USN-5902-1: PHP vulnerabilities

Read Time:30 Second

It was discovered that PHP incorrectly handled certain invalid Blowfish
password hashes. An invalid password hash could possibly allow applications
to accept any password as valid, contrary to expectations. (CVE-2023-0567)

It was discovered that PHP incorrectly handled resolving long paths. A
remote attacker could possibly use this issue to obtain or modify sensitive
information. (CVE-2023-0568)

It was discovered that PHP incorrectly handled a large number of parts in
HTTP form uploads. A remote attacker could possibly use this issue to cause
PHP to consume resources, leading to a denial of service. (CVE-2023-0662)

Smashing Security podcast #413: Hacking the hackers… with a credit card?

CVE Program Almost Unfunded

Hertz Data Breach Exposes Customer Information in Cleo Zero-Day Attack

China-Backed Hackers Exploit BRICKSTORM Backdoor to Spy on European Businesses

92% of Mobile Apps Found to Use Insecure Cryptographic Methods

Insurance firm Lemonade warns of breach of thousands of driving license numbers

Scalper Bots Fueling DVSA Driving Test Black Market

Chaos Reins as MITRE Set to Cease CVE and CWE Operations

Chaos Reigns as MITRE Set to Cease CVE and CWE Operations

GitPython-3.1.18-3.el8

LSN-0111-1: Kernel Live Patch Security Notice

golang-github-openprinting-ipp-usb-0.9.30-4.fc40

mingw-libsoup-2.74.3-11.fc41

mingw-libsoup-2.74.3-11.fc42

mingw-libsoup-2.74.3-11.fc40