-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.2410
                          php7.0 security update
                               16 July 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           php7.0
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Provide Misleading Information  -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2021-21705 CVE-2021-21704 CVE-2021-21702
                   CVE-2020-7071 CVE-2019-18218 

Reference:         ESB-2021.2366
                   ESB-2021.2328
                   ESB-2021.2314
                   ESB-2021.0956

Original Bulletin: 
   https://lists.debian.org/debian-lts-announce/2021/07/msg00008.html

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2708-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                      Sylvain Beucler
July 15, 2021                                 https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : php7.0
Version        : 7.0.33-0+deb9u11
CVE ID         : CVE-2019-18218 CVE-2020-7071 CVE-2021-21702 CVE-2021-21704 
                 CVE-2021-21705
Debian Bug     : 942830 990575

Several vulnerabilities were discovered in php5, a server-side,
HTML-embedded scripting language. An attacker could cause denial of
service (DoS), memory corruption and potentially execution of
arbitrary code, and server-side request forgery (SSRF) bypass.

CVE-2019-18218

    fileinfo: cdf_read_property_info in cdf.c does not restrict the
    number of CDF_VECTOR elements, which allows a heap-based buffer
    overflow (4-byte out-of-bounds write).

CVE-2020-7071

    When validating URL with functions like filter_var($url,
    FILTER_VALIDATE_URL), PHP will accept an URL with invalid password
    as valid URL. This may lead to functions that rely on URL being
    valid to mis-parse the URL and produce wrong data as components of
    the URL.

CVE-2021-21702

    When using SOAP extension to connect to a SOAP server, a malicious
    SOAP server could return malformed XML data as a response that
    would cause PHP to access a null pointer and thus cause a crash.

CVE-2021-21704

    Multiple firebird issues.

CVE-2021-21705

    SSRF bypass in FILTER_VALIDATE_URL.

For Debian 9 stretch, these problems have been fixed in version
7.0.33-0+deb9u11.

We recommend that you upgrade your php7.0 packages.

For the detailed security status of php7.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/php7.0

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- -----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE1vEOfV7HXWKqBieIDTl9HeUlXjAFAmDwMQoACgkQDTl9HeUl
XjBOlg//YOQdGeU+Gw2PydOPIVG9S4i8bXlSZcyrcPIVbEH7UvteGuP3y58IfYcS
JBQ55PVYMP7IiPX6htXXso5UYYlb4pFCiQ9e8loysxv3okTow4ncRQtC3TLwcx1h
klK823/0+BaSAwMRExO2YDthIuRR8KBtxGl0O8wju02059ZgxuLPgUWO6LQdlXVi
/vEKvon8oQs7AuPrfiy55OPbnX0ptCrFPOHH676qGsIRMNNrjtpsTIuBQmlhFmQ9
pFwLRqgQhN94EsQKVvpV5pDz36UbSH2goD7Go89pC4gncoiWmW57QmoqWA9LwES0
Lu5FQwSwo/fRhJcQHTg9kDe4oWX8DDDgyAxfDGh3mhXN3aRIgL3q0ZQR7Lmr0LZk
7iS6A4RvE6hT/ngr9sgeI7KfQzAYfvo/rQyMdhQ/n9neT9i5H1+It0fm+p7jwwRZ
K1iD8fMJ5zjhJKqbiEUJiGXN5Vh7raAGATUpSwjaOdS1qIuSGk2JRUg86DOxLqFE
LoS5cjt0Op5UnrBD6ei1XYo1mchaaEv752UYTijW2DJQ39UeRHlIyes0iy8HDWpc
bKuZqUINXX/bZ8WkMXem4py/c2MkDxtbhkej60bzymB67XIfsvb/2rMiFVCDkyTu
9x8N6gPiWLQtbGBlJ8BTOpXimfgEaqZcNv/pdZWSs08K+tMjBYQ=
=pK6D
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYPDa9uNLKJtyKPYoAQjvGg/+PKzDmhBZZHApZuyizhYZp+vqtnBE53Vu
9tXLbjMiY8OuGDAnUC7ILcNG1Tw+XZmmSKFbU2ocdEOqMpLg+ky2V8qLv6FOJfHm
9URYgKwcSXUiNACMFfzMOkL+pmTB/zUcZ/dBjsOXBgN7zg33c164O26EzNxOQbWb
jBWl9m/fU5n4a9l8dr7kLJDwlZOOJ1mBlp6GO2gxu8yNxOK/4NXl3IOcgDydiWCC
TB57sQxdITtVx0oTdxIlrrx5wyJaPBnwiYaB2JFfzR/JC6dEqEPWJgFUCYPs3Wa6
ZGOdCVfuadfyP9BgWPi9JqxFaNlJZVkUW4F9Eu3mmoO8XiygBMRacFKEg+Pc8lub
/IzPHnl4g7LWq08VBA+rtPtg3fY4SsY73I1cFpjVW/EEraBm+4PDomoOJLT9Ztfb
KH1MecC4SdpKycI/ZxSe4Bg2MtFFDFXDrbbbd5aRvxbOMaXcP5JIwQV9LRQ0h8Jm
TNN/jWvXpEu8IuEgRTW358o7v1mQwNnxY8hEp+L+hOcfeGvLxv/uS4KTBu8kn0Pz
lhhpyJPRQok5Pa/7oix+GL6eVc4q7Ptxf14rl10XM9KQTzxrFdJ2i0xUchTVVruU
n7qpqb+Gn8YZnqLuyWQdg3lVh9aCojF/e+PrC/WCUkHdq/QlSeqfxUUx8HcfQsFp
Ic8Dn7zmAKA=
=OMUZ
-----END PGP SIGNATURE-----