[ubuntu/resolute-proposed] php8.4 8.4.11-1ubuntu3 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Mon Jan 12 12:21:59 UTC 2026
php8.4 (8.4.11-1ubuntu3) resolute; urgency=medium
* SECURITY UPDATE: Information leak of memory in getimagesize
- debian/patches/CVE-2025-14177.patch: fix php_read_stream_all_chunks()
in ext/standard/image.c
- CVE-2025-14177
* SECURITY UPDATE: Heap buffer overflow in array_merge()
- debian/patches/CVE-2025-14178.patch: check number of elements in
ext/standard/array.c
- CVE-2025-14178
* SECURITY UPDATE: NULL pointer dereference in PDO quoting
- debian/patches/CVE-2025-14180.patch: fix null pointer dereference in
ext/pdo/pdo_sql_parser.re
- CVE-2025-14180
Date: 2026-01-07 12:00:11.137601+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/php8.4/8.4.11-1ubuntu3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Resolute-changes
mailing list