ELA-777-1 php5 security update

multiple vulnerabilities

2023-01-24
Packagephp5
Version5.6.40+dfsg-0+deb8u16 (jessie)
Related CVEs CVE-2021-21707 CVE-2022-31625 CVE-2022-31626 CVE-2022-31628 CVE-2022-31629


Multiple security issues were discovered in PHP, a widely-used open source general purpose scripting language which could result in denial of service, information disclosure, insecure cookie handling or potentially the execution of arbitrary code.



For Debian 8 jessie, these problems have been fixed in version 5.6.40+dfsg-0+deb8u16.

We recommend that you upgrade your php5 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.