The latest PHP updates fix a worrying number of security issues. These from the zpstream changelog sound like being security relevant (for 7.0.9, but most issues affect all three version trees): Fixed bug #72513 (Stack-based buffer overflow vulnerability in virtual_file_ex). Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and applications). Fixed bug #72541 (size_t overflow lead to heap corruption). Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE). Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read access). Fixed bug #72519 (imagegif/output out-of-bounds access). Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()). Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine overflow). Fixed bug #72494 (imagecropauto out-of-bounds access). Fixed bug #72533 (locale_accept_from_http out-of-bounds access). Fixed bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) - oob read access). Fixed bug #72399 (Use-After-Free in MBString (search_re)). Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to heap overflow in mdecrypt_generic). Fixed bug #72306 (Heap overflow through proc_open and $env parameter). Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow). Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session Deserialization). Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and unserialize()). Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn simplestring.c). Fixed bug #72520 (Stack-based buffer overflow vulnerability in php_stream_zip_opener). This one https://www.evonide.com/how-we-broke-php-hacked-pornhub-and-earned-20000-dollar/ got a bit more public attention. Please bump. Not sure if 5.5.x should still be bumped or just declared to be deprecated, as it won't receive any further security updates.
(In reply to Hanno Boeck from comment #0) > The latest PHP updates fix a worrying number of security issues. > > These from the zpstream changelog sound like being security relevant (for > 7.0.9, but most issues affect all three version trees): > Fixed bug #72513 (Stack-based buffer overflow vulnerability in > virtual_file_ex). > Fixed bug #72573 (HTTP_PROXY is improperly trusted by some PHP libraries and > applications). > Fixed bug #72541 (size_t overflow lead to heap corruption). > Fixed bug #72603 (Out of bound read in exif_process_IFD_in_MAKERNOTE). > Fixed bug #72512 (gdImageTrueColorToPaletteBody allows arbitrary write/read > access). > Fixed bug #72519 (imagegif/output out-of-bounds access). > Fixed bug #72558 (Integer overflow error within _gdContributionsAlloc()). > Fixed bug #72482 (Ilegal write/read access caused by gdImageAALine overflow). > Fixed bug #72494 (imagecropauto out-of-bounds access). > Fixed bug #72533 (locale_accept_from_http out-of-bounds access). > Fixed bug #72405 (mb_ereg_replace - mbc_to_code (oniguruma) - oob read > access). > Fixed bug #72399 (Use-After-Free in MBString (search_re)). > Fixed bug #72551, bug #72552 (Incorrect casting from size_t to int lead to > heap overflow in mdecrypt_generic). > Fixed bug #72306 (Heap overflow through proc_open and $env parameter). > Fixed bug #72531 (ps_files_cleanup_dir Buffer overflow). > Fixed bug #72562 (Use After Free in unserialize() with Unexpected Session > Deserialization). > Fixed bug #72479 (Use After Free Vulnerability in SNMP with GC and > unserialize()). > Fixed bug #72606 (heap-buffer-overflow (write) simplestring_addn > simplestring.c). > Fixed bug #72520 (Stack-based buffer overflow vulnerability in > php_stream_zip_opener). > > This one > https://www.evonide.com/how-we-broke-php-hacked-pornhub-and-earned-20000- > dollar/ > got a bit more public attention. > > Please bump. Not sure if 5.5.x should still be bumped or just declared to be > deprecated, as it won't receive any further security updates. *** This bug has been marked as a duplicate of bug 589232 ***
