ELA-204-1 php5 security update

issues in several modules

2019-12-30
Packagephp5
Version5.4.45-0+deb7u26
Related CVEs CVE-2019-11045 CVE-2019-11046 CVE-2019-11047 CVE-2019-11050


Several security bugs have been identified and fixed in php5, a server-side, HTML-embedded scripting language. The affected components include the exif module and handling of filenames with \0 embedded.



For Debian 7 Wheezy, these problems have been fixed in version 5.4.45-0+deb7u26.

We recommend that you upgrade your php5 packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.