[ubuntu/focal-security] php7.4 7.4.3-4ubuntu2.7 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 27 21:57:27 UTC 2021
php7.4 (7.4.3-4ubuntu2.7) focal-security; urgency=medium
* SECURITY UPDATE: Out of bounds read/write
- debian/patches/CVE-2021-21703.patch: The main change is to
store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer in
sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm/fpm_request.c,
sapi/fpm/fpm/fpm_scoreboard.c, sapi/fpm/fpm/fpm_scoreboard.h,
sapi/fpm/fpm/fpm_status.c, sapi/fpm/fpm/fpm_worker_pool.c.
- CVE-2021-21703
php7.4 (7.4.3-4ubuntu2.6) focal; urgency=medium
* Fix a segmentation fault and implement support for using cursors
on prepared statements in the mysqli database driver. (LP: #1939853)
- d/p/lp-1939853-1-Fix-Segfault-with-get_result-and-PS-cursors.patch
- d/p/lp-1939853-2-MySQLnd-Support-cursors-in-store-get-result.patch
Date: 2021-10-26 15:53:10.576481+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/php7.4/7.4.3-4ubuntu2.7
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list