[ubuntu/bionic-security] php7.2 7.2.24-0ubuntu0.18.04.10 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 27 21:57:22 UTC 2021
php7.2 (7.2.24-0ubuntu0.18.04.10) bionic-security; urgency=medium
* SECURITY UPDATE: Out of bounds read/write
- debian/patches/CVE-2021-21703.patch: The main change is to
store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer in
sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm/fpm_request.c,
sapi/fpm/fpm/fpm_scoreboard.c, sapi/fpm/fpm/fpm_scoreboard.h,
sapi/fpm/fpm/fpm_status.c, sapi/fpm/fpm/fpm_worker_pool.c.
- CVE-2021-21703
php7.2 (7.2.24-0ubuntu0.18.04.9) bionic; urgency=medium
* Fix a segmentation fault and implement support for using cursors
on prepared statements in the mysqli database driver. (LP: #1939853)
- d/p/lp-1939853-1-Fix-Segfault-with-get_result-and-PS-cursors.patch
- d/p/lp-1939853-2-MySQLnd-Support-cursors-in-store-get-result.patch
Date: 2021-10-26 15:39:16.403991+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/php7.2/7.2.24-0ubuntu0.18.04.10
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list