USN-5300-3: PHP vulnerabilities

Read Time:33 Second

USN-5300-1 fixed vulnerabilities in PHP. This update provides the
corresponding updates for Ubuntu 21.10.

Original advisory details:

It was discovered that PHP incorrectly handled certain scripts.
An attacker could possibly use this issue to cause a denial of service.
(CVE-2015-9253, CVE-2017-8923, CVE-2017-9118, CVE-2017-9120)

It was discovered that PHP incorrectly handled certain inputs.
An attacker could possibly use this issue to cause a denial of service,
or possibly obtain sensitive information. (CVE-2017-9119)

It was discovered that PHP incorrectly handled certain scripts with XML
parsing functions.
An attacker could possibly use this issue to obtain sensitive information.
(CVE-2021-21707)

King Bob pleads guilty to Scattered Spider-linked cryptocurrency thefts from investors

DIRNSA Fired

Vodafone Urges UK Cybersecurity Policy Reforms as SME Cyber-Attack Costs Reach £3.4bn

Government Backs Britain’s First Cyber Seed Fund, Worth £50m

Aussie Pension Savers Hit with Wave of Credential Stuffing Attacks

Friday Squid Blogging: Two-Man Giant Squid

Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

Troy Hunt Gets Phished

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

php-tcpdf-6.9.1-1.fc40

php-tcpdf-6.9.1-1.fc42

php-tcpdf-6.9.1-1.fc41

perl-Crypt-URandom-Token-0.003-1.fc41 perl-DBIx-Class-EncodedColumn-0.11000-1.fc41

USN-7410-1: Tomcat vulnerability

USN-7417-1: libdbd-mysql-perl vulnerabilities