Summary: | <dev-lang/php-{7.2.26,7.3.13,7.4.1}: multiple vulnerabilities (CVE-2019-{11045,11046,11047,11049,11050}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | GLSAMaker/CVETool Bot <glsamaker> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | php-bugs |
Priority: | Normal | Flags: | stable-bot:
sanity-check+
|
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | B3 [noglsa] | ||
Package list: |
dev-lang/php-7.2.26
dev-lang/php-7.3.13
|
Runtime testing required: | --- |
Description
GLSAMaker/CVETool Bot
![]() Bcmath: Fixed bug https://bugs.php.net/bug.php?id=78878 (Buffer underflow in bc_shift_addsub). (CVE-2019-11046) Core: Fixed bug https://bugs.php.net/bug.php?id=78863 (DirectoryIterator class silently truncates after a null byte). (CVE-2019-11045) Fixed bug https://bugs.php.net/bug.php?id=78943 (mail() may release string with refcount==1 twice). (CVE-2019-11049). EXIF: Fixed bug https://bugs.php.net/bug.php?id=78793 (Use-after-free in exif parsing under memory sanitizer). (CVE-2019-11050) Fixed bug https://bugs.php.net/bug.php?id=78910 (Heap-buffer-overflow READ in exif). (CVE-2019-11047) amd64 stable x86 stable arm stable arm64 stable hppa/ia64 stable ppc stable ppc64 stable GLSA Vote: No! Repository is clean, all done! |