UbuntuUpdates.org

Bugs fixes in "php7.4"

Origin Bug number Title Date fixed
CVE CVE-2022-37454 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute 2022-11-08
CVE CVE-2022-31629 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the 2022-11-08
CVE CVE-2022-31628 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini 2022-11-08
CVE CVE-2022-37454 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute 2022-11-08
CVE CVE-2022-31629 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the 2022-11-08
CVE CVE-2022-31628 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini 2022-11-08
CVE CVE-2022-37454 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute 2022-11-08
CVE CVE-2022-31629 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the 2022-11-08
CVE CVE-2022-31628 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini 2022-11-08
CVE CVE-2022-37454 The Keccak XKCP SHA-3 reference implementation before fdc6fef has an integer overflow and resultant buffer overflow that allows attackers to execute 2022-11-08
CVE CVE-2022-31629 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the 2022-11-08
CVE CVE-2022-31628 In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini 2022-11-08
Launchpad 1989196 Fix PHP_EXTRA_VERSION setting 2022-10-21
Launchpad 1989196 Fix PHP_EXTRA_VERSION setting 2022-10-21
Launchpad 1882279 PHP built from source performs much better than the Ubuntu packaged version 2022-09-05
Launchpad 1882279 PHP built from source performs much better than the Ubuntu packaged version 2022-09-05
Launchpad 1882279 PHP built from source performs much better than the Ubuntu packaged version 2022-08-24
Launchpad 1882279 PHP built from source performs much better than the Ubuntu packaged version 2022-08-24
Launchpad 1968228 RTD collision with opcache 2022-06-14
Launchpad 1968228 RTD collision with opcache 2022-06-14



About   -   Send Feedback to @ubuntu_updates