[ubuntu/yakkety-proposed] php7.0 7.0.8-3ubuntu2 (Accepted)

Wed Jul 27 18:32:25 UTC 2016

php7.0 (7.0.8-3ubuntu2) yakkety; urgency=medium

  * SECURITY UPDATE: proxy request header vulnerability (httpoxy)
    - debian/patches/CVE-2016-5385.patch: only use HTTP_PROXY from the
      local environment in ext/standard/basic_functions.c, main/SAPI.c,
      main/php_variables.c.
    - CVE-2016-5385
  * SECURITY UPDATE: inadequate error handling in bzread()
    - debian/patches/CVE-2016-5399.patch: do not allow reading past error
      read in ext/bz2/bz2.c.
    - CVE-2016-5399
  * SECURITY UPDATE: integer overflow in the virtual_file_ex function
    - debian/patches/CVE-2016-6289.patch: properly check path_length in
      Zend/zend_virtual_cwd.c.
    - CVE-2016-6289
  * SECURITY UPDATE: use after free in unserialize() with unexpected
    session deserialization
    - debian/patches/CVE-2016-6290.patch: destroy var_hash properly in
      ext/session/session.c, added test to ext/session/tests/bug72562.phpt.
    - CVE-2016-6290
  * SECURITY UPDATE: out of bounds read in exif_process_IFD_in_MAKERNOTE
    - debian/patches/CVE-2016-6291.patch: add more bounds checks to
      ext/exif/exif.c.
    - CVE-2016-6291
  * SECURITY UPDATE: NULL pointer dereference in exif_process_user_comment
    - debian/patches/CVE-2016-6292.patch: properly handle encoding in
      ext/exif/exif.c.
    - CVE-2016-6292
  * SECURITY UPDATE: locale_accept_from_http out-of-bounds access
    - debian/patches/CVE-2016-6294.patch: check length in
      ext/intl/locale/locale_methods.c, added test to
      ext/intl/tests/bug72533.phpt.
    - CVE-2016-6294
  * SECURITY UPDATE: use after free vulnerability in SNMP with GC and
    unserialize()
    - debian/patches/CVE-2016-6295.patch: add new handler to
      ext/snmp/snmp.c, add test to ext/snmp/tests/bug72479.phpt.
    - CVE-2016-6295
  * SECURITY UPDATE: heap buffer overflow in simplestring_addn
    - debian/patches/CVE-2016-6296.patch: prevent overflows in
      ext/xmlrpc/libxmlrpc/simplestring.*.
    - CVE-2016-6296
  * SECURITY UPDATE: integer overflow in php_stream_zip_opener
    - debian/patches/CVE-2016-6297.patch: use size_t in
      ext/zip/zip_stream.c.
    - CVE-2016-6297
  * debian/patches/fix_exif_tests.patch: fix exif test results after
    security changes.

Date: Wed, 27 Jul 2016 08:14:20 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/php7.0/7.0.8-3ubuntu2
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Wed, 27 Jul 2016 08:14:20 -0400
Source: php7.0
Binary: libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-cgi php7.0-cli php7.0-dev php7.0-fpm php7.0-phpdbg php7.0-xsl php7.0-odbc php7.0-readline php7.0-recode php7.0-sqlite3 php7.0-xml php7.0-zip php7.0-sybase php7.0-gd php7.0-gmp php7.0-ldap php7.0-common php7.0-intl php7.0-mysql php7.0-mcrypt php7.0-snmp php7.0-curl php7.0-json php7.0-pgsql php7.0-mbstring php7.0-enchant php7.0-opcache php7.0-imap php7.0-bcmath php7.0-tidy php7.0-soap php7.0-dba php7.0-interbase php7.0-xmlrpc php7.0-pspell php7.0-bz2
Architecture: source
Version: 7.0.8-3ubuntu2
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libapache2-mod-php7.0 - server-side, HTML-embedded scripting language (Apache 2 module)
 libphp7.0-embed - HTML-embedded scripting language (Embedded SAPI library)
 php7.0     - server-side, HTML-embedded scripting language (metapackage)
 php7.0-bcmath - Bcmath module for PHP
 php7.0-bz2 - bzip2 module for PHP
 php7.0-cgi - server-side, HTML-embedded scripting language (CGI binary)
 php7.0-cli - command-line interpreter for the PHP scripting language
 php7.0-common - documentation, examples and common module for PHP
 php7.0-curl - CURL module for PHP
 php7.0-dba - DBA module for PHP
 php7.0-dev - Files for PHP7.0 module development
 php7.0-enchant - Enchant module for PHP
 php7.0-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
 php7.0-gd  - GD module for PHP
 php7.0-gmp - GMP module for PHP
 php7.0-imap - IMAP module for PHP
 php7.0-interbase - Interbase module for PHP
 php7.0-intl - Internationalisation module for PHP
 php7.0-json - JSON module for PHP
 php7.0-ldap - LDAP module for PHP
 php7.0-mbstring - MBSTRING module for PHP
 php7.0-mcrypt - libmcrypt module for PHP
 php7.0-mysql - MySQL module for PHP
 php7.0-odbc - ODBC module for PHP
 php7.0-opcache - Zend OpCache module for PHP
 php7.0-pgsql - PostgreSQL module for PHP
 php7.0-phpdbg - server-side, HTML-embedded scripting language (PHPDBG binary)
 php7.0-pspell - pspell module for PHP
 php7.0-readline - readline module for PHP
 php7.0-recode - recode module for PHP
 php7.0-snmp - SNMP module for PHP
 php7.0-soap - SOAP module for PHP
 php7.0-sqlite3 - SQLite3 module for PHP
 php7.0-sybase - Sybase module for PHP
 php7.0-tidy - tidy module for PHP
 php7.0-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP
 php7.0-xmlrpc - XMLRPC-EPI module for PHP
 php7.0-xsl - XSL module for PHP (dummy)
 php7.0-zip - Zip module for PHP
Changes:
 php7.0 (7.0.8-3ubuntu2) yakkety; urgency=medium
 .
   * SECURITY UPDATE: proxy request header vulnerability (httpoxy)
     - debian/patches/CVE-2016-5385.patch: only use HTTP_PROXY from the
       local environment in ext/standard/basic_functions.c, main/SAPI.c,
       main/php_variables.c.
     - CVE-2016-5385
   * SECURITY UPDATE: inadequate error handling in bzread()
     - debian/patches/CVE-2016-5399.patch: do not allow reading past error
       read in ext/bz2/bz2.c.
     - CVE-2016-5399
   * SECURITY UPDATE: integer overflow in the virtual_file_ex function
     - debian/patches/CVE-2016-6289.patch: properly check path_length in
       Zend/zend_virtual_cwd.c.
     - CVE-2016-6289
   * SECURITY UPDATE: use after free in unserialize() with unexpected
     session deserialization
     - debian/patches/CVE-2016-6290.patch: destroy var_hash properly in
       ext/session/session.c, added test to ext/session/tests/bug72562.phpt.
     - CVE-2016-6290
   * SECURITY UPDATE: out of bounds read in exif_process_IFD_in_MAKERNOTE
     - debian/patches/CVE-2016-6291.patch: add more bounds checks to
       ext/exif/exif.c.
     - CVE-2016-6291
   * SECURITY UPDATE: NULL pointer dereference in exif_process_user_comment
     - debian/patches/CVE-2016-6292.patch: properly handle encoding in
       ext/exif/exif.c.
     - CVE-2016-6292
   * SECURITY UPDATE: locale_accept_from_http out-of-bounds access
     - debian/patches/CVE-2016-6294.patch: check length in
       ext/intl/locale/locale_methods.c, added test to
       ext/intl/tests/bug72533.phpt.
     - CVE-2016-6294
   * SECURITY UPDATE: use after free vulnerability in SNMP with GC and
     unserialize()
     - debian/patches/CVE-2016-6295.patch: add new handler to
       ext/snmp/snmp.c, add test to ext/snmp/tests/bug72479.phpt.
     - CVE-2016-6295
   * SECURITY UPDATE: heap buffer overflow in simplestring_addn
     - debian/patches/CVE-2016-6296.patch: prevent overflows in
       ext/xmlrpc/libxmlrpc/simplestring.*.
     - CVE-2016-6296
   * SECURITY UPDATE: integer overflow in php_stream_zip_opener
     - debian/patches/CVE-2016-6297.patch: use size_t in
       ext/zip/zip_stream.c.
     - CVE-2016-6297
   * debian/patches/fix_exif_tests.patch: fix exif test results after
     security changes.
Checksums-Sha1:
 1216eb41f3f150109d9a1800a0cdfb2f3f8fe671 5721 php7.0_7.0.8-3ubuntu2.dsc
 744e5e40bfe81c18f60a33c60bc70bebd6c7921f 68396 php7.0_7.0.8-3ubuntu2.debian.tar.xz
Checksums-Sha256:
 50917ed9b043ad304d26d4c01000ec6ad40393a6beeadd9fbf582ccd676429e5 5721 php7.0_7.0.8-3ubuntu2.dsc
 a8e5ec1311f869b3c3a39a270974af43f9ab9bae8cd07a03997f769a1c7cf240 68396 php7.0_7.0.8-3ubuntu2.debian.tar.xz
Files:
 95e23865d1ea98a9a069884ca1ccf31f 5721 php optional php7.0_7.0.8-3ubuntu2.dsc
 8f9bdf0caae1fa0c4c7b34024fdf628e 68396 php optional php7.0_7.0.8-3ubuntu2.debian.tar.xz
Original-Maintainer: Debian PHP Maintainers <pkg-php-maint at lists.alioth.debian.org>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCgAGBQJXmP0UAAoJEGVp2FWnRL6TPQ8QAJK1EwpE1p72YJ7PlbEFCy7c
9HXuBJ+w0eloE98IBK8HAaPEmeICBrj/A0SmW6l/yaRrD5pwuxLb7oaUz9N02DnF
+CKpKkaRuiukszYCZj/lQe3JkPzSOzbd8Ot+QeG9LM2avEiQlYmTziH6C1EPZS+B
rhfSy5Swptl513m01As3PPU4rX+gkzhsMb9kdzHETVNQ9xpjVnrkcRLr6PP0yRVC
nC1QS94u/SSeOqCdB/AKxSACslfDoQ1Igfe+1FD7u/ipv2WgO3pDaITVyNhjmwOr
PmhSMHnwMM7YoRUiu9pYe9rWdTo+WpzicdT1K/+tk9S59d+dbZhccV5JEkgrGKu3
eRpB6PawLvHqNGu9jfGCoSeh8SyM2qKfal6i+TksO9xMXDAS9nkBaqIrAYMdssmp
fGP4qVqgaW2R0AYAeg9NrXodGQRc5ZtoEZT6CAQG+MX4LYi/XeaUGBWIULRNVn70
m89duzPIH5cmwbEQTr5BpFn+UpRJoa5P9fba424h6UkKl2KmYrkVBBllxFRVQqhM
igaqHq/o0Y2cXwF/dosbvMVntwtAhcY62kA6hOKiURhFXqifLA1Sdi9i1Py7ONPt
s938htJj06CRqkArT+Q5rQWi45HfI2xWkWg+k2u4lK/oVS6/eboBsaQEW6TK/0wV
zU44HnESzsl7KfsBqTNm
=whX7
-----END PGP SIGNATURE-----