Bugs fixes in "php7.4"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2022-31629 | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the | 2022-11-08 |
| CVE | CVE-2022-31628 | In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infini | 2022-11-08 |
| Launchpad | 1989196 | Fix PHP_EXTRA_VERSION setting | 2022-10-21 |
| Launchpad | 1989196 | Fix PHP_EXTRA_VERSION setting | 2022-10-21 |
| Launchpad | 1882279 | PHP built from source performs much better than the Ubuntu packaged version | 2022-09-05 |
| Launchpad | 1882279 | PHP built from source performs much better than the Ubuntu packaged version | 2022-09-05 |
| Launchpad | 1882279 | PHP built from source performs much better than the Ubuntu packaged version | 2022-08-24 |
| Launchpad | 1882279 | PHP built from source performs much better than the Ubuntu packaged version | 2022-08-24 |
| Launchpad | 1968228 | RTD collision with opcache | 2022-06-14 |
| Launchpad | 1968228 | RTD collision with opcache | 2022-06-14 |
| Launchpad | 1968228 | RTD collision with opcache | 2022-06-01 |
| Launchpad | 1968228 | RTD collision with opcache | 2022-06-01 |
| CVE | CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode | 2022-03-03 |
| CVE | CVE-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other | 2022-03-03 |
| CVE | CVE-2017-9119 | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application | 2022-03-03 |
| CVE | CVE-2017-9118 | PHP 7.1.5 has an Out of bounds access in php_pcre_replace_impl via a crafted preg_replace call. | 2022-03-03 |
| CVE | CVE-2017-8923 | The zend_string_extend function in Zend/zend_string.h in PHP through 7.1.5 does not prevent changes to string objects that result in a negative lengt | 2022-03-03 |
| CVE | CVE-2021-21707 | In PHP versions 7.3.x below 7.3.33, 7.4.x below 7.4.26 and 8.0.x below 8.0.13, certain XML parsing functions, like simplexml_load_file(), URL-decode | 2022-03-03 |
| CVE | CVE-2017-9120 | PHP 7.x through 7.1.5 allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other | 2022-03-03 |
| CVE | CVE-2017-9119 | The i_zval_ptr_dtor function in Zend/zend_variables.h in PHP 7.1.5 allows attackers to cause a denial of service (memory consumption and application | 2022-03-03 |
About
-
Send Feedback to @ubuntu_updates
