[ubuntu/noble-updates] php8.3 8.3.6-0ubuntu0.24.04.6 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jan 12 09:02:50 UTC 2026
php8.3 (8.3.6-0ubuntu0.24.04.6) noble-security; urgency=medium
* SECURITY UPDATE: Information leak of memory in getimagesize
- debian/patches/CVE-2025-14177.patch: fix php_read_stream_all_chunks()
in ext/standard/image.c
- CVE-2025-14177
* SECURITY UPDATE: Heap buffer overflow in array_merge()
- debian/patches/CVE-2025-14178.patch: check number of elements in
ext/standard/array.c
- CVE-2025-14178
* SECURITY UPDATE: NULL pointer dereference in PDO quoting
- debian/patches/CVE-2025-14180.patch: fix null pointer dereference in
ext/pdo/pdo_sql_parser.re
- CVE-2025-14180
Date: 2026-01-07 12:01:10.936740+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/php8.3/8.3.6-0ubuntu0.24.04.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the noble-changes
mailing list