ASA-202102-15 log generated external raw

[ASA-202102-15] php: denial of service
Arch Linux Security Advisory ASA-202102-15 ========================================== Severity: Medium Date : 2021-02-07 CVE-ID : CVE-2021-21702 Package : php Type : denial of service Remote : Yes Link : Summary ======= The package php before version 8.0.2-1 is vulnerable to denial of service. Resolution ========== Upgrade to 8.0.2-1. # pacman -Syu "php>=8.0.2-1" The problem has been fixed upstream in version 8.0.2. Workaround ========== None. Description =========== A security issue was found in PHP before versions 8.0.2, 7.4.15 and 7.3.27. PHP will crash with a SIGSEGV via null-pointer dereference whenever an XML is provided to the SoapClient query() function without an existing field. The issue is fixed in versions 8.0.2, 7.4.15 and 7.3.27. Impact ====== A remote attacker might be able to crash PHP via a specially crafted XML payload. References ==========;a=commitdiff;h=f733ee195462201b2cbd1d17df2f752ee88771ba;a=commitdiff;h=91655b45ea0a81f2d3003a7e6604e5f419d84df4;a=commitdiff;h=3c939e3f69955d087e0bb671868f7267dfb2a502