[ubuntu/eoan-security] php7.3 7.3.11-0ubuntu0.19.10.3 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Mon Feb 17 18:25:33 UTC 2020


php7.3 (7.3.11-0ubuntu0.19.10.3) eoan-security; urgency=medium

  * SECURITY UPDATE: Out of bounds read, buffer overflow and
    heap use-after-free
    - debian/patches/CVE-2020-7059-and-CVE-2020-7060.patch:
      fix OOB read in php_strip_tags_ex in ext/standard/string.c
      and added test ext/standard/tests/file/bug79099.phpt,
      fix adding a check function
      is_in_cp950_pua in  ext/mbstring/libmbfl/filters/mbfilter_big5.c
      and added test ext/mbstring/tests/bug79037.phpt,
      fix use-after-free in session_create_id() and
      added tests ext/session/tests/bug79091.phpt.
    - CVE-2020-7059
    - CVE-2020-7060

Date: 2020-02-12 19:37:16.549532+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/php7.3/7.3.11-0ubuntu0.19.10.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Eoan-changes mailing list