Multiple PHP vulnerabilities


Severity

Medium

Description

CVEs contained in this USN include: CVE-2014-9912, CVE-2016-10158, CVE-2016-10159, CVE-2016-10160, CVE-2016-10161, CVE-2016-7478, CVE-2016-7479, CVE-2016-9137, CVE-2016-9934, CVE-2016-9935

Affected Pivotal Products and Versions
  • Cloud Foundry PHP buildpack versions prior to 4.3.29
  • Note: The PHP buildpack is patched from upstream PHP source
Mitigation

Users of affected versions should apply the following mitigation:

  • Upgrade the PHP Buildpack to v4.3.29 or later [1] and restage all applications that use automated buildpack detection
References