UbuntuUpdates.org

Package "libphp7.4-embed"

Name: libphp7.4-embed

Description:

HTML-embedded scripting language (Embedded SAPI library)
Latest version: 7.4.3-4ubuntu2.29
Release: focal (20.04)
Level: security
Repository: universe
Head package: php7.4
Homepage: http://www.php.net/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "libphp7.4-embed"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "libphp7.4-embed" in Focal

Repository Area Version
base universe 7.4.3-4ubuntu1
updates universe 7.4.3-4ubuntu2.29

Changelog

Version: 7.4.3-4ubuntu2.29 2025-03-31 23:07:14 UTC

  php7.4 (7.4.3-4ubuntu2.29) focal-security; urgency=medium

  * SECURITY UPDATE: Use after free
    - debian/patches/CVE-2024-11235.patch: fix incorrect live-range
      calculation in Zend/zend_opcode.c and add tests in
      Zend/tests/ghsa-rwp7-7vc6-8477_001.phpt,
      Zend/tests/ghsa-rwp7-7vc6-8477_002.phpt,
      Zend/tests/ghsa-rwp7-7vc6-8477_003.phpt.
    - CVE-2024-11235
  * SECURITY UPDATE: Incorrect MIME type
    - debian/patches/CVE-2025-1217-*.patch: adds HTTP header folding
      support for HTTP wrapper response headers in
      ext/standard/http_fopen_wrapper.c and add tests in
      ests/http/ghsa-v8xr-gpvj-cx9g-001.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-002.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-003.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-004.phpt,
      tests/http/ghsa-v8xr-gpvj-cx9g-005.phpt,
      tests/http/http_response_header_05.phpt.
    - debian/patches/openssl-server-8.1.patch: Use empheral ports
      for OpenSSL server client tests in
      ext/openssl/tests/ServerClientTestCase-8.1.inc.
    - CVE-2025-1217
  * SECURITY UPDATE: Invalid header
    - debian/patches/CVE-2025-1734.patch: fix in ext/standard/http_fopen_wrapper.c
      and add tests in
      ext/standard/tests/http/bug47021.phpt,
      ext/standard/tests/http/bug75535.phpt,
      tests/http/ghsa-pcmh-g36c-qc44-001.phpt,
      tests/http/ghsa-pcmh-g36c-qc44-002.phpt.
    - CVE-2025-1734
  * SECURITY UPDATE: Location truncation
    - debian/patches/CVE-2025-1861.patch: converts the
      allocation of location to be on heap instead of stack
      in ext/standard/http_fopen_wrapper.c and add tests in
      tests/http/ghsa-52jp-hrpf-2jff-001.phpt,
      tests/http/ghsa-52jp-hrpf-2jff-002.phpt.
    - CVE-2025-1861

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 25 Mar 2025 15:57:03 -0300
Source diff to previous version
CVE-2025-1217 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when http request module parses HTTP re
CVE-2025-1734 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when receiving headers from HTTP server
CVE-2025-1861 In PHP from 8.1.* before 8.1.32, from 8.2.* before 8.2.28, from 8.3.* before 8.3.19, from 8.4.* before 8.4.5, when parsing HTTP redirect in the respo

Version: 7.4.3-4ubuntu2.28 2024-12-14 00:06:46 UTC

  php7.4 (7.4.3-4ubuntu2.28) focal-security; urgency=medium

  * SECURITY REGRESSION: Previous update caused a regression
    - debian/patches/CVE-2024-8932.patch: removing RETURN_THROWS
      symbol that was causing a regression in prev update.
    - CVE-2024-8932

 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 13 Dec 2024 10:46:46 -0300
Source diff to previous version
CVE-2024-8932 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit sy

Version: 7.4.3-4ubuntu2.26 2024-12-13 00:06:58 UTC

  php7.4 (7.4.3-4ubuntu2.26) focal-security; urgency=medium

  * SECURITY UPDATE: Buffer over read
    - debian/patches/CVE-2024-11233.patch: re arrange
      bound check code in ext/standard/filters.c,
      ext/standard/tests/filters/ghsa-r977-prxv-hc43.phpt.
    - CVE-2024-11233
  * SECURITY UPDATE: HTTP request smuggling
    - debian/patches/CVE-2024-11234.patch: avoiding
      fulluri CRLF injection in ext/standard/http_fopen_wrapper.c.
      .../tests/http/ghsa-c5f2-jwm7-mmq2.phpt.
    - CVE-2024-11234
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2024-11236-1.patch: adding an extralen check
      to avoid integer overflow in ext/pdo_dblib/dblib_driver.c,
      ext/pdo_dblib/tests/GHSA-5hqh-c84r-qjcv.phpt.
    - debian/patches/CVE-2024-11236-2.patch: change qcount to size_t in
      order to avoid integer overflow and adding checks in
      ext/pdo_firebird/firebird_driver.c.
    - CVE-2024-11236
  * SECURITY UPDATE: Heap buffer over-reads
    - debian/patches/CVE-2024-8929.patch: fix buffer over-reads in
      ext/mysqlnd/mysqlnd_ps_codec.c,
      ext/mysqlnd/mysqlnd_wireprotocol.c, and create some phpt tests.
    - CVE-2024-8929
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2024-8932.patch: fix OOB in access in
      ldap_escape in ext/ldap/ldap.c,
      ext/ldap/tests/GHSA-g665-fm4p-vhff-1.phpt,
      ext/ldap/tests/GHSA-g665-fm4p-vhff-2.phpt.
    - CVE-2024-8932

 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 04 Dec 2024 13:05:49 -0300
Source diff to previous version
CVE-2024-11233 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, due to an error in convert.quoted-printable-decode filter certain data
CVE-2024-11234 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, when using streams with configured proxy and "request_fulluri" option,
CVE-2024-11236 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit sy
CVE-2024-8929 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, a hostile MySQL server can cause the client to disclose the content of
CVE-2024-8932 In PHP versions 8.1.* before 8.1.31, 8.2.* before 8.2.26, 8.3.* before 8.3.14, uncontrolled long string inputs to ldap_escape() function on 32-bit sy

Version: 7.4.3-4ubuntu2.24 2024-10-02 01:07:24 UTC

  php7.4 (7.4.3-4ubuntu2.24) focal-security; urgency=medium

  * SECURITY UPDATE: Erroneous parsing of multipart form data
    - debian/patches/CVE-2024-8925.patch: limit bounday size in
      main/rfc1867.c, tests/basic/*.
    - CVE-2024-8925
  * SECURITY UPDATE: cgi.force_redirect configuration can be bypassed due
    to environment variable collision
    - debian/patches/CVE-2024-8927.patch: check for REDIRECT_STATUS in
      sapi/cgi/cgi_main.c.
    - CVE-2024-8927

 -- Marc Deslauriers <email address hidden> Mon, 30 Sep 2024 14:16:20 -0400
Source diff to previous version
CVE-2024-8925 Erroneous parsing of multipart form data
CVE-2024-8927 cgi.force_redirect configuration is byppassible due to the environment variable collision

Version: 7.4.3-4ubuntu2.23 2024-06-19 13:07:08 UTC

  php7.4 (7.4.3-4ubuntu2.23) focal-security; urgency=medium

  * SECURITY UPDATE: Invalid user information
    - debian/patches/CVE-2024-5458.patch: improves filters validation
      in ext/filter/logical_filters.c and adds test
      in ext/filter/tests/ghsa-w8qr-v226-r27w.phpt.
    - CVE-2024-5458

 -- Leonidas Da Silva Barbosa <email address hidden> Mon, 17 Jun 2024 10:22:20 -0300
CVE-2024-5458 In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when


About   -   Send Feedback to @ubuntu_updates