[ubuntu/xenial-updates] php7.0 7.0.33-0ubuntu0.16.04.11 (Accepted)
Ubuntu Archive Robot
cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk
Mon Feb 17 19:58:29 UTC 2020
php7.0 (7.0.33-0ubuntu0.16.04.11) xenial-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2015-9253.patch: directly listen
on socket, instead duping it to STDIN in
sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm_stdio.c,
and added tests to sapi/fpm/tests/bug73342-nonblocking-stdio.phpt.
- CVE-2015-9253
* SECURITY UPDATE: Out of bounds read
- debian/patches/CVE-2020-7059.patch: fix OOB read in
php_strip_tags_ex in ext/standard/string.c and added test
ext/standard/tests/file/bug79099.phpt.
- CVE-2020-7059
* SECURITY UPDATE: Buffer-overflow
- debian/patches/CVE-2020-7060.patch: fix adding a check function
is_in_cp950_pua in ext/mbstring/libmbfl/filters/mbfilter_big5.c
and added test ext/mbstring/tests/bug79037.phpt.
- CVE-2020-7060
Date: 2020-02-17 11:49:14.937603+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <cjwatson+ubuntu-archive-robot at chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/php7.0/7.0.33-0ubuntu0.16.04.11
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list