[ubuntu/jammy-proposed] php8.0 8.0.8-1ubuntu2 (Accepted)
Leonidas Da Silva Barbosa
leo.barbosa at canonical.com
Thu Dec 2 19:15:13 UTC 2021
php8.0 (8.0.8-1ubuntu2) jammy; urgency=medium
* SECURITY UPDATE: Out of bounds read/write
- debian/patches/CVE-2021-21703.patch: The main change is to
store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer in
sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm/fpm_request.c,
sapi/fpm/fpm/fpm_scoreboard.c, sapi/fpm/fpm/fpm_scoreboard.h,
sapi/fpm/fpm/fpm_status.c, sapi/fpm/fpm/fpm_worker_pool.c.
- CVE-2021-21703
Date: Thu, 02 Dec 2021 13:34:27 -0300
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/php8.0/8.0.8-1ubuntu2
-------------- next part --------------
Format: 1.8
Date: Thu, 02 Dec 2021 13:34:27 -0300
Source: php8.0
Built-For-Profiles: noudeb
Architecture: source
Version: 8.0.8-1ubuntu2
Distribution: jammy
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Leonidas Da Silva Barbosa <leo.barbosa at canonical.com>
Changes:
php8.0 (8.0.8-1ubuntu2) jammy; urgency=medium
.
* SECURITY UPDATE: Out of bounds read/write
- debian/patches/CVE-2021-21703.patch: The main change is to
store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer in
sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm/fpm_request.c,
sapi/fpm/fpm/fpm_scoreboard.c, sapi/fpm/fpm/fpm_scoreboard.h,
sapi/fpm/fpm/fpm_status.c, sapi/fpm/fpm/fpm_worker_pool.c.
- CVE-2021-21703
Checksums-Sha1:
840903142173e8ccfec6c562c182fb11a0dc5643 5633 php8.0_8.0.8-1ubuntu2.dsc
9c8acee071185e69b148d1ab0b0cfc988650be3f 67796 php8.0_8.0.8-1ubuntu2.debian.tar.xz
4fba94cda3add40e0c780bbaf4bab458f945ba8d 14115 php8.0_8.0.8-1ubuntu2_source.buildinfo
Checksums-Sha256:
0c6be2e19f45963c5deb1539d790eff50c3e659e06c61801c0fd496917f06340 5633 php8.0_8.0.8-1ubuntu2.dsc
be842d3fbf2b927c067afec9d6c0968ca687354769cf4234d9adda6d16594530 67796 php8.0_8.0.8-1ubuntu2.debian.tar.xz
de5b6fc8b7680cb783a08699670729e920e1befc9c0f81549aabec15bbd12913 14115 php8.0_8.0.8-1ubuntu2_source.buildinfo
Files:
f3644ce6aa80c184ea60241f7568f6bc 5633 php optional php8.0_8.0.8-1ubuntu2.dsc
f4a9765bbd73e7a6c1cf005b7dbbe332 67796 php optional php8.0_8.0.8-1ubuntu2.debian.tar.xz
fa18794f4873f1217101a0c6b29d858a 14115 php optional php8.0_8.0.8-1ubuntu2_source.buildinfo
Original-Maintainer: Debian PHP Maintainers <team+pkg-php at tracker.debian.org>
More information about the jammy-changes
mailing list