Two vulnerabilities were found in PHP, a widely-used open source general
purpose scripting language.
CVE-2019-11039
An integer underflow in the iconv module could be exploited to trigger
an out of bounds read.
CVE-2019-11040
A heap buffer overflow was discovered in the EXIF parsing code.
For Debian 8 "Jessie", these problems have been fixed in version
5.6.40+dfsg-0+deb8u4.
