USN-6671-1: php-nyholm-psr7 vulnerability
29 February 2024
An header injection issue was fixed in php-nyholm-psr7.
Releases
Packages
- php-nyholm-psr7 - A super lightweight PSR-7 implementation
Details
It was discovered that php-nyholm-psr7 incorrectly parsed HTTP
headers. A remote attacker could possibly use this issue to perform
an HTTP header injection attack.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04
-
php-nyholm-psr7
-
1.5.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.