Univention Bugzilla – Bug 50432
php7.0: Multiple issues (4.4)
Last modified: 2019-10-30 12:17:37 CET
New Debian php7.0 7.0.33-0+deb9u6 fixes: This update addresses the following issue: * php7.0 (CVE-2019-11043)
--- mirror/ftp/4.4/unmaintained/4.4-2/source/php7.0_7.0.33-0+deb9u5.dsc +++ apt/ucs_4.4-0-errata4.4-2/source/php7.0_7.0.33-0+deb9u6.dsc @@ -1,3 +1,10 @@ +7.0.33-0+deb9u6 [Thu, 24 Oct 2019 20:50:20 +0200] Ondřej Surý <ondrej@debian.org>: + + * Backported from 7.1.33 + - FPM: + . Fixed bug #78599 (env_path_info underflow in fpm_main.c can lead to + RCE). (CVE-2019-11043) + 7.0.33-0+deb9u5 [Wed, 18 Sep 2019 11:55:34 +0200] Ondřej Surý <ondrej@sury.org>: * Backported security fixes from PHP 7.1.29: <http://10.200.17.11/4.4-2/#1523152681871160093>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-2] 2e2735f518 Bug #50432: php7.0 7.0.33-0+deb9u6 doc/errata/staging/php7.0.yaml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) [4.4-2] aace281527 Bug #50432: php7.0 7.0.33-0+deb9u6 doc/errata/staging/php7.0.yaml | 12 ++++++++++++ 1 file changed, 12 insertions(+)
<http://errata.software-univention.de/ucs/4.4/325.html>