PHP 5.6.40, 7.1.26, 7.2.14, 7.3.1: Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads to use-after-free). CVE-2016-10166 Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap). Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token). CVE pending Fixed bug #77371 (heap buffer overflow in mb regex functions - compile_string_node). CVE pending Fixed bug #77381 (heap buffer overflow in multibyte match_at). Fixed bug #77382 (heap buffer overflow due to incorrect length in expand_case_fold_string). Fixed bug #77385 (buffer overflow in fetch_token). Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode). Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code). Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext). CVE pending Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()). CVE pending Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code). CVE pending Fixed bug #77231 (Segfault when using convert.quoted-printable-encode filter). Fixed bug #77020 (null pointer dereference in imap_mail). CVE 2018-19935 Fixed bug #77153 (imap_open allows to run arbitrary shell commands via mailbox parameter). CVE 2018-19158 Fixed bug #77022 (PharData always creates new files with mode 0666). Fixed bug #77143 (Heap Buffer Overflow (READ: 4) in phar_parse_pharfile). CVE pending
Arches, please test and mark stable
sparc stable
amd64 stable
x86 stable
ia64 stable
ppc stable
ppc64 stable
arm stable
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db18122923e731149b45e8b246e957ac5224291e commit db18122923e731149b45e8b246e957ac5224291e Author: Tobias Klausmann <klausman@gentoo.org> AuthorDate: 2019-02-01 15:07:16 +0000 Commit: Tobias Klausmann <klausman@gentoo.org> CommitDate: 2019-02-01 16:49:53 +0000 dev-lang/php-7.1.26-r0: alpha stable Bug: http://bugs.gentoo.org/675182 Signed-off-by: Tobias Klausmann <klausman@gentoo.org> dev-lang/php/php-7.1.26.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3aecc4ae77ea1959a0fa63c9348c82653139127d commit 3aecc4ae77ea1959a0fa63c9348c82653139127d Author: Tobias Klausmann <klausman@gentoo.org> AuthorDate: 2019-02-01 14:59:36 +0000 Commit: Tobias Klausmann <klausman@gentoo.org> CommitDate: 2019-02-01 16:49:52 +0000 dev-lang/php-5.6.40-r0: alpha stable Bug: http://bugs.gentoo.org/675182 Signed-off-by: Tobias Klausmann <klausman@gentoo.org> dev-lang/php/php-5.6.40.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
For the record, php 7.0.33 is also affected and scheduled to be removed on Feb 10, 2019
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a103b9197c76ab7ff158ac5cc48e17a78c44dfdf commit a103b9197c76ab7ff158ac5cc48e17a78c44dfdf Author: Tobias Klausmann <klausman@gentoo.org> AuthorDate: 2019-02-01 17:10:26 +0000 Commit: Tobias Klausmann <klausman@gentoo.org> CommitDate: 2019-02-01 17:10:26 +0000 dev-lang/php-7.2.14-r0: alpha stable Bug: http://bugs.gentoo.org/675182 Signed-off-by: Tobias Klausmann <klausman@gentoo.org> dev-lang/php/php-7.2.14.ebuild | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41637f49b3a345f3183737bee81550d1645f8fcf commit 41637f49b3a345f3183737bee81550d1645f8fcf Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-02-01 17:26:32 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-02-01 17:26:32 +0000 dev-lang/php: Clean up security vulnerable versions Bug: https://bugs.gentoo.org/675182 Closes: https://bugs.gentoo.org/674372 Package-Manager: Portage-2.3.59, Repoman-2.3.12 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 3 - dev-lang/php/php-5.6.38.ebuild | 777 ----------------------------------------- dev-lang/php/php-7.1.22.ebuild | 729 -------------------------------------- dev-lang/php/php-7.2.10.ebuild | 741 --------------------------------------- 4 files changed, 2250 deletions(-)
This bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=41637f49b3a345f3183737bee81550d1645f8fcf commit 41637f49b3a345f3183737bee81550d1645f8fcf Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2019-02-01 17:26:32 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2019-02-01 17:26:32 +0000 dev-lang/php: Clean up security vulnerable versions Bug: https://bugs.gentoo.org/675182 Closes: https://bugs.gentoo.org/674372 Package-Manager: Portage-2.3.59, Repoman-2.3.12 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 3 - dev-lang/php/php-5.6.38.ebuild | 777 ----------------------------------------- dev-lang/php/php-7.1.22.ebuild | 729 -------------------------------------- dev-lang/php/php-7.2.10.ebuild | 741 --------------------------------------- 4 files changed, 2250 deletions(-)
*** Bug 678548 has been marked as a duplicate of this bug. ***
hppa done