UbuntuUpdates.org

Package "php7.4"

Name: php7.4

Description:

server-side, HTML-embedded scripting language (metapackage)

Latest version: 7.4.3-4ubuntu2.24
Release: focal (20.04)
Level: security
Repository: main
Homepage: http://www.php.net/

Links


Download "php7.4"


Other versions of "php7.4" in Focal

Repository Area Version
base universe 7.4.3-4ubuntu1
base main 7.4.3-4ubuntu1
security universe 7.4.3-4ubuntu2.24
updates universe 7.4.3-4ubuntu2.24
updates main 7.4.3-4ubuntu2.24

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 7.4.3-4ubuntu2.18 2023-02-28 16:09:46 UTC

  php7.4 (7.4.3-4ubuntu2.18) focal-security; urgency=medium

  * SECURITY UPDATE: password_verify() accepts invalid Blowfish hashes
    - debian/patches/CVE-2023-0567-1.patch: fix validation of malformed
      BCrypt hashes in ext/standard/crypt_blowfish.c,
      ext/standard/tests/crypt/bcrypt_salt_dollar.phpt.
    - debian/patches/CVE-2023-0567-2.patch: fix possible buffer overread in
      php_crypt() in ext/standard/crypt.c,
      ext/standard/tests/password/password_bcrypt_short.phpt.
    - CVE-2023-0567
  * SECURITY UPDATE: off-by-one in core path resolution function
    - debian/patches/CVE-2023-0568.patch: fix array overrun when appending
      slash to paths in ext/dom/document.c, ext/xmlreader/php_xmlreader.c,
      main/fopen_wrappers.c.
    - CVE-2023-0568
  * SECURITY UPDATE: DoS via excessive number of parts in HTTP form upload
    - debian/patches/CVE-2023-0662-1.patch: introduce
      max_multipart_body_parts INI in main/main.c, main/rfc1867.c.
    - debian/patches/CVE-2023-0662-2.patch: fix repeated warning for file
      uploads limit exceeding in main/rfc1867.c.
    - CVE-2023-0662

 -- Marc Deslauriers <email address hidden> Thu, 23 Feb 2023 07:43:23 -0500

Source diff to previous version
CVE-2023-0567 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3 ...
CVE-2023-0568 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolv
CVE-2023-0662 In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, excessive number of parts in HTTP form upload can cause high resource consump

Version: 7.4.3-4ubuntu2.17 2023-01-23 15:07:17 UTC

  php7.4 (7.4.3-4ubuntu2.17) focal-security; urgency=medium

  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2022-31631.patch: fix check
      unquotedlen size in ext/pdo_sqlite/sqlite_driver.c.
    - CVE-2022-31631

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 10 Jan 2023 12:37:44 -0300

Source diff to previous version

Version: 7.4.3-4ubuntu2.15 2022-11-08 17:07:30 UTC

  php7.4 (7.4.3-4ubuntu2.15) focal-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2022-31628-1.patch: adding a recursion limit
      in ext/phar/phar.c, ext/phar/tests/bug81726.phpt.
    - debian/source/include-binaries: add ext/phar/tests/bug81726.gz.
    - debian/patches/CVE-2022-31628-2.patch: avoid a second check in
      ext/phar/phar.c.
    - CVE-2022-31628
  * SECURITY UPDATE: Cookie injection
    - debian/patches/CVE-2022-31629.patch: don't mangle HTTP
      variable names that clash with ones that have a specific semantic
      meaning in ext/standard/test/bug81727.phpt,
      main/php_variables.c.
    - CVE-2022-31629
  * SECURITY UPDATE: Out of bounds read
    - debian/patches/CVE-2022-31630.patch: adds validation in
      imageloadfont() for OOB in ext/gd/gd.c, ext/gd/tests/bug81739.phpt.
    - CVE-2022-31630
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2022-37454.patch: fixes buffer overflow in
      hash_update() on long parameter in
      ext/hash/sha3/generic32lc/KeccakSponge.inc,
      ext/hash/sha3/generic64lc/KeccakSponge.inc.
    - CVE-2022-37454

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 02 Nov 2022 06:53:44 -0300

Source diff to previous version
CVE-2022-31628 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini
CVE-2022-31629 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the
CVE-2022-37454 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute

Version: 7.4.3-4ubuntu2.12 2022-06-15 13:06:27 UTC

  php7.4 (7.4.3-4ubuntu2.12) focal-security; urgency=medium

  * SECURITY UPDATE: RCE via Uninitialized array in pg_query_params()
    - debian/patches/CVE-2022-31625.patch: don't free parameters which
      haven't initialized yet in ext/pgsql/pgsql.c,
      ext/pgsql/tests/bug81720.phpt.
    - CVE-2022-31625
  * SECURITY UPDATE: RCE via mysqlnd/pdo password buffer overflow
    - debian/patches/CVE-20022-31626.patch: properly calculate size in
      ext/mysqlnd/mysqlnd_wireprotocol.c.
    - CVE-2022-31626

 -- Marc Deslauriers <email address hidden> Mon, 13 Jun 2022 09:43:30 -0400

Source diff to previous version

Version: 7.4.3-4ubuntu2.10 2022-03-03 15:07:15 UTC

  php7.4 (7.4.3-4ubuntu2.10) focal-security; urgency=medium

  * SECURITY UPDATE: DoS in zend_string_extend function
    - debian/patches/CVE-2017-8923.patch: fix integer Overflow when
      concatenating strings in Zend/zend_vm_def.h, Zend/zend_vm_execute.h.
    - CVE-2017-8923
  * SECURITY UPDATE: out of bounds access in php_pcre_replace_impl
    - debian/patches/CVE-2017-9118-pre1.patch: fix heap buffer overflow via
      str_repeat in Zend/zend_operators.c, Zend/zend_string.h.
    - debian/patches/CVE-2017-9118-pre2.patch: fix memory corruption in
      preg_replace/preg_replace_callback in ext/pcre/php_pcre.c,
      ext/pcre/tests/bug79188.phpt.
    - debian/patches/CVE-2017-9118-pre3.patch: fix too much memory is
      allocated for preg_replace() in ext/pcre/php_pcre.c,
      ext/pcre/tests/bug81243.phpt.
    - debian/patches/CVE-2017-9118.patch: fix out of bounds in
      php_pcre_replace_impl in Zend/zend_string.h, ext/pcre/php_pcre.c.
    - CVE-2017-9118
  * SECURITY UPDATE: DoS via memory consumption in i_zval_ptr_dtor
    - debian/patches/CVE-2017-9119.patch: handle memory limit error during
      string reallocation correctly in Zend/zend_string.h.
    - CVE-2017-9119
  * SECURITY UPDATE: DoS via integer overflow in mysqli_real_escape_string
    - debian/patches/CVE-2017-9120.patch: fix overflow in
      ext/mysqli/mysqli_api.c.
    - CVE-2017-9120
  * SECURITY UPDATE: filename truncation issue in XML parsing functions
    - debian/patches/CVE-2021-21707.patch: special character is breaking
      the path in xml function in ext/dom/domimplementation.c,
      ext/dom/tests/bug79971_2.phpt, ext/libxml/libxml.c,
      ext/simplexml/tests/bug79971_1.phpt,
      ext/simplexml/tests/bug79971_1.xml.
    - CVE-2021-21707

 -- Marc Deslauriers <email address hidden> Wed, 02 Mar 2022 10:36:52 -0500

CVE-2017-8923 The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative lengt
CVE-2017-9118 PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call.
CVE-2017-9119 The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application
CVE-2017-9120 PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other
CVE-2021-21707 In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode



About   -   Send Feedback to @ubuntu_updates