Wheezy", these problems have been fixed in version 5.4.45-0+deb7u11. We recommend that you upgrade your php5 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEjtbD+LrJ23/BMKhw+COicpiDyXwFAlmm3ucACgkQ+COicpiD yXxxAA/+N/tEpGzA7cf89Id0brrkNV0PT5whVC20F0k4ahpNE/+2Olv5DILpY3Tu t9hbQe81aPbRHO13SzU5LwUTd5wvH8H896/fOrzVvugpnNUpDmAAgIoWefmx9EPB km91JZTfw1+aejLfN6KtDk+ZGKI7ofhKQ2ktCdmRbp4KHiND3fFy5qxAvNFwChPl qaLBu1q/1zLnlrela7MeihimVzJCic2+imxMNB2p8JWchHDnGaDae0QUGoek4QG9 l5UFtRTki29jP+NNwe/uUTKdCWlBXD0Ma00OY3H3Ap0yUcZwKxWTGxzNZtDMvitV kfWUh/Ydb5eLPFcbQNAqplWvtBY4lazkgHbHtQMTRXqK/A21tnvxlZXxRJ2B8k21 JgwtpQ0/pjL6nSQ1e/a8M1Nu8mLllLtefhUIR8hUsSya11th4EOtJeFLd1AIkIPB EcEIuTeA/C1+eMfHet6xhdy1ExfI48Bg0l+bvtckF+jvcPnEANcJyrjqE4w3XBRF u7YJq8cy21WBGBdTIRpjiqMdBUF6JYXLHI5SOgnR/1tqzvUnVR2XLMCH55gKJAYk sC54rEtZypAZ6OnP45LkdF3QwLTs0137r6WgUOQiSDRYhw7yf5zq9eg9xSDNLcCf MoX3haz7eVTiA+w2lWIntlvmE5VaYdQNzkjyveXG40ARTHWDYq0= =xKov -----END PGP SIGNATURE-----
