[pkg-php-pear] Bug#1002728: php-illuminate-validation: Failure to block the upload of executable PHP content
robin at rgson.se
Tue Dec 28 12:14:34 GMT 2021
Tags: upstream security
X-Debbugs-Cc: Debian Security Team <team at security.debian.org>
A security issue (CVE-2021-43617) has been published regarding the
failure to block uploads containing exectuable PHP content in the form
of .phar files.
The issue has been fixed upstream in versions 6.20.41 and 8.73.0.
More information about the pkg-php-pear