-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Package : php5 Version : 5.6.40+dfsg-0+deb8u9 CVE ID : CVE-2020-7059 CVE-2020-7060
Two issues have been found in php5, a server-side, HTML-embedded scripting language. Both issues are related to crafted data that could lead to reading after an allocated buffer and result in information disclosure or crash.
For Debian 8 "Jessie", these problems have been fixed in version 5.6.40+dfsg-0+deb8u9. We recommend that you upgrade your php5 packages. Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: https://wiki.debian.org/LTS -----BEGIN PGP SIGNATURE----- iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAl5ZkwhfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7 WEcXeA//ZyVc5ZUBy44U+WKJYrOqGPDmbJQX9VWsDg1+UmS6T+59RXoI/jBt3XQj bfcoekeglrSjHLpQjU1d+zs6DL8PQrLXDGYNFKEqFDz9fmJmrMF3shii3UCusqlB sENpgqmStWniUjgamEjIYade1sTshshExxUPkRdkdsCZS+Glormrk8JmUe54JSJO 7kCnVBN1w8ODD20Wi0b7vyyFcnn3W7kcJGeh8JA4Nr6BPGu7KkQCTouDOkvpkwKA mEgbOa+EJO5Xe0Yj1740brLlkW0jk8BI2ftvEc/nPSAuphMXspUT7k4XQYxvqM6t +wnXpiJDPuO4C1wJR2DKleAH2aRnVTwZ5gxOOwt6Xeb96VQkPvUmXhxNFcF2NrAv lVXDv8fZcRVGq3ASAMigMcRDaQWu870x/Cd4CVLeDZyr3BcRy6Fvw4cX6+Id78xG GoHgLzMtCBXCtDd/Wx+mZoGHtkgJk5Lw+Iu9sO7uEMwa8RTpU7qktEveK8cSKHGD qqt3N7MiwuHw3aqJnGq3Ni1MQrbxJyP41eCnQtGrLOOydKghs1MV4m2P2lfdNdB4 hGvoDslKEn/h4MsDfZDJn+77w7tMY7U2u9Kr3Dq/WfUhw2xW+Mb3XVQTtpLoxO/X pZDlypjoHFIg4bUDDogsW6yf96QvY/W9jIcCyq0LkJjczbiG1xY= =x1Ky -----END PGP SIGNATURE-----
