| Package | php5 |
|---|---|
| Version | 5.4.45-0+deb7u23 |
| Related CVEs | CVE-2019-11039 CVE-2019-11040 |
Two vulnerabilities were found in PHP, a widely-used open source general purpose scripting language.
CVE-2019-11039
An integer underflow in the iconv module could be exploited to trigger
an out of bounds read.
CVE-2019-11040
A heap buffer overflow was discovered in the EXIF parsing code.
For Debian 7 Wheezy, these problems have been fixed in version 5.4.45-0+deb7u23.
We recommend that you upgrade your php5 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.