[ubuntu/hirsute-security] php7.4 7.4.16-1ubuntu2.2 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Wed Oct 27 21:57:25 UTC 2021
php7.4 (7.4.16-1ubuntu2.2) hirsute-security; urgency=medium
* SECURITY UPDATE: Out of bounds read/write
- debian/patches/CVE-2021-21703.patch: The main change is to
store scoreboard procs directly to the variable sized
array rather than indirectly through the pointer in
sapi/fpm/fpm/fpm_children.c, sapi/fpm/fpm/fpm_request.c,
sapi/fpm/fpm/fpm_scoreboard.c, sapi/fpm/fpm/fpm_scoreboard.h,
sapi/fpm/fpm/fpm_status.c, sapi/fpm/fpm/fpm_worker_pool.c.
- CVE-2021-21703
Date: 2021-10-26 18:18:13.019816+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/php7.4/7.4.16-1ubuntu2.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hirsute-changes
mailing list