USN-7049-3: PHP vulnerabilities

Read Time:27 Second

USN-7049-1 fixed vulnerabilities in PHP. This update
provides the corresponding updates for Ubuntu 14.04 LTS.

Original advisory details:

It was discovered that PHP incorrectly handled parsing multipart form
data.A remote attacker could possibly use this issue to inject payloads
and cause PHP to ignore legitimate data. (CVE-2024-8925)

It was discovered that PHP incorrectly handled the cgi.force_redirect
configuration option due to environment variable collisions. In certain
configurations, an attacker could possibly use this issue bypass
force_redirect restrictions. (CVE-2024-8927)

Friday Squid Blogging: Live Colossal Squid Filmed

Midnight Blizzard Targets European Diplomats with Wine Tasting Phishing Lure

Age Verification Using Facial Scans

NTLM Hash Exploit Targets Poland and Romania Days After Patch

Senators Urge Cyber-Threat Sharing Law Extension Before Deadline

Identity Attacks Now Comprise a Third of Intrusions

Microsoft Thwarts $4bn in Fraud Attempts

CISA Throws Lifeline to CVE Program with Last-Minute Contract Extension

Network Edge Devices the Biggest Entry Point for Attacks on SMBs

icecat-115.22.0-2.rh1.fc42

icecat-115.22.0-2.rh1.fc40

icecat-115.22.0-2.rh1.fc41

mingw-LibRaw-0.21.4-1.fc41

mingw-LibRaw-0.21.4-1.fc40

mingw-LibRaw-0.21.4-1.fc42