[ubuntu/zesty-proposed] php7.0 7.0.12-2ubuntu1 (Accepted)
Nishanth Aravamudan
nish.aravamudan at canonical.com
Tue Nov 15 00:40:16 UTC 2016
php7.0 (7.0.12-2ubuntu1) zesty; urgency=medium
* Merge with Debian unstable (LP: #1641211). Remaining changes:
- Drop dh-php from Recommends to Suggests so it can be demoted to
universe (LP #1590623).
+ dh-php has gained a dependency on xml2 which is in universe.
* Drop:
- SECURITY UPDATE: proxy request header vulnerability (httpoxy)
+ debian/patches/CVE-2016-5385.patch: only use HTTP_PROXY from the
local environment in ext/standard/basic_functions.c, main/SAPI.c,
main/php_variables.c.
+ CVE-2016-5385
[ Fixed upstream in 7.0.9 ]
- SECURITY UPDATE: inadequate error handling in bzread()
+ debian/patches/CVE-2016-5399.patch: do not allow reading past error
read in ext/bz2/bz2.c.
+ CVE-2016-5399
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: integer overflow in the virtual_file_ex function
+ debian/patches/CVE-2016-6289.patch: properly check path_length in
Zend/zend_virtual_cwd.c.
+ CVE-2016-6289
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: use after free in unserialize() with unexpected
session deserialization
+ debian/patches/CVE-2016-6290.patch: destroy var_hash properly in
ext/session/session.c, added test to ext/session/tests/bug72562.phpt.
+ CVE-2016-6290
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: out of bounds read in exif_process_IFD_in_MAKERNOTE
+ debian/patches/CVE-2016-6291.patch: add more bounds checks to
ext/exif/exif.c.
+ CVE-2016-6291
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: NULL pointer dereference in exif_process_user_comment
+ debian/patches/CVE-2016-6292.patch: properly handle encoding in
ext/exif/exif.c.
+ CVE-2016-6292
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: locale_accept_from_http out-of-bounds access
+ debian/patches/CVE-2016-6294.patch: check length in
ext/intl/locale/locale_methods.c, added test to
ext/intl/tests/bug72533.phpt.
+ CVE-2016-6294
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: use after free vulnerability in SNMP with GC and
unserialize()
+ debian/patches/CVE-2016-6295.patch: add new handler to
ext/snmp/snmp.c, add test to ext/snmp/tests/bug72479.phpt.
+ CVE-2016-6295
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: heap buffer overflow in simplestring_addn
+ debian/patches/CVE-2016-6296.patch: prevent overflows in
ext/xmlrpc/libxmlrpc/simplestring.*.
+ CVE-2016-6296
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: integer overflow in php_stream_zip_opener
+ debian/patches/CVE-2016-6297.patch: use size_t in
ext/zip/zip_stream.c.
+ CVE-2016-6297
[ Fixed upstream in 7.0.10 ]
- debian/patches/fix_exif_tests.patch: fix exif test results after
security changes.
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service or code execution via crafted
serialized data
+ debian/patches/CVE-2016-7124.patch: fix unserializing logic in
ext/session/session.c, ext/standard/var_unserializer.c*,
ext/wddx/wddx.c, added tests to
ext/standard/tests/serialize/bug72663.phpt,
ext/standard/tests/serialize/bug72663_2.phpt,
ext/standard/tests/serialize/bug72663_3.phpt.
- CVE-2016-7124
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: arbitrary-type session data injection
+ debian/patches/CVE-2016-7125.patch: consume data even if not storing
in ext/session/session.c, added test to
ext/session/tests/bug72681.phpt.
+ CVE-2016-7125
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution in
imagegammacorrect function
+ debian/patches/CVE-2016-7127.patch: check gamma values in
ext/gd/gd.c, added test to ext/gd/tests/bug72730.phpt.
+ CVE-2016-7127
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: information disclosure via exif_process_IFD_in_TIFF
+ debian/patches/CVE-2016-7128.patch: properly handle thumbnails in
ext/exif/exif.c.
+ CVE-2016-7128
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
invalid ISO 8601 time value
+ debian/patches/CVE-2016-7129.patch: properly handle strings in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug72749.phpt.
+ CVE-2016-7129
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
invalid base64 binary value
+ debian/patches/CVE-2016-7130.patch: properly handle string in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug72750.phpt.
+ CVE-2016-7130
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
malformed wddxPacket XML document
+ debian/patches/CVE-2016-7131.patch: added checks to ext/wddx/wddx.c,
added tests to ext/wddx/tests/bug72790.phpt,
ext/wddx/tests/bug72799.phpt.
+ CVE-2016-7131
+ CVE-2016-7132
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
long pathname
+ debian/patches/CVE-2016-7133.patch: fix memory allocator in
Zend/zend_alloc.c.
+ CVE-2016-7133
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
long string and curl_escape call
+ debian/patches/CVE-2016-7134.patch: check both curl_escape and
curl_unescape in ext/curl/interface.c.
+ CVE-2016-7134
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
crafted field metadata in MySQL driver
+ debian/patches/CVE-2016-7412.patch: validate field length in
ext/mysqlnd/mysqlnd_wireprotocol.c.
+ CVE-2016-7412
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
malformed wddxPacket XML document
+ debian/patches/CVE-2016-7413.patch: fixed use-after-free in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug72860.phpt.
+ CVE-2016-7413
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
crafted PHAR archive
+ debian/patches/CVE-2016-7414.patch: validate signatures in
ext/phar/util.c, ext/phar/zip.c.
+ CVE-2016-7414
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
MessageFormatter::formatMessage call with a long first argument
+ debian/patches/CVE-2016-7416.patch: added locale length check to
ext/intl/msgformat/msgformat_format.c.
+ CVE-2016-7416
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service or code execution via crafted
serialized data
+ debian/patches/CVE-2016-7417.patch: added type check to
ext/spl/spl_array.c, added test to ext/spl/tests/bug73029.phpt, fix
test in ext/spl/tests/bug70068.phpt.
+ CVE-2016-7417
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
malformed wddxPacket XML document
+ debian/patches/CVE-2016-7418.patch: fix out-of-bounds read in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt.
+ CVE-2016-7418
[ Fixed upstream in 7.0.11 ]
Date: Mon, 14 Nov 2016 16:27:38 -0800
Changed-By: Nishanth Aravamudan <nish.aravamudan at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/php7.0/7.0.12-2ubuntu1
-------------- next part --------------
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 14 Nov 2016 16:27:38 -0800
Source: php7.0
Binary: libapache2-mod-php7.0 libphp7.0-embed php7.0 php7.0-cgi php7.0-cli php7.0-dev php7.0-fpm php7.0-phpdbg php7.0-xsl php7.0-odbc php7.0-readline php7.0-recode php7.0-sqlite3 php7.0-xml php7.0-zip php7.0-sybase php7.0-gd php7.0-gmp php7.0-ldap php7.0-common php7.0-intl php7.0-mysql php7.0-mcrypt php7.0-snmp php7.0-curl php7.0-json php7.0-pgsql php7.0-mbstring php7.0-enchant php7.0-opcache php7.0-imap php7.0-bcmath php7.0-tidy php7.0-soap php7.0-dba php7.0-interbase php7.0-xmlrpc php7.0-pspell php7.0-bz2
Architecture: source
Version: 7.0.12-2ubuntu1
Distribution: zesty
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Nishanth Aravamudan <nish.aravamudan at canonical.com>
Description:
libapache2-mod-php7.0 - server-side, HTML-embedded scripting language (Apache 2 module)
libphp7.0-embed - HTML-embedded scripting language (Embedded SAPI library)
php7.0 - server-side, HTML-embedded scripting language (metapackage)
php7.0-bcmath - Bcmath module for PHP
php7.0-bz2 - bzip2 module for PHP
php7.0-cgi - server-side, HTML-embedded scripting language (CGI binary)
php7.0-cli - command-line interpreter for the PHP scripting language
php7.0-common - documentation, examples and common module for PHP
php7.0-curl - CURL module for PHP
php7.0-dba - DBA module for PHP
php7.0-dev - Files for PHP7.0 module development
php7.0-enchant - Enchant module for PHP
php7.0-fpm - server-side, HTML-embedded scripting language (FPM-CGI binary)
php7.0-gd - GD module for PHP
php7.0-gmp - GMP module for PHP
php7.0-imap - IMAP module for PHP
php7.0-interbase - Interbase module for PHP
php7.0-intl - Internationalisation module for PHP
php7.0-json - JSON module for PHP
php7.0-ldap - LDAP module for PHP
php7.0-mbstring - MBSTRING module for PHP
php7.0-mcrypt - libmcrypt module for PHP
php7.0-mysql - MySQL module for PHP
php7.0-odbc - ODBC module for PHP
php7.0-opcache - Zend OpCache module for PHP
php7.0-pgsql - PostgreSQL module for PHP
php7.0-phpdbg - server-side, HTML-embedded scripting language (PHPDBG binary)
php7.0-pspell - pspell module for PHP
php7.0-readline - readline module for PHP
php7.0-recode - recode module for PHP
php7.0-snmp - SNMP module for PHP
php7.0-soap - SOAP module for PHP
php7.0-sqlite3 - SQLite3 module for PHP
php7.0-sybase - Sybase module for PHP
php7.0-tidy - tidy module for PHP
php7.0-xml - DOM, SimpleXML, WDDX, XML, and XSL module for PHP
php7.0-xmlrpc - XMLRPC-EPI module for PHP
php7.0-xsl - XSL module for PHP (dummy)
php7.0-zip - Zip module for PHP
Launchpad-Bugs-Fixed: 1641211
Changes:
php7.0 (7.0.12-2ubuntu1) zesty; urgency=medium
.
* Merge with Debian unstable (LP: #1641211). Remaining changes:
- Drop dh-php from Recommends to Suggests so it can be demoted to
universe (LP #1590623).
+ dh-php has gained a dependency on xml2 which is in universe.
* Drop:
- SECURITY UPDATE: proxy request header vulnerability (httpoxy)
+ debian/patches/CVE-2016-5385.patch: only use HTTP_PROXY from the
local environment in ext/standard/basic_functions.c, main/SAPI.c,
main/php_variables.c.
+ CVE-2016-5385
[ Fixed upstream in 7.0.9 ]
- SECURITY UPDATE: inadequate error handling in bzread()
+ debian/patches/CVE-2016-5399.patch: do not allow reading past error
read in ext/bz2/bz2.c.
+ CVE-2016-5399
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: integer overflow in the virtual_file_ex function
+ debian/patches/CVE-2016-6289.patch: properly check path_length in
Zend/zend_virtual_cwd.c.
+ CVE-2016-6289
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: use after free in unserialize() with unexpected
session deserialization
+ debian/patches/CVE-2016-6290.patch: destroy var_hash properly in
ext/session/session.c, added test to ext/session/tests/bug72562.phpt.
+ CVE-2016-6290
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: out of bounds read in exif_process_IFD_in_MAKERNOTE
+ debian/patches/CVE-2016-6291.patch: add more bounds checks to
ext/exif/exif.c.
+ CVE-2016-6291
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: NULL pointer dereference in exif_process_user_comment
+ debian/patches/CVE-2016-6292.patch: properly handle encoding in
ext/exif/exif.c.
+ CVE-2016-6292
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: locale_accept_from_http out-of-bounds access
+ debian/patches/CVE-2016-6294.patch: check length in
ext/intl/locale/locale_methods.c, added test to
ext/intl/tests/bug72533.phpt.
+ CVE-2016-6294
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: use after free vulnerability in SNMP with GC and
unserialize()
+ debian/patches/CVE-2016-6295.patch: add new handler to
ext/snmp/snmp.c, add test to ext/snmp/tests/bug72479.phpt.
+ CVE-2016-6295
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: heap buffer overflow in simplestring_addn
+ debian/patches/CVE-2016-6296.patch: prevent overflows in
ext/xmlrpc/libxmlrpc/simplestring.*.
+ CVE-2016-6296
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: integer overflow in php_stream_zip_opener
+ debian/patches/CVE-2016-6297.patch: use size_t in
ext/zip/zip_stream.c.
+ CVE-2016-6297
[ Fixed upstream in 7.0.10 ]
- debian/patches/fix_exif_tests.patch: fix exif test results after
security changes.
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service or code execution via crafted
serialized data
+ debian/patches/CVE-2016-7124.patch: fix unserializing logic in
ext/session/session.c, ext/standard/var_unserializer.c*,
ext/wddx/wddx.c, added tests to
ext/standard/tests/serialize/bug72663.phpt,
ext/standard/tests/serialize/bug72663_2.phpt,
ext/standard/tests/serialize/bug72663_3.phpt.
- CVE-2016-7124
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: arbitrary-type session data injection
+ debian/patches/CVE-2016-7125.patch: consume data even if not storing
in ext/session/session.c, added test to
ext/session/tests/bug72681.phpt.
+ CVE-2016-7125
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution in
imagegammacorrect function
+ debian/patches/CVE-2016-7127.patch: check gamma values in
ext/gd/gd.c, added test to ext/gd/tests/bug72730.phpt.
+ CVE-2016-7127
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: information disclosure via exif_process_IFD_in_TIFF
+ debian/patches/CVE-2016-7128.patch: properly handle thumbnails in
ext/exif/exif.c.
+ CVE-2016-7128
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
invalid ISO 8601 time value
+ debian/patches/CVE-2016-7129.patch: properly handle strings in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug72749.phpt.
+ CVE-2016-7129
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
invalid base64 binary value
+ debian/patches/CVE-2016-7130.patch: properly handle string in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug72750.phpt.
+ CVE-2016-7130
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
malformed wddxPacket XML document
+ debian/patches/CVE-2016-7131.patch: added checks to ext/wddx/wddx.c,
added tests to ext/wddx/tests/bug72790.phpt,
ext/wddx/tests/bug72799.phpt.
+ CVE-2016-7131
+ CVE-2016-7132
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
long pathname
+ debian/patches/CVE-2016-7133.patch: fix memory allocator in
Zend/zend_alloc.c.
+ CVE-2016-7133
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
long string and curl_escape call
+ debian/patches/CVE-2016-7134.patch: check both curl_escape and
curl_unescape in ext/curl/interface.c.
+ CVE-2016-7134
[ Fixed upstream in 7.0.10 ]
- SECURITY UPDATE: denial of service and possible code execution via
crafted field metadata in MySQL driver
+ debian/patches/CVE-2016-7412.patch: validate field length in
ext/mysqlnd/mysqlnd_wireprotocol.c.
+ CVE-2016-7412
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
malformed wddxPacket XML document
+ debian/patches/CVE-2016-7413.patch: fixed use-after-free in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug72860.phpt.
+ CVE-2016-7413
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
crafted PHAR archive
+ debian/patches/CVE-2016-7414.patch: validate signatures in
ext/phar/util.c, ext/phar/zip.c.
+ CVE-2016-7414
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
MessageFormatter::formatMessage call with a long first argument
+ debian/patches/CVE-2016-7416.patch: added locale length check to
ext/intl/msgformat/msgformat_format.c.
+ CVE-2016-7416
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service or code execution via crafted
serialized data
+ debian/patches/CVE-2016-7417.patch: added type check to
ext/spl/spl_array.c, added test to ext/spl/tests/bug73029.phpt, fix
test in ext/spl/tests/bug70068.phpt.
+ CVE-2016-7417
[ Fixed upstream in 7.0.11 ]
- SECURITY UPDATE: denial of service and possible code execution via
malformed wddxPacket XML document
+ debian/patches/CVE-2016-7418.patch: fix out-of-bounds read in
ext/wddx/wddx.c, added test to ext/wddx/tests/bug73065.phpt.
+ CVE-2016-7418
[ Fixed upstream in 7.0.11 ]
Checksums-Sha1:
447ffbcf37f9d2a6914b922da22681869e566156 5420 php7.0_7.0.12-2ubuntu1.dsc
4319808cefadbf812acbc830cfe8ca9967c712ac 12520004 php7.0_7.0.12.orig.tar.xz
9441964509f9a4634f78a5a93e97321cfec08050 105808 php7.0_7.0.12-2ubuntu1.debian.tar.xz
Checksums-Sha256:
45d814825c6524b5f2e96be42af79eacff1330986f4793928e97079fb57677a2 5420 php7.0_7.0.12-2ubuntu1.dsc
f3d6c49e1c242e5995dec15e503fde996c327eb86cd7ec45c690e93c971b83ff 12520004 php7.0_7.0.12.orig.tar.xz
1d7d8a65e3739b0c2eeed606ec4f3583a03397595f4fc177edc48b973d65ee98 105808 php7.0_7.0.12-2ubuntu1.debian.tar.xz
Files:
3a183dad8b60caf60f8003b01aa81700 5420 php optional php7.0_7.0.12-2ubuntu1.dsc
bdcc4dbdac90c2a39422786653059f70 12520004 php optional php7.0_7.0.12.orig.tar.xz
452b988f2ee39fc9383493e2aa5dd46c 105808 php optional php7.0_7.0.12-2ubuntu1.debian.tar.xz
Original-Maintainer: Debian PHP Maintainers <pkg-php-maint at lists.alioth.debian.org>
-----BEGIN PGP SIGNATURE-----
iQE7BAEBCAAlBQJYKlihHhxuaXNoLmFyYXZhbXVkYW5AY2Fub25pY2FsLmNvbQAK
CRADRGyeZjIE+GHMB/4rix49G/SW+pUCLzzJyw9nX2qSL/WXMEpuvZL+gYr0wAvu
fTn/DJ0K2BY41YDwiN/zCxJjpFJNM2J9IIQ7WRSOQ/4ilp3k9PSI74EVHtRK8vn5
snvOQ1HLHbCCJ17L6oFXo0pm5a1ujeVt9QHXLzA087UQoj35xUpzry2OiDyHkO2J
jibKGV8rw0XTARLQQeOr6WcBv8Qwe8sL7qIXmfUR4zTw9qGlVhYbYap2imulg0JR
RQ907Ctqbsn8wJRaESqtp+MSy9pL+/PUYIbitVmnbs/rtUDoawxWlh3llZYhAvc1
ALUUrBh3vZZhYrhujQi7wC6T9fqLzC8Uae1IaWfC
=Xabn
-----END PGP SIGNATURE-----
More information about the Zesty-changes
mailing list