Univention Bugzilla – Bug 51617
php7.0: Multiple issues (4.4)
Last modified: 2020-07-08 15:09:10 CEST
New Debian php7.0 7.0.33-0+deb9u8 fixes: This update addresses the following issues: * 2 integer wraparound when receiving multipart forms (CVE-2019-11048) * NULL pointer dereference in PHP session upload progress (CVE-2020-7062) * files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063) * information disclosure in exif_read_data() function (CVE-2020-7064) * information disclosure in function get_headers (CVE-2020-7066) * out-of-bounds read when using a malformed url-encoded string (CVE-2020-7067)
--- mirror/ftp/4.4/unmaintained/4.4-4/source/php7.0_7.0.33-0+deb9u7.dsc +++ apt/ucs_4.4-0-errata4.4-4/source/php7.0_7.0.33-0+deb9u8.dsc @@ -1,3 +1,33 @@ +7.0.33-0+deb9u8 [Sun, 05 Jul 2020 08:34:50 +0200] Ondřej Surý <ondrej@debian.org>: + + * Backported from 7.2.28 + - DOM: + . Fixed bug #77569: (Write Access Violation in DomImplementation). + - Phar: + . Fixed bug #79082 (Files added to tar with Phar::buildFromIterator + have all-access permissions). (CVE-2020-7063) + - Session: + . Fixed bug #79221 (Null Pointer Dereference in PHP Session Upload + Progress). (CVE-2020-7062) + * Backported from 7.2.29 + - Core: + . Fixed bug #79329 (get_headers() silently truncates after a null + byte) (CVE-2020-7066) + - EXIF: + . Fixed bug #79282 (Use-of-uninitialized-value in exif) + (CVE-2020-7064) + * Backported from 7.2.30 + - Standard: + . Fixed bug #79330 (shell_exec silently truncates after a null byte). + . Fixed bug #79465 (OOB Read in urldecode). (CVE-2020-7067) + * Backported from 7.2.31 + - Core: + . Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). + (CVE-2019-11048) + . Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp + files are not cleaned). (CVE-2019-11048) + * Add upstream patch to fix bug #76895 + 7.0.33-0+deb9u7 [Sun, 16 Feb 2020 16:11:40 +0100] Ondřej Surý <ondrej@debian.org>: * Use mysqld --initialize-insecure for MySQL 8.0 (for Ubuntu 19.10) <http://10.200.17.11/4.4-4/#1523152681864664943>
OK: yaml OK: announce_errata OK: patch OK: piuparts [4.4-4] 1e35d09e5d Bug #51617: php7.0 7.0.33-0+deb9u8 doc/errata/staging/php7.0.yaml | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+)
<http://errata.software-univention.de/ucs/4.4/651.html>