[ubuntu/eoan-security] php7.3 7.3.11-0ubuntu0.19.10.3 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Feb 17 18:25:33 UTC 2020
php7.3 (7.3.11-0ubuntu0.19.10.3) eoan-security; urgency=medium
* SECURITY UPDATE: Out of bounds read, buffer overflow and
heap use-after-free
- debian/patches/CVE-2020-7059-and-CVE-2020-7060.patch:
fix OOB read in php_strip_tags_ex in ext/standard/string.c
and added test ext/standard/tests/file/bug79099.phpt,
fix adding a check function
is_in_cp950_pua in ext/mbstring/libmbfl/filters/mbfilter_big5.c
and added test ext/mbstring/tests/bug79037.phpt,
fix use-after-free in session_create_id() and
added tests ext/session/tests/bug79091.phpt.
- CVE-2020-7059
- CVE-2020-7060
Date: 2020-02-12 19:37:16.549532+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/php7.3/7.3.11-0ubuntu0.19.10.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Eoan-changes
mailing list