[CLSA-2023:1677784124] Fix CVE(s): CVE-2023-0662, CVE-2023-0568, CVE-2023-0567
Type:
security
Severity:
Critical
Release date:
2023-03-02 19:08:44 UTC
Description:
* SECURITY UPDATE: Invalid validation of BCrypt hashes - debian/patches/CVE-2023-0567.patch: Remove "PHP Hack" to fix validation of malformed BCrypt hashes - CVE-2023-0567 * SECURITY UPDATE: Unauthorized data access or modification - debian/patches/CVE-2023-0568.patch: Fix array overrun when appending slash to paths - CVE-2023-0568 * SECURITY UPDATE: DoS vulnerability when parsing multipart request body - debian/patches/CVE-2023-0662.patch: Introduce max_multipart_body_parts INI and fix repeated warning for file uploads limit exciding - CVE-2023-0662
Updated packages:
  • libapache2-mod-php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:eebebbccd68eac97121c3883fc313d10513ce41b
  • libphp7.0-embed_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:1d13f84ce44d69aeb03005898a033f146421af91
  • php7.0_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_all.deb
    sha:76df586899da8cc7011fac70bfceacaac67287b2
  • php7.0-bcmath_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:b78f91b032d265dbbed29492a707cfeecea1045e
  • php7.0-bz2_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:ef84946b1d3e159bb9cf2cfb462268b41afd1908
  • php7.0-cgi_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:ee03f0af4f13d3e03ddf98181146119910baed47
  • php7.0-cli_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:9734033af02d08b003c8e66922add08f3681e00a
  • php7.0-common_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:d71c88eb2b6cb67dc2470a30d9d526ca97a4837c
  • php7.0-curl_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:edda95e6d96781abf289715502603fc43da26f4b
  • php7.0-dba_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:7c26dab8c1883bbd0f3e69c422679088b29abec5
  • php7.0-dev_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:6c6b21207a759b1267f81240d4031a905f006181
  • php7.0-enchant_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:9daf66816c27d53f0e7224387746d0b9a7494ca6
  • php7.0-fpm_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:7a606be33bd5bd982355d3966299c5fa2c5b1c8f
  • php7.0-gd_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:c17ee75f8a7543688e2a128e515c4809e723c228
  • php7.0-gmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:072b1e33bebac09a8b459a86f6ae14463fc4f609
  • php7.0-imap_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:c7db31e184d73ca9674e0c783af5a91e575ce1e3
  • php7.0-interbase_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:32419ee4e9cecf93efc629fcd94d7f4c3ade330d
  • php7.0-intl_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:e5df2a9b852944dae739045a10876ed03e98ccf9
  • php7.0-json_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:08b6ed0ea6ff6cb927cb2ccd53c5fb1c314a9e89
  • php7.0-ldap_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:cfcdbd39c30b52adafb160f8e9dde125407db1b2
  • php7.0-mbstring_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:b79d900ead167da6ff8958ba9e182db36fb009b8
  • php7.0-mcrypt_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:8f53d26fafa3bf5a6c4db2dcee9e313dcd03ad94
  • php7.0-mysql_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:66e044ba55b23744993521544766ee663a828194
  • php7.0-odbc_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:d45f083edb94c4e60b75b1f0fd04828bd1c8e5b3
  • php7.0-opcache_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:e5c69ec0b82bad7145dc537df1c32f802ff8d6de
  • php7.0-pgsql_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:511e72d73514a2f948e3c8d4c959f1080cb548d2
  • php7.0-phpdbg_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:e6783c54653b85c1a6db3b617b63bbb51051b4b5
  • php7.0-pspell_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:f375f53370b3994ce4f8f6c33627a487aa807107
  • php7.0-readline_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:c9dea0026ddf0ec006fd675698fb824d70656ce8
  • php7.0-recode_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:61c8d5f48dea234dd4c56d06eb99d2b9370ebd9e
  • php7.0-snmp_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:9b9242a87b713eba5b7d9167ff6efc486e94e81a
  • php7.0-soap_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:2a6a15ce0cc56f5c0bdc0f81bb3bc0318eeed990
  • php7.0-sqlite3_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:d662f988aca76bfbf7d9d8d91b1046b5847d0b42
  • php7.0-sybase_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:031604cde808b6a0db3c5ad1bd7c7dcf2a97ed6d
  • php7.0-tidy_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:38721ffb3cf6dbdd8b0aefa0e18a2ab8c1af63df
  • php7.0-xml_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:6f6a65d0423a905135a049c8ea758fca3f31dab6
  • php7.0-xmlrpc_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:e7658e499600add9e4bdb46eccc2f95f684435f7
  • php7.0-xsl_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_all.deb
    sha:89d7db0c8984f9d52f69308032407453abbc2cee
  • php7.0-zip_7.0.33-0ubuntu0.16.04.17+tuxcare.els4_amd64.deb
    sha:3fb253d1c8d37962afcf8a8c638a3cea6bc86061
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.