Bugs fixes in "php7.4"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2022-4900 | A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. | 2024-05-02 |
| CVE | CVE-2024-3096 | In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00 | 2024-05-02 |
| CVE | CVE-2024-2756 | Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard in | 2024-05-02 |
| CVE | CVE-2022-4900 | A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow. | 2024-05-02 |
| Launchpad | 2057576 | php-fpm sometimes SIGSEGVs (signal 11) when running fpm_get_status | 2024-04-26 |
| Launchpad | 2057576 | php-fpm sometimes SIGSEGVs (signal 11) when running fpm_get_status | 2024-04-26 |
| CVE | CVE-2023-3824 | In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insuf | 2024-02-27 |
| CVE | CVE-2023-3823 | In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configura | 2024-02-27 |
| CVE | CVE-2023-3824 | In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insuf | 2024-02-27 |
| CVE | CVE-2023-3823 | In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configura | 2024-02-27 |
| CVE | CVE-2023-3824 | In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insuf | 2024-02-27 |
| CVE | CVE-2023-3823 | In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configura | 2024-02-27 |
| CVE | CVE-2023-3824 | In PHP version 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8, when loading phar file, while reading PHAR directory entries, insuf | 2024-02-27 |
| CVE | CVE-2023-3823 | In PHP versions 8.0.* before 8.0.30, 8.1.* before 8.1.22, and 8.2.* before 8.2.8 various XML functions rely on libxml global state to track configura | 2024-02-27 |
| CVE | CVE-2023-3247 | GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP | 2023-07-03 |
| CVE | CVE-2023-3247 | GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP | 2023-07-03 |
| CVE | CVE-2023-3247 | GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP | 2023-07-03 |
| CVE | CVE-2023-3247 | GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP | 2023-07-03 |
| CVE | CVE-2023-0662 | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consump | 2023-02-28 |
| CVE | CVE-2023-0568 | In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolv | 2023-02-28 |
About
-
Send Feedback to @ubuntu_updates
