Ops One AG platform status and maintenance announcements. Times are indicated in local Swiss time. https://opsone.ch/.

Monday 24th September 2018

Managed Server Version 5: php5 update, scheduled 5 years ago

A vulnerability has been discovered in php5, a server-side, HTML-embedded scripting language. The Apache2 component allows XSS via the body of a "Transfer-Encoding: chunked" request because of a defect in request handling.

php5-cli/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-common/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-curl/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-fpm/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-gd/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-mcrypt/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-mysql/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1] php5-readline/oldstable 5.6.38+dfsg-0+deb8u1 amd64 [upgradable from: 5.6.37+dfsg-0+deb8u1]