[ubuntu/yakkety-proposed] php7.0 7.0.8-3ubuntu3 (Accepted)

Marc Deslauriers marc.deslauriers at ubuntu.com
Tue Oct 4 17:52:47 UTC 2016 

php7.0 (7.0.8-3ubuntu3) yakkety; urgency=medium

  * SECURITY UPDATE: denial of service or code execution via crafted
    serialized data
    - debian/patches/CVE-2016-7124.patch: fix unserializing logic in
      ext/session/session.c, ext/standard/var_unserializer.c*,
      ext/wddx/wddx.c, added tests to
      ext/standard/tests/serialize/bug72663.phpt,
      ext/standard/tests/serialize/bug72663_2.phpt,
      ext/standard/tests/serialize/bug72663_3.phpt.
    - CVE-2016-7124
  * SECURITY UPDATE: arbitrary-type session data injection
    - debian/patches/CVE-2016-7125.patch: consume data even if not storing
      in ext/session/session.c, added test to
      ext/session/tests/bug72681.phpt.
    - CVE-2016-7125
  * SECURITY UPDATE: denial of service and possible code execution in
    imagegammacorrect function
    - debian/patches/CVE-2016-7127.patch: check gamma values in
      ext/gd/gd.c, added test to ext/gd/tests/bug72730.phpt.
    - CVE-2016-7127
  * SECURITY UPDATE: information disclosure via exif_process_IFD_in_TIFF
    - debian/patches/CVE-2016-7128.patch: properly handle thumbnails in
      ext/exif/exif.c.
    - CVE-2016-7128
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid ISO 8601 time value
    - debian/patches/CVE-2016-7129.patch: properly handle strings in
      ext/wddx/wddx.c, added test to ext/wddx/tests/bug72749.phpt.
    - CVE-2016-7129
  * SECURITY UPDATE: denial of service and possible code execution via
    invalid base64 binary value
    - debian/patches/CVE-2016-7130.patch: properly handle string in
      ext/wddx/wddx.c, added test to ext/wddx/tests/bug72750.phpt.
    - CVE-2016-7130
  * SECURITY UPDATE: denial of service and possible code execution via
    malformed wddxPacket XML document
    - debian/patches/CVE-2016-7131.patch: added checks to ext/wddx/wddx.c,
      added tests to ext/wddx/tests/bug72790.phpt,
      ext/wddx/tests/bug72799.phpt.
    - CVE-2016-7131
    - CVE-2016-7132
  * SECURITY UPDATE: denial of service and possible code execution via
    long pathname
    - debian/patches/CVE-2016-7133.patch: fix memory allocator in
      Zend/zend_alloc.c.
    - CVE-2016-7133
  * SECURITY UPDATE: denial of service and possible code execution via
    long string and curl_escape call
    - debian/patches/CVE-2016-7134.patch: check both curl_escape and
      curl_unescape in ext/curl/interface.c.
    - CVE-2016-7134
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted field metadata in MySQL driver
    - debian/patches/CVE-2016-7412.patch: validate field length in
      ext/mysqlnd/mysqlnd_wireprotocol.c.
    - CVE-2016-7412
  * SECURITY UPDATE: denial of service and possible code execution via
    malformed wddxPacket XML document
    - debian/patches/CVE-2016-7413.patch: fixed use-after-free in
      ext/wddx/wddx.c, added test to ext/wddx/tests/bug72860.phpt.
    - CVE-2016-7413
  * SECURITY UPDATE: denial of service and possible code execution via
    crafted PHAR archive
    - debian/patches/CVE-2016-7414.patch: validate signatures in
      ext/phar/util.c, ext/phar/zip.c.
    - CVE-2016-7414
  * SECURITY UPDATE: denial of service and possible code execution via
    MessageFormatter::formatMessage call with a long first argument
    - debian/patches/CVE-2016-7416.patch: added locale length check to
      ext/intl/msgformat/msgformat_format.c.
    - CVE-2016-7416
  * SECURITY UPDATE: denial of service or code execution via crafted
    serialized data
    - debian/patches/CVE-2016-7417.patch: added type check to
      ext/spl/spl_array.c, added test to ext/spl/tests/bug73029.phpt, fix
      test in ext/spl/tests/bug70068.phpt.
    - CVE-2016-7417
  * SECURITY UPDATE: denial of service and possible code execution via
    malformed wddxPacket XML document
    - debian/patches/CVE-2016-7418.patch: fix out-of-bounds read in
      ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt.
    - CVE-2016-7418

Date: Mon, 03 Oct 2016 15:48:48 -0400
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/php7.0/7.0.8-3ubuntu3
-------------- next part --------------
Format: 1.8
Date: Mon, 03 Oct 2016 15:48:48 -0400
Source: php7.0
Binary: libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-cgi php7.0-cli php7.0-dev php7.0-fpm php7.0-phpdbg php7.0-xsl php7.0-odbc php7.0-readline php7.0-recode php7.0-sqlite3 php7.0-xml php7.0-zip php7.0-sybase php7.0-gd php7.0-gmp php7.0-ldap php7.0-common php7.0-intl php7.0-mysql php7.0-mcrypt php7.0-snmp php7.0-curl php7.0-json php7.0-pgsql php7.0-mbstring php7.0-enchant php7.0-opcache php7.0-imap php7.0-bcmath php7.0-tidy php7.0-soap php7.0-dba php7.0-interbase php7.0-xmlrpc php7.0-pspell php7.0-bz2
Architecture: source
Version: 7.0.8-3ubuntu3
Distribution: yakkety
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Marc Deslauriers <marc.deslauriers at ubuntu.com>
Description:
 libapache2-mod-php7.0 - server-side, HTML-embedded scripting language (Apache 2 module)
 libphp7.0-embed - HTML-embedded scripting language (Embedded SAPI library)
 php7.0     - server-side, HTML-embedded scripting language (metapackage)
 php7.0-bcmath - Bcmath module for PHP
 php7.0-bz2 - bzip2 module for PHP
 php7.0-cgi - server-side, HTML-embedded scripting language (CGI binary)
 php7.0-cli - command-line interpreter for the PHP scripting language
 php7.0-common - documentation, examples and common module for PHP
 php7.0-curl - CURL module for PHP
 php7.0-dba - DBA module for PHP
 php7.0-dev - Files for PHP7.0 module development
 php7.0-enchant - Enchant module for PHP
 php7.0-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
 php7.0-gd  - GD module for PHP
 php7.0-gmp - GMP module for PHP
 php7.0-imap - IMAP module for PHP
 php7.0-interbase - Interbase module for PHP
 php7.0-intl - Internationalisation module for PHP
 php7.0-json - JSON module for PHP
 php7.0-ldap - LDAP module for PHP
 php7.0-mbstring - MBSTRING module for PHP
 php7.0-mcrypt - libmcrypt module for PHP
 php7.0-mysql - MySQL module for PHP
 php7.0-odbc - ODBC module for PHP
 php7.0-opcache - Zend OpCache module for PHP
 php7.0-pgsql - PostgreSQL module for PHP
 php7.0-phpdbg - server-side, HTML-embedded scripting language (PHPDBG binary)
 php7.0-pspell - pspell module for PHP
 php7.0-readline - readline module for PHP
 php7.0-recode - recode module for PHP
 php7.0-snmp - SNMP module for PHP
 php7.0-soap - SOAP module for PHP
 php7.0-sqlite3 - SQLite3 module for PHP
 php7.0-sybase - Sybase module for PHP
 php7.0-tidy - tidy module for PHP
 php7.0-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP
 php7.0-xmlrpc - XMLRPC-EPI module for PHP
 php7.0-xsl - XSL module for PHP (dummy)
 php7.0-zip - Zip module for PHP
Changes:
 php7.0 (7.0.8-3ubuntu3) yakkety; urgency=medium
 .
   * SECURITY UPDATE: denial of service or code execution via crafted
     serialized data
     - debian/patches/CVE-2016-7124.patch: fix unserializing logic in
       ext/session/session.c, ext/standard/var_unserializer.c*,
       ext/wddx/wddx.c, added tests to
       ext/standard/tests/serialize/bug72663.phpt,
       ext/standard/tests/serialize/bug72663_2.phpt,
       ext/standard/tests/serialize/bug72663_3.phpt.
     - CVE-2016-7124
   * SECURITY UPDATE: arbitrary-type session data injection
     - debian/patches/CVE-2016-7125.patch: consume data even if not storing
       in ext/session/session.c, added test to
       ext/session/tests/bug72681.phpt.
     - CVE-2016-7125
   * SECURITY UPDATE: denial of service and possible code execution in
     imagegammacorrect function
     - debian/patches/CVE-2016-7127.patch: check gamma values in
       ext/gd/gd.c, added test to ext/gd/tests/bug72730.phpt.
     - CVE-2016-7127
   * SECURITY UPDATE: information disclosure via exif_process_IFD_in_TIFF
     - debian/patches/CVE-2016-7128.patch: properly handle thumbnails in
       ext/exif/exif.c.
     - CVE-2016-7128
   * SECURITY UPDATE: denial of service and possible code execution via
     invalid ISO 8601 time value
     - debian/patches/CVE-2016-7129.patch: properly handle strings in
       ext/wddx/wddx.c, added test to ext/wddx/tests/bug72749.phpt.
     - CVE-2016-7129
   * SECURITY UPDATE: denial of service and possible code execution via
     invalid base64 binary value
     - debian/patches/CVE-2016-7130.patch: properly handle string in
       ext/wddx/wddx.c, added test to ext/wddx/tests/bug72750.phpt.
     - CVE-2016-7130
   * SECURITY UPDATE: denial of service and possible code execution via
     malformed wddxPacket XML document
     - debian/patches/CVE-2016-7131.patch: added checks to ext/wddx/wddx.c,
       added tests to ext/wddx/tests/bug72790.phpt,
       ext/wddx/tests/bug72799.phpt.
     - CVE-2016-7131
     - CVE-2016-7132
   * SECURITY UPDATE: denial of service and possible code execution via
     long pathname
     - debian/patches/CVE-2016-7133.patch: fix memory allocator in
       Zend/zend_alloc.c.
     - CVE-2016-7133
   * SECURITY UPDATE: denial of service and possible code execution via
     long string and curl_escape call
     - debian/patches/CVE-2016-7134.patch: check both curl_escape and
       curl_unescape in ext/curl/interface.c.
     - CVE-2016-7134
   * SECURITY UPDATE: denial of service and possible code execution via
     crafted field metadata in MySQL driver
     - debian/patches/CVE-2016-7412.patch: validate field length in
       ext/mysqlnd/mysqlnd_wireprotocol.c.
     - CVE-2016-7412
   * SECURITY UPDATE: denial of service and possible code execution via
     malformed wddxPacket XML document
     - debian/patches/CVE-2016-7413.patch: fixed use-after-free in
       ext/wddx/wddx.c, added test to ext/wddx/tests/bug72860.phpt.
     - CVE-2016-7413
   * SECURITY UPDATE: denial of service and possible code execution via
     crafted PHAR archive
     - debian/patches/CVE-2016-7414.patch: validate signatures in
       ext/phar/util.c, ext/phar/zip.c.
     - CVE-2016-7414
   * SECURITY UPDATE: denial of service and possible code execution via
     MessageFormatter::formatMessage call with a long first argument
     - debian/patches/CVE-2016-7416.patch: added locale length check to
       ext/intl/msgformat/msgformat_format.c.
     - CVE-2016-7416
   * SECURITY UPDATE: denial of service or code execution via crafted
     serialized data
     - debian/patches/CVE-2016-7417.patch: added type check to
       ext/spl/spl_array.c, added test to ext/spl/tests/bug73029.phpt, fix
       test in ext/spl/tests/bug70068.phpt.
     - CVE-2016-7417
   * SECURITY UPDATE: denial of service and possible code execution via
     malformed wddxPacket XML document
     - debian/patches/CVE-2016-7418.patch: fix out-of-bounds read in
       ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt.
     - CVE-2016-7418
Checksums-Sha1:
 28b7f91791d1a2b46870a1fc980b64898b658860 5721 php7.0_7.0.8-3ubuntu3.dsc
 9daf13312081fc14df3255ac2486291fd9d68ad4 78008 php7.0_7.0.8-3ubuntu3.debian.tar.xz
Checksums-Sha256:
 2fb3031bcf1d491bfda59c89af5aa1bd5fb07dd5e4dbe75e77fcfb24e5563f34 5721 php7.0_7.0.8-3ubuntu3.dsc
 2349c0228d58795ef9bbf99a654a893bfb2f3463959a17003f8e904705816435 78008 php7.0_7.0.8-3ubuntu3.debian.tar.xz
Files:
 773336faf2dc589bf059bcf4eed86981 5721 php optional php7.0_7.0.8-3ubuntu3.dsc
 65b22824503e97f3406f1a8250220e76 78008 php optional php7.0_7.0.8-3ubuntu3.debian.tar.xz
Original-Maintainer: Debian PHP Maintainers <pkg-php-maint at lists.alioth.debian.org>

More information about the Yakkety-changes mailing list