[ubuntu/jammy-updates] php8.1 8.1.2-1ubuntu2.17 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Fri May 3 02:28:34 UTC 2024
php8.1 (8.1.2-1ubuntu2.17) jammy-security; urgency=medium
* SECURITY UPDATE: Heap buffer-overflow
- debian/patches/CVE-2022-4900.patch: prevent potential buffer
overflow for large valye of php_cli_server_workers_max in
sapi/cli/php_cli_server.c.
- CVE-2022-4900
* SECURITY UPDATE: Cookie by pass
- debian/patches/CVE-2024-2756.patch: adds more mangling rules
in main/php_variable.c.
- CVE-2024-2756
* SECURITY UPDATE: Account take over risk
- debian/patches/CVE-2024-3096.patch: disallow null character in bcrypt
password in ext/standard/password.c,
ext/standard/tests/password_bcrypt_errors.phpt.
- CVE-2024-3096
php8.1 (8.1.2-1ubuntu2.16) jammy; urgency=medium
* d/p/fix-segfault-in-fpm_status_export_to_zval.patch: fix
segmentation fault in fpm_status_export_to_zval. (LP: #2057576)
Date: 2024-05-01 16:12:11.187959+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/php8.1/8.1.2-1ubuntu2.17
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list