Debian DSA-5425-1 : php8.2 - security update

high Nessus Plugin ID 177294

Synopsis

The remote Debian host is missing a security-related update.

Description

The remote Debian 12 host has packages installed that are affected by a vulnerability as referenced in the dsa-5425 advisory.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade the php8.2 packages.

For the stable distribution (bookworm), this problem has been fixed in version 8.2.7-1~deb12u1.

See Also

https://security-tracker.debian.org/tracker/source-package/php8.2

https://www.debian.org/security/2023/dsa-5425

https://packages.debian.org/source/bookworm/php8.2

Plugin Details

Severity: High

ID: 177294

File Name: debian_DSA-5425.nasl

Version: 1.0

Type: local

Agent: unix

Published: 6/14/2023

Updated: 6/14/2023

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:php8.2-cgi, p-cpe:/a:debian:debian_linux:php8.2-phpdbg, p-cpe:/a:debian:debian_linux:php8.2-enchant, p-cpe:/a:debian:debian_linux:php8.2-sqlite3, p-cpe:/a:debian:debian_linux:php8.2-tidy, p-cpe:/a:debian:debian_linux:php8.2-curl, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:php8.2-common, p-cpe:/a:debian:debian_linux:php8.2-readline, p-cpe:/a:debian:debian_linux:php8.2-pgsql, p-cpe:/a:debian:debian_linux:php8.2-bz2, p-cpe:/a:debian:debian_linux:libphp8.2-embed, p-cpe:/a:debian:debian_linux:php8.2-mbstring, p-cpe:/a:debian:debian_linux:php8.2-sybase, p-cpe:/a:debian:debian_linux:php8.2-xml, p-cpe:/a:debian:debian_linux:php8.2-fpm, p-cpe:/a:debian:debian_linux:libapache2-mod-php8.2, p-cpe:/a:debian:debian_linux:php8.2-intl, p-cpe:/a:debian:debian_linux:php8.2, p-cpe:/a:debian:debian_linux:php8.2-gd, p-cpe:/a:debian:debian_linux:php8.2-interbase, p-cpe:/a:debian:debian_linux:php8.2-bcmath, p-cpe:/a:debian:debian_linux:php8.2-xsl, p-cpe:/a:debian:debian_linux:php8.2-zip, p-cpe:/a:debian:debian_linux:php8.2-cli, p-cpe:/a:debian:debian_linux:php8.2-odbc, p-cpe:/a:debian:debian_linux:php8.2-imap, p-cpe:/a:debian:debian_linux:php8.2-opcache, p-cpe:/a:debian:debian_linux:php8.2-pspell, p-cpe:/a:debian:debian_linux:php8.2-soap, p-cpe:/a:debian:debian_linux:php8.2-snmp, p-cpe:/a:debian:debian_linux:php8.2-dev, p-cpe:/a:debian:debian_linux:php8.2-gmp, p-cpe:/a:debian:debian_linux:php8.2-dba, p-cpe:/a:debian:debian_linux:php8.2-ldap, p-cpe:/a:debian:debian_linux:php8.2-mysql

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 6/13/2023

Vulnerability Publication Date: 6/13/2023