PHP Exploit Fixed in Ubuntu 12.04 LTS

Users have been urged to upgrade as quickly as possible

On January 22, Canonical published, in a security notice, details about an AppArmor update for its Ubuntu 12.04 LTS (Precise Pangolin) operating system.

According to Canonical, PHP could be made to expose sensitive information over the network.

It was discovered that PHP incorrectly handled the openssl_encrypt function when used with an empty string. An attacker could have used this flaw to cause PHP to disclose arbitrary memory contents and possibly expose sensitive information.

For a more detailed description of the security problems, you can visit Canonical's security notification.

Users can simply fix the security flaws by upgrading the operating systems to the latest php5 specific to each distribution.

A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete system restart is not necessary.

Hot right now  ·  Latest news