[ubuntu/disco-proposed] php7.2 7.2.15-0ubuntu3 (Accepted)

[Leonidas S. Barbosa]

php7.2 (7.2.15-0ubuntu3) disco; urgency=medium

  * SECURITY UPDATE: Unauthorized users access
    - debian/patches/CVE-2019-9637.patch: fix in
      main/streams/plain_wrapper.c.
    - CVE-2019-9637
  * SECURITY UPDATE: Invalid read in exif_process_IFD_MAKERNOTE
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-*.patch: fix in
      ext/exif/exif.c, added tests in ext/exif/tests/bug77563.jpg,
      ext/exif/tests/bug77563.phpt.
    - CVE-2019-9638
    - CVE-2019-9639
  * SECURITY UPDATE: Invalid read
    - debian/patches/CVE-2019-9640.patch: fix in
      ext/exif/exif.c, added tests in ext/exif/tests/bug77540.jpg,
      ext/exif/tests/bug77540.phpt.
    - CVE-2019-9640
  * SECURITY UPDATE: Unitialized read
    - debian/patches/CVE-2019-9641.patch: fix in ext/exif/exif.c.
    - CVE-2019-9641
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2019-9675.patch: fix in
      ext/phar/tar.c, added tests in ext/phar/tests/bug71488.phpt,
      ext/phar/tests/bug77586,phpt, ext/phar/tests/bug77586/files/*.

Date: Wed, 27 Mar 2019 08:36:37 -0300
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/php7.2/7.2.15-0ubuntu3
-------------- next part --------------
Format: 1.8
Date: Wed, 27 Mar 2019 08:36:37 -0300
Source: php7.2
Architecture: source
Version: 7.2.15-0ubuntu3
Distribution: disco
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas S. Barbosa <leo.barbosa at canonical.com>
Changes:
 php7.2 (7.2.15-0ubuntu3) disco; urgency=medium
 .
   * SECURITY UPDATE: Unauthorized users access
     - debian/patches/CVE-2019-9637.patch: fix in
       main/streams/plain_wrapper.c.
     - CVE-2019-9637
   * SECURITY UPDATE: Invalid read in exif_process_IFD_MAKERNOTE
     - debian/patches/CVE-2019-9638-and-CVE-2019-9639-*.patch: fix in
       ext/exif/exif.c, added tests in ext/exif/tests/bug77563.jpg,
       ext/exif/tests/bug77563.phpt.
     - CVE-2019-9638
     - CVE-2019-9639
   * SECURITY UPDATE: Invalid read
     - debian/patches/CVE-2019-9640.patch: fix in
       ext/exif/exif.c, added tests in ext/exif/tests/bug77540.jpg,
       ext/exif/tests/bug77540.phpt.
     - CVE-2019-9640
   * SECURITY UPDATE: Unitialized read
     - debian/patches/CVE-2019-9641.patch: fix in ext/exif/exif.c.
     - CVE-2019-9641
   * SECURITY UPDATE: Buffer overflow
     - debian/patches/CVE-2019-9675.patch: fix in
       ext/phar/tar.c, added tests in ext/phar/tests/bug71488.phpt,
       ext/phar/tests/bug77586,phpt, ext/phar/tests/bug77586/files/*.
Checksums-Sha1:
 80b003a8802d93f4e79724da0afc28a491e62bf9 5767 php7.2_7.2.15-0ubuntu3.dsc
 329d733c5bc12dc22fad276af933e52483353770 83032 php7.2_7.2.15-0ubuntu3.debian.tar.xz
 5d6c6dabadae9074336d69031b5efc1fcaa7bea6 14420 php7.2_7.2.15-0ubuntu3_source.buildinfo
Checksums-Sha256:
 455910da044b1935b69338d69095861910113b011424562a433f2a77d2cb7a51 5767 php7.2_7.2.15-0ubuntu3.dsc
 c0eb233006ba3cf8fb5fa4454661e012b5837d3eb8e3aee7d8fcab995a0ab1c8 83032 php7.2_7.2.15-0ubuntu3.debian.tar.xz
 86a66b433527ed292bdbe3627de66234fd6ccd1f83d1b35dc6f92b4e19dcfc6b 14420 php7.2_7.2.15-0ubuntu3_source.buildinfo
Files:
 0eacf7327e1a5c0805a15292c7f55048 5767 php optional php7.2_7.2.15-0ubuntu3.dsc
 1524788c766d71df2b4129a6bda236de 83032 php optional php7.2_7.2.15-0ubuntu3.debian.tar.xz
 86052da2857d03fc05b55cf7a921c7f0 14420 php optional php7.2_7.2.15-0ubuntu3_source.buildinfo
Original-Maintainer: Debian PHP Maintainers <team+pkg-php at tracker.debian.org>