[ubuntu/hirsute-security] php7.4 7.4.16-1ubuntu2.1 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Wed Jul 7 11:53:22 UTC 2021
php7.4 (7.4.16-1ubuntu2.1) hirsute-security; urgency=medium
* SECURITY UPDATE: multiple issues in the pdo_firebase module
- debian/patches/CVE-2021-21704-1.patch: prevent overflow in
ext/pdo_firebird/firebird_statement.c.
- debian/patches/CVE-2021-21704-2.patch: verify result_size in
ext/pdo_firebird/firebird_statement.c.
- debian/patches/CVE-2021-21704-3.patch: verify result_size in
ext/pdo_firebird/firebird_driver.c.
- debian/patches/CVE-2021-21704-4.patch: don't overflow stack in
ext/pdo_firebird/firebird_driver.c.
- CVE-2021-21704
* SECURITY UPDATE: SSRF bypass
- debian/patches/CVE-2021-21705.patch: check password in
ext/filter/logical_filters.c, ext/filter/tests/bug81122.phpt.
- debian/patches/CVE-2021-21705-2.patch: fix compiler warning in
ext/filter/logical_filters.c.
- CVE-2021-21705
Date: 2021-07-05 17:38:37.043064+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/php7.4/7.4.16-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hirsute-changes
mailing list