[ubuntu/plucky-updates] php8.4 8.4.5-1ubuntu1.2 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Jan 12 09:02:56 UTC 2026
php8.4 (8.4.5-1ubuntu1.2) plucky-security; urgency=medium
* SECURITY UPDATE: Information leak of memory in getimagesize
- debian/patches/CVE-2025-14177.patch: fix php_read_stream_all_chunks()
in ext/standard/image.c
- CVE-2025-14177
* SECURITY UPDATE: Heap buffer overflow in array_merge()
- debian/patches/CVE-2025-14178.patch: check number of elements in
ext/standard/array.c
- CVE-2025-14178
* SECURITY UPDATE: NULL pointer dereference in PDO quoting
- debian/patches/CVE-2025-14180.patch: fix null pointer dereference in
ext/pdo/pdo_sql_parser.re
- CVE-2025-14180
Date: 2026-01-07 12:00:41.662456+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/php8.4/8.4.5-1ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the plucky-changes
mailing list