-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5780-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 02, 2024 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : php8.2 CVE ID : CVE-2024-8925 CVE-2024-8926 CVE-2024-8927 Multiple security issues were found in PHP, a widely-used open source general purpose scripting language which could result in incorrect parsing of multipart/form-data, bypass of the cgi.force_direct directive or incorrect logging. For the stable distribution (bookworm), these problems have been fixed in version 8.2.24-1~deb12u1. We recommend that you upgrade your php8.2 packages. For the detailed security status of php8.2 please refer to its security tracker page at: https://security-tracker.debian.org/tracker/php8.2 Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmb9q3oACgkQEMKTtsN8 TjZ4oA/+Nl36uyLTq/85ouNISRwFOBJ66HUlPr/wkb8OQHNjHZiWFRfinFlR3nzw tIl8P8Te8NthAc/N8S87Qjq/mgtpSioVJyXQ+e+oILAubxP5BTwAMdiwPcBbeWdM KJNMNTWdgUJvt6ds8AZm2+Cvr/utWe6R0FzxKEiHDk5EhnYZxyrh9rPYAtzq12pa dBmy2d8PFMyCnBhdniK/vz6Icnx+qmRKChwau9YRXLh5gxxR19bTRw6yfq0xwtbG g3Cg/0XnsB03/5iKq4QS9bsP8q9rmqjb9E1DQNBxKyneCC7iDWOpQBo7UgPJKCyV Q+R4wu0s0I5Jz7aCMFq75FLjy1MwnhSxJ4hMPx+ouWj7J7hWGZxv+nVPzBHrB9N9 IGLeisKIMw6mH9H3rZlPZvUgirSJG/wmy5OkWgJA0hN85Xg0nheJ32ohvvvqDTdO +eV7w89eufOB+WehBCLKCtHYtMpQ8f3FVunGKW2xZO811p3+dqgYmb8FmBb53il/ Wt7C/RLq2H+QuMjUcQZyHKJyKMmFnd4vW8Z7Jy6uJrFt/WqzvwBv56g3sZ5r+Yob HSNuiz6h//WOG+VzKNYvuPVpQzC+KEMSFdi8CE2ldG1OAdCv+rheUj5PxkcwwPnM OjS/JPu+5jwg6Nt59w0HiSIJBIyHjfOG+/O+F8AD1khUIFRi5CM= =f6sC -----END PGP SIGNATURE-----