14 DAY TRIAL // On July 16, Canonical published details about PHP vulnerabilities for its Ubuntu 13.04, Ubuntu 12.10, Ubuntu 12.04 LTS, and Ubuntu 10.04 LTS operating systems.
According to Canonical, several security issues have been fixed in PHP.
It has been discovered that PHP incorrectly handled the xml_parse_into_struct function. If a PHP application parsed untrusted XML, an attacker could use this flaw with a specially-crafted XML document to cause PHP to crash, resulting in a denial of service, or to possibly execute arbitrary code.
For a more detailed description of the security problems, you can visit Canonical's security notification.
Users can simply fix the security flaws by upgrading the operating systems to the latest php5-cli, php5-cgi, and libapache2-mod-php5 package, specific to each distribution.
A normal system update, executed with the Update Manager, will implement all the necessary changes. A complete Swift restart is necessary.