-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : php5 Version : 5.4.45-0+deb7u13 CVE ID : CVE-2018-7584
Wei Lei and Liu Yang of Nanyang Technological University discovered a stack-based buffer overflow in PHP5 when parsing a malformed HTTP response which can be exploited to cause a denial-of-service. For Debian 7 "Wheezy", these problems have been fixed in version 5.4.45-0+deb7u13. We recommend that you upgrade your php5 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlq9UWZfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQACgkQ2a0UuVE7 UeSouBAAuhjcbKP60d5VhMe9+ECa9FoncMBgqaY3cp/AEazTCmG4MuCapkP23VCX zY05/07j8qkVZalSoDsODUjl/LJhXZlZ4XVrkvy684/VIxnl9SgDA9CP0OPa6UCl fJ66EIo9Mj9HgtzKfflg79QDbkjdrg5Y+1uwWtia9o+3MSPWPazH3/nbMJzJvIbn 8QMz+jcmyl40RnztBH5+qBOb/iWn5ACkSMw7cBBpTvL7NsxwX7/msqPHrNfQ/ALM FzMBy0Qzg39vlIkHvuqA9dnM+Jpq3VSl4+t9KUXN7AivWzn++JNGLuaBo3BmEMo9 2FyJwP5AEhUm8djQqUdGeLFLrexRSzRfVl54FGea68lrr3RJtnuVVECK+6vfqOPu 8EKHrl8XxRMFrky7yAJzaVPydJMgVmFgL+TUp4hsWVCXXYuWSzlWeaoGew3Ahp7x 9HIlnKEpq9Gur5wLGBp1AEVoyCjCN8yMj0M35KT9eLwKmu4bWQPs08Y8h7Vr727W 7z3dBbdCapjXQz1Uy9F3Z9MZ/vD45uLZiQW570g0NJw+jwELJzIYAMHZzf+63n1v /YrmogdQ4WNFOzkmSzo1TSkHykLbfnxbFJQKt4/6mnSgdQoXhaDGFP4bpcqgHhjh PQf2tdgPXmGv1dVCM7OCkWB/JGPMeeQPB+K6U/BhhMeJprkZ+Zg= =7vXc -----END PGP SIGNATURE-----
