BertrandGouny
commented
4 years ago Hello, The lastest release have been rebuild. The packages may have been updated. Could you please check and let me know ?
Thanks
Closed nota-ja closed 4 years ago
BertrandGouny
commented
4 years ago Hello, The lastest release have been rebuild. The packages may have been updated. Could you please check and let me know ?
Thanks
nota-ja
commented
4 years ago Thank you for the quick response. I'll check it.
nota-ja
commented
4 years ago $ docker exec -it phpldapadmin-service /bin/bash
root@phpldapadmin-service:/# php -v
PHP 7.3.11-1~deb10u1 (cli) (built: Oct 26 2019 14:14:18) ( NTS )
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.11, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.3.11-1~deb10u1, Copyright (c) 1999-2018, by Zend Technologies
root@phpldapadmin-service:/# /usr/sbin/php-fpm7.3 --version
PHP 7.3.11-1~deb10u1 (fpm-fcgi) (built: Oct 26 2019 14:14:18)
Copyright (c) 1997-2018 The PHP Group
Zend Engine v3.3.11, Copyright (c) 1998-2018 Zend Technologies
with Zend OPcache v7.3.11-1~deb10u1, Copyright (c) 1999-2018, by Zend TechnologiesIt seems OK. Thank you very much!
May I close this issue, or leave it you to do so?
BertrandGouny
commented
4 years ago thanks you can close the issue :)
nota-ja
commented
4 years ago OK, and Thank you.
CVE-2019-11043 has been released on 28 Oct. With the released document, it seems highly critical vulnerability.
As of my installation trial of today (2019-11-05), the latest (0.9.0) image of this repository seems using php / php-fpm version 7.3.9-1deb10u1, thus it is vulnerable to the CVE.
Do you have any plan to upgrade PHP and PHP-FPM in the near future?