|Related CVEs||CVE-2018-14851 CVE-2018-14883|
Two vulnerabilities have been discovered in php5, a server-side, HTML-embedded scripting language. One (CVE-2018-14851) results in a potential denial of service (out-of-bounds read and application crash) via a crafted JPEG file. The other (CVE-2018-14883) is an Integer Overflow that leads to a heap-based buffer over-read.
For Debian 7 Wheezy, these problems have been fixed in version 5.4.45-0+deb7u15.
We recommend that you upgrade your php5 packages.
Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/