[ubuntu/cosmic-proposed] php7.2 7.2.7-0ubuntu2 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Thu Jul 5 13:43:49 UTC 2018 

php7.2 (7.2.7-0ubuntu2) cosmic; urgency=medium

  * SECURITY UPDATE: 7.2.7 did not actually include the fix for the
    CVE-2018-12882 exif security issue. This release adds backported
    patches to fix the issue.
    - debian/patches/CVE-2018-12882-1.patch: fix heap use after free in
      _php_stream_free in ext/exif/exif.c, ext/exif/tests/bug76409.phpt.
    - debian/patches/CVE-2018-12882-2.patch: fix test portability in
      ext/exif/tests/bug76409.phpt.
    - CVE-2018-12882

Date: Thu, 05 Jul 2018 09:35:23 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/php7.2/7.2.7-0ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Thu, 05 Jul 2018 09:35:23 -0400
Source: php7.2
Binary: libapache2-mod-php7.2 libphp7.2-embed php7.2 php7.2-cgi php7.2-cli php7.2-dev php7.2-fpm php7.2-phpdbg php7.2-xsl php7.2-odbc php7.2-readline php7.2-recode php7.2-sqlite3 php7.2-tidy php7.2-xml php7.2-sybase php7.2-gd php7.2-gmp php7.2-zip php7.2-common php7.2-intl php7.2-snmp php7.2-curl php7.2-json php7.2-pgsql php7.2-mbstring php7.2-enchant php7.2-opcache php7.2-imap php7.2-mysql php7.2-bcmath php7.2-soap php7.2-dba php7.2-interbase php7.2-xmlrpc php7.2-pspell php7.2-bz2 php7.2-ldap
Architecture: source
Version: 7.2.7-0ubuntu2
Distribution: cosmic
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libapache2-mod-php7.2 - server-side, HTML-embedded scripting language (Apache 2 module)
 libphp7.2-embed - HTML-embedded scripting language (Embedded SAPI library)
 php7.2     - server-side, HTML-embedded scripting language (metapackage)
 php7.2-bcmath - Bcmath module for PHP
 php7.2-bz2 - bzip2 module for PHP
 php7.2-cgi - server-side, HTML-embedded scripting language (CGI binary)
 php7.2-cli - command-line interpreter for the PHP scripting language
 php7.2-common - documentation, examples and common module for PHP
 php7.2-curl - CURL module for PHP
 php7.2-dba - DBA module for PHP
 php7.2-dev - Files for PHP7.2 module development
 php7.2-enchant - Enchant module for PHP
 php7.2-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
 php7.2-gd  - GD module for PHP
 php7.2-gmp - GMP module for PHP
 php7.2-imap - IMAP module for PHP
 php7.2-interbase - Interbase module for PHP
 php7.2-intl - Internationalisation module for PHP
 php7.2-json - JSON module for PHP
 php7.2-ldap - LDAP module for PHP
 php7.2-mbstring - MBSTRING module for PHP
 php7.2-mysql - MySQL module for PHP
 php7.2-odbc - ODBC module for PHP
 php7.2-opcache - Zend OpCache module for PHP
 php7.2-pgsql - PostgreSQL module for PHP
 php7.2-phpdbg - server-side, HTML-embedded scripting language (PHPDBG binary)
 php7.2-pspell - pspell module for PHP
 php7.2-readline - readline module for PHP
 php7.2-recode - recode module for PHP
 php7.2-snmp - SNMP module for PHP
 php7.2-soap - SOAP module for PHP
 php7.2-sqlite3 - SQLite3 module for PHP
 php7.2-sybase - Sybase module for PHP
 php7.2-tidy - tidy module for PHP
 php7.2-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP
 php7.2-xmlrpc - XMLRPC-EPI module for PHP
 php7.2-xsl - XSL module for PHP (dummy)
 php7.2-zip - Zip module for PHP
Changes:
 php7.2 (7.2.7-0ubuntu2) cosmic; urgency=medium
 .
   * SECURITY UPDATE: 7.2.7 did not actually include the fix for the
     CVE-2018-12882 exif security issue. This release adds backported
     patches to fix the issue.
     - debian/patches/CVE-2018-12882-1.patch: fix heap use after free in
       _php_stream_free in ext/exif/exif.c, ext/exif/tests/bug76409.phpt.
     - debian/patches/CVE-2018-12882-2.patch: fix test portability in
       ext/exif/tests/bug76409.phpt.
     - CVE-2018-12882
Checksums-Sha1:
 1bca8d7cb739398c2da69f16908a144085e0e73c 5714 php7.2_7.2.7-0ubuntu2.dsc
 828b62c67dcee6811d6a23ea8f06afa659707b9a 71756 php7.2_7.2.7-0ubuntu2.debian.tar.xz
 c2b54c46cb209ce1297f89630ceea2f4b62ab6eb 15004 php7.2_7.2.7-0ubuntu2_source.buildinfo
Checksums-Sha256:
 a92eba795fe9bb17bf1abf3308759e1142ff2c7b01111501573ae724555f6a9a 5714 php7.2_7.2.7-0ubuntu2.dsc
 63790ccf4d1c917c88add44e3433e27c297e5837e2ed002f344b9692753889b1 71756 php7.2_7.2.7-0ubuntu2.debian.tar.xz
 f6a7844c09552ca67ce761b59867572947f14ab30a46d672044609906ce642bd 15004 php7.2_7.2.7-0ubuntu2_source.buildinfo
Files:
 c8b5ee8545eb74dbdcec079878bf9d67 5714 php optional php7.2_7.2.7-0ubuntu2.dsc
 a07266fec375515b56d32d462286635a 71756 php optional php7.2_7.2.7-0ubuntu2.debian.tar.xz
 9819f2ce71d013657d996a861013a806 15004 php optional php7.2_7.2.7-0ubuntu2_source.buildinfo
Original-Maintainer: Debian PHP Maintainers <pkg-php-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAls+H2oACgkQZWnYVadE
vpMv9A//dEwfwQBvo847MwvnemGPbnoOG2vbb4aYIGMuf35zLLBFY5lwVvN0+ehr
b+X7HyfQ7fvu+Ww/OIWaeamgwzRcjoHYbKdDGhyVgh8zum3cbrTQZgpcEr2BjmYu
Jn8QHIK7GF6W8k/7ARtEv3GDI5sW2oeydwwP4kDycfyLekwa+Jjt6YhWw3UGcVJQ
q9ouenYZnQ5/UTqOwmtk3OfxrMewtFdkLc0d+XR/QUbbTlSAIfkeD9Yz5wdlBdJm
po8JEMYlDYVz17Gczs5fxme6PX56pp/ZBdosSXTMpdztxQLQCJrMDDSyQAveVP51
mVKc8urqTlumWTb/1Yd4w9a+FTmJXzaPkJ/+Ms7OLP/jBRoLO6N2UaGf7WZ4OAQJ
oWcyBV8nXTZMDHpCZzCdDC2pyLPZat/1QTm8qNwNrT4R6m87PXQqhJ8gDSTSBOx8
JR6tkPKRQGH8men85q1sZQwT0ulFf68B7tb0Qp/aRKSLfl2nBaFl2UMIGpfFsrDy
BshZMx6DzcWPbSnPZULFb2QHlHvyWFJ2yGsSZOwt9Um6bsz+gwkC5Fzi6Pk4lzB4
AmYhzBOC5mEZLVf9IOmpqar3t6/t9EGHsHK4tK7Kbw3AZaoHN+uNYiaxJFn5VFpF
VcPDRYI7krMu1ZGmYirrcI0vsh5ek45fHsaKXN1ZxoRCnQbPXaI=
=WzPi
-----END PGP SIGNATURE-----

More information about the Cosmic-changes mailing list