Debian Bug report logs -
#1031368
php82: CVE-2023-0567 CVE-2023-0568 CVE-2023-0662
Package:
src:php82;
Maintainer for src:php82 is Debian PHP Maintainers <team+pkg-php@trackerdebianorg>;
Reported by: Salvatore Bonaccorso <carnil@debianorg>
Date: Wed, 15 Feb 2023 21:30:02 UTC
Severity: grave
Tags: security, upst ...
Synopsis
Important: php security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for php is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as having a security ...
Synopsis
Important: php:80 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the php:80 module is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update a ...
Synopsis
Moderate: php:81 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for the php:81 module is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as ...
Multiple security issues were found in PHP, a widely-used open source
general purpose scripting language which could result in denial of
service or incorrect validation of BCrypt hashes
For the stable distribution (bullseye), these problems have been fixed in
version 7433-1+deb11u3
We recommend that you upgrade your php74 packages
For the det ...
DescriptionThe MITRE CVE dictionary describes this issue as: In PHP 80X before 8028, 81X before 8116 and 82X before 823, password_verify() function may accept some invalid Blowfish hashes as valid If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid ...
In PHP 80X before 8028, 81X before 8116 and 82X before 823, password_verify() function may accept some invalid Blowfish hashes as valid If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid (CVE-2023-0567)
In PHP 80X before 8028, 81X before 8116 ...
In PHP 80X before 8028, 81X before 8116 and 82X before 823, password_verify() function may accept some invalid Blowfish hashes as valid If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid (CVE-2023-0567)
In PHP 80X before 8028, 81X before 8116 ...
In PHP 80X before 8028, 81X before 8116 and 82X before 823, password_verify() function may accept some invalid Blowfish hashes as valid If such invalid hash ever ends up in the password database, it may lead to an application allowing any password for this entry as valid (CVE-2023-0567)
In PHP 80X before 8028, 81X before 8116 ...