[ubuntu/xenial-security] php7.0 7.0.33-0ubuntu0.16.04.3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Tue Mar 26 17:05:26 UTC 2019
php7.0 (7.0.33-0ubuntu0.16.04.3) xenial-security; urgency=medium
* SECURITY UPDATE: Unauthorized users access
- debian/patches/CVE-2019-9637.patch: fix in
main/streams/plain_wrapper.c.
- CVE-2019-9637
* SECURITY UPDATE: Invalid read in exif_process_IFD_MAKERNOTE
- debian/patches/CVE-2019-9638-and-CVE-2019-9639-*.patch: fix in
ext/exif/exif.c, added tests in ext/exif/tests/bug77563.jpg,
ext/exif/tests/bug77563.phpt.
- CVE-2019-9638
- CVE-2019-9639
* SECURITY UPDATE: Invalid read
- debian/patches/CVE-2019-9640.patch: fix in
ext/exif/exif.c, added tests in ext/exif/tests/bug77540.jpg,
ext/exif/tests/bug77540.phpt.
- CVE-2019-9640
* SECURITY UPDATE: Unitialized read
- debian/patches/CVE-2019-9641.patch: fix in ext/exif/exif.c.
- CVE-2019-9641
* SECURITY UPDATE: Buffer overflow
- debian/patches/CVE-2019-9675.patch: fix in
ext/phar/tar.c, added tests in ext/phar/tests/bug71488.phpt,
ext/phar/tests/bug77586,phpt, ext/phar/tests/bug77586/files/*.
Date: 2019-03-22 15:52:16.086009+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list