Package "php7.0-phpdbg"
Name: |
php7.0-phpdbg
|
Description: |
server-side, HTML-embedded scripting language (PHPDBG binary)
|
Latest version: |
7.0.33-0ubuntu0.16.04.16 |
Release: |
xenial (16.04) |
Level: |
security |
Repository: |
universe |
Head package: |
php7.0 |
Homepage: |
http://www.php.net/ |
Links
Download "php7.0-phpdbg"
Other versions of "php7.0-phpdbg" in Xenial
Changelog
php7.0 (7.0.33-0ubuntu0.16.04.9) xenial-security; urgency=medium
* SECURITY UPDATE: silently truncates
a class after a null byte
- debian/patches/CVE-2019-11045.patch: not accept
arbitrary strings in ext/spl/spl_directory.c,
ext/spl/tests/bug78863.phpt.
- CVE-2019-11045
* SECURITY UPDATE: Buffer underflow
- debian/patches/CVE-2019-11046.patch: not rely on `isdigit()`
to detect digits in ext/bcmath/libbcmath/src/str2num.c,
ext/bcmath/tests/bug78878.phpt.
- CVE-2019-11046
* SECURITY UPDATE: Heap-buffer-overflow
- debian/patches/CVE-2019-11047.patch: fix in ext/exif/exif.c,
ext/exif/tests/bug78910.phpt.
- CVE-2019-11047
* SECURITY UPDATE: Use-after-free
- debian/patches/CVE-2019-11050.patch: fix in
ext/exif/exif.c, ext/exif/tests/bug78793.phpt.
- CVE-2019-11050
* fixing test bug76557
- debian/patches/0001-Fixing-test-76557.patch.
-- <email address hidden> (Leonidas S. Barbosa) Fri, 10 Jan 2020 14:09:31 -0300
|
Source diff to previous version |
CVE-2019-11045 |
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP DirectoryIterator class accepts filenames with embedded \0 byte and treats them |
CVE-2019-11046 |
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP bcmath extension functions on some systems, including Windows, can be tricked i |
CVE-2019-11047 |
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x belo |
CVE-2019-11050 |
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.2.x below 7.2.26, 7.3.x belo |
|
php7.0 (7.0.33-0ubuntu0.16.04.7) xenial-security; urgency=medium
* SECURITY UPDATE: RCE via env_path_info underflow
- debian/patches/CVE-2019-11043.patch: add check in
sapi/fpm/fpm/fpm_main.c.
- CVE-2019-11043
-- Marc Deslauriers <email address hidden> Thu, 24 Oct 2019 14:09:21 -0400
|
Source diff to previous version |
php7.0 (7.0.33-0ubuntu0.16.04.6) xenial-security; urgency=medium
* SECURITY UPDATE: Heap-buffer-overflow
- debian/patches/CVE-2019-11041.patch: check Thumbnail.size in order
to avoid an overflow in ext/exif.exif.c and adding test to
ext/exif/tests/bug78222.phpt.
- CVE-2019-11041
* SECURITY UPDATE: Heap-buffer-overflow
- debian/patches/CVE-2019-11042.patch: check ByteCount in order to
avoid an overflow in ext/exif/exif.c and adding tests to
ext/exif/tests/bug78256.phpt.
- CVE-2019-11042
-- <email address hidden> (Leonidas S. Barbosa) Mon, 12 Aug 2019 15:07:12 -0300
|
Source diff to previous version |
CVE-2019-11041 |
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x belo |
CVE-2019-11042 |
When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x belo |
|
php7.0 (7.0.33-0ubuntu0.16.04.5) xenial-security; urgency=medium
* SECURITY UPDATE: overflow in exif_process_IFD_TAG
- debian/patches/CVE-2019-11036.patch: check dir_entry in
ext/exif/exif.c.
- CVE-2019-11036
* SECURITY UPDATE: out-of-bounds read in _php_iconv_mime_decode()
- debian/patches/CVE-2019-11039.patch: add an extra check in
ext/iconv/iconv.c.
- CVE-2019-11039
* SECURITY UPDATE: heap-buffer-overflow on php_jpg_get16
- debian/patches/CVE-2019-11040.patch: add an extra check in
ext/exif/exif.c.
- CVE-2019-11040
-- Marc Deslauriers <email address hidden> Tue, 04 Jun 2019 13:13:15 -0400
|
Source diff to previous version |
CVE-2019-11036 |
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past |
CVE-2019-11039 |
Out-of-bounds read in iconv.c:_php_iconv_mime_decode() due to integer overflow |
CVE-2019-11040 |
heap-buffer-overflow on php_jpg_get16 |
|
php7.0 (7.0.33-0ubuntu0.16.04.4) xenial-security; urgency=medium
* SECURITY UPDATE: Heap-buffer-overflow in php_ifd_get32s
- debian/patches/CVE-2019-11034.patch: check size in ext/exif/exif.c.
- CVE-2019-11034
* SECURITY UPDATE: Heap-buffer-overflow in exif_iif_add_value in EXIF
- debian/patches/CVE-2019-11035-1.patch: add checks to ext/exif/exif.c.
- debian/patches/CVE-2019-11035-2.patch: add casts to ext/exif/exif.c.
- debian/patches/CVE-2019-11035-3.patch: fix typo in ext/exif/exif.c.
- CVE-2019-11035
-- Marc Deslauriers <email address hidden> Thu, 18 Apr 2019 11:25:19 -0400
|
CVE-2019-11034 |
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past |
CVE-2019-11035 |
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past |
|
About
-
Send Feedback to @ubuntu_updates