Two updates in one blogpost. Just to save me some time I’m mentioning these together.
The PHP update is a security update and a bug fix release. The security issues in question are: CVE-2013-1643 and CVE-2013-1635. Read the ChangeLog for all the information.
Apache is updated due to a security issue and I’m advising you to upgrade. I’ve tried it on my test servers without any problem. The security issues in question were:
- SECURITY: CVE-2012-3499 Various XSS flaws due to unescaped hostnames and URIs HTML output in mod_info, mod_status, mod_imagemap, mod_ldap, and mod_proxy_ftp.
- SECURITY: CVE-2012-4558 XSS in mod_proxy_balancer manager interface.