libapache2-mod-php7.0 - server-side, HTML-embedded scripting language (Apache 2 module)

Property Value
Distribution Debian 9 (Stretch)
Repository Debian Main i386
Package filename libapache2-mod-php7.0_7.0.33-0+deb9u3_i386.deb
Package name libapache2-mod-php7.0
Package version 7.0.33
Package release 0+deb9u3
Package architecture i386
Package type deb
Category devel::interpreter devel::runtime httpd implemented-in::c role::shared-lib suite::apache web::scripting
License -
Maintainer Debian PHP Maintainers <>
Download size 1.22 MB
Installed size 3.84 MB
This package provides the PHP module for the Apache 2 webserver (as
found in the apache2-mpm-prefork package).  Please note that this package
ONLY works with Apache's prefork MPM, as it is not compiled thread-safe.
The following extensions are built in: Core date filter hash libxml openssl
pcre Reflection session SPL standard zlib.
PHP (recursive acronym for PHP: Hypertext Preprocessor) is a widely-used
open source general-purpose scripting language that is especially suited
for web development and can be embedded into HTML.


Package Version Architecture Repository
libapache2-mod-php7.0_7.0.33-0+deb9u3_amd64.deb 7.0.33 amd64 Debian Main
libapache2-mod-php7.0 - - -


Name Value
apache2-api-20120211 -
apache2-bin >= 2.4.16
libc6 >= 2.15
libmagic1 -
libpcre3 >= 1:8.20
libssl1.1 >= 1.1.0
libxml2 >= 2.8.0
mime-support -
php7.0-cli -
php7.0-common = 7.0.33-0+deb9u3
php7.0-json -
php7.0-opcache -
tzdata -
ucf -
zlib1g >= 1:


Name Value
libapache2-mod-php -
phpapi-20151012 -


Type URL
Binary Package libapache2-mod-php7.0_7.0.33-0+deb9u3_i386.deb
Source Package php7.0

Install Howto

  1. Update the package index:
    # sudo apt-get update
  2. Install libapache2-mod-php7.0 deb package:
    # sudo apt-get install libapache2-mod-php7.0




2019-03-08 - Ondřej Surý <>
php7.0 (7.0.33-0+deb9u3) stretch-security; urgency=medium
* Pull security fixes from, a
shared effort by Remi Collet and Anatol Belski to keep up with
security issues in PHP 5.6.40 after EOL.
* Security Issues Fixed:
+ Core:
- Fixed bug #77630 (rename() across the device may allow unwanted access during processing).
- Fixed bug #77509 (Uninitialized read in exif_process_IFD_in_TIFF).
- Fixed bug #77540 (Invalid Read on exif_process_SOFn).
- Fixed bug #77563 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
- Fixed bug #77659 (Uninitialized read in exif_process_IFD_in_MAKERNOTE).
- Fixed bug #77396 (Null Pointer Dereference in phar_create_or_parse_filename).
- Fixed bug #77586 (phar_tar_writeheaders_int() buffer overflow).
+ SPL:
- Fixed bug #77431 (openFile() silently truncates after a null byte).
2019-02-26 - Moritz Mühlenhoff <>
php7.0 (7.0.33-0+deb9u2) stretch-security; urgency=medium
* CVE-2019-9020
* CVE-2019-9021
* CVE-2019-9022 (plus backport for CAA support)
* CVE-2019-9023
* CVE-2019-9024
2018-12-07 - Ondřej Surý <>
php7.0 (7.0.33-0+deb9u1) stretch-security; urgency=high
* New upstream version 7.0.33
* Fixed security bugs:
+ [CVE-2018-19518]: imap_open() function command injection
+ [CVE-2018-14851]: heap-buffer-overflow (READ of size 48) while
reading exif data
+ [CVE-2018-14883]: Int Overflow lead to Heap OverFlow in
exif_thumbnail_extract of exif.c
+ [CVE-2018-17082]: XSS due to the header Transfer-Encoding: chunked
2018-06-14 - Ondřej Surý <>
php7.0 (7.0.30-0+deb9u1) stretch-security; urgency=high
* New upstream version 7.0.30
* Fixed security bugs:
+ [CVE-2018-10549]: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value
+ [CVE-2018-10546]: stream filter convert.iconv leads to infinite loop on invalid sequence
+ [CVE-2018-10548]: Malicious LDAP-Server Response causes Crash
+ [CVE-2018-10547]: fix for CVE-2018-5712 may not be complete
+ [CVE-2018-10545]: Dumpable FPM child processes allow bypassing opcache access controls
+ [CVE-2018-7584]: stack-buffer-overflow while parsing HTTP response
* Regenerate patches for PHP 7.0.30
2018-01-05 - Ondřej Surý <>
php7.0 (7.0.27-0+deb9u1) stretch-security; urgency=high
* New upstream version 7.0.27
* Rebase patches on top of new upstream release
* Kill extra TAB character in the ini file that was causing insserv
* Add signature support to d/watch
* Add Ferenc Kovacs signing key to upstream GPG keyring
2017-05-11 - Ondřej Surý <>
php7.0 (7.0.19-1) unstable; urgency=medium
* New upstream version 7.0.19
* Remove OpenSSL 1.1.0 support patch; it was merged upstream
* Rebase patches on top of PHP 7.0.19
2017-05-08 - Ondřej Surý <>
php7.0 (7.0.18-3) unstable; urgency=medium
* php-fpm has to depend on procps due kill usage in systemd service file
(Closes: #861855)
* Regenerate d/control
* Do a fresh rewrap of debian/ directory
2017-04-19 - Ondřej Surý <>
php7.0 (7.0.18-2) unstable; urgency=medium
* Change Vcs-* URLs to
2017-04-11 - Ondřej Surý <>
php7.0 (7.0.18-1) unstable; urgency=medium
* New upstream version 7.0.18
* Rebase patches on top of PHP 7.0.18
2017-03-16 - Ondřej Surý <>
php7.0 (7.0.17-3) unstable; urgency=medium
* Update ac*.m4 for OpenSSL 1.1.0 support

See Also

Package Description
libapache2-mod-php_7.0+49_all.deb server-side, HTML-embedded scripting language (Apache 2 module) (default)
libapache2-mod-proxy-msrpc_0.6-1_i386.deb Apache module for Outlook Anywhere support in reverse proxy setups
libapache2-mod-proxy-uwsgi_2.0.14+20161117-3+deb9u2_i386.deb uwsgi proxy module for Apache2 (mod_uwsgi)
libapache2-mod-python-doc_3.3.1-11_all.deb Python-embedding module for Apache 2 - documentation
libapache2-mod-python_3.3.1-11_i386.deb Python-embedding module for Apache 2
libapache2-mod-qos_11.36-1_i386.deb quality of service module for the apache2
libapache2-mod-r-base_1.2.8-1+b1_i386.deb server-side R integration with Apache 2
libapache2-mod-removeip_1.0b-5.2_i386.deb Module to remove IP from apache2's logs
libapache2-mod-rivet-doc_2.3.3-1_all.deb Documentation for Rivet, a server-side Tcl programming system
libapache2-mod-rivet_2.3.3-1_i386.deb Server-side Tcl programming system combining ease of use and power
libapache2-mod-rpaf_0.6-13_i386.deb module for Apache2 which takes the last IP from the 'X-Forwarded-For' header
libapache2-mod-ruid2_0.9.8-3_i386.deb suexec module for Apache 2
libapache2-mod-ruwsgi_2.0.14+20161117-3+deb9u2_i386.deb uwsgi module for Apache2 (mod_Ruwsgi)
libapache2-mod-scgi_1.13-1.1_i386.deb Apache module implementing the SCGI protocol
libapache2-mod-security2_2.9.1-2_i386.deb Tighten web applications security for Apache