UbuntuUpdates.org

Package "php7.2"

Name: php7.2

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • HTML-embedded scripting language (Embedded SAPI library)
  • Bcmath module for PHP
  • bzip2 module for PHP
  • DBA module for PHP

Latest version: 7.2.15-0ubuntu0.18.10.2
Release: cosmic (18.10)
Level: security
Repository: universe

Links

Save this URL for the latest version of "php7.2": https://www.ubuntuupdates.org/php7.2



Other versions of "php7.2" in Cosmic

Repository Area Version
base main 7.2.10-0ubuntu1
base universe 7.2.10-0ubuntu1
security main 7.2.15-0ubuntu0.18.10.2
updates main 7.2.15-0ubuntu0.18.10.2
updates universe 7.2.15-0ubuntu0.18.10.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 7.2.15-0ubuntu0.18.10.2 2019-03-27 13:06:44 UTC

  php7.2 (7.2.15-0ubuntu0.18.10.2) cosmic-security; urgency=medium

  * SECURITY UPDATE: Unauthorized users access
    - debian/patches/CVE-2019-9637.patch: fix in
      main/streams/plain_wrapper.c.
    - CVE-2019-9637
  * SECURITY UPDATE: Invalid read in exif_process_IFD_MAKERNOTE
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-*.patch: fix in
      ext/exif/exif.c, added tests in ext/exif/tests/bug77563.jpg,
      ext/exif/tests/bug77563.phpt.
    - CVE-2019-9638
    - CVE-2019-9639
  * SECURITY UPDATE: Invalid read
    - debian/patches/CVE-2019-9640.patch: fix in
      ext/exif/exif.c, added tests in ext/exif/tests/bug77540.jpg,
      ext/exif/tests/bug77540.phpt.
    - CVE-2019-9640
  * SECURITY UPDATE: Unitialized read
    - debian/patches/CVE-2019-9641.patch: fix in ext/exif/exif.c.
    - CVE-2019-9641
  * SECURITY UPDATE: Buffer overflow
    - debian/patches/CVE-2019-9675.patch: fix in
      ext/phar/tar.c, added tests in ext/phar/tests/bug71488.phpt,
      ext/phar/tests/bug77586,phpt, ext/phar/tests/bug77586/files/*.

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 25 Mar 2019 13:02:58 -0300

Source diff to previous version
CVE-2019-9637 An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented,
CVE-2019-9638 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in ex
CVE-2019-9639 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in ex
CVE-2019-9640 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_pro
CVE-2019-9641 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in ex
CVE-2019-9675 ** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer over

Version: 7.2.15-0ubuntu0.18.10.1 2019-02-12 19:07:35 UTC

  php7.2 (7.2.15-0ubuntu0.18.10.1) cosmic-security; urgency=medium

  * SECURITY UPDATE: Update to 7.2.15 to fix security issues
    - CVE-2018-19935
    - CVE-2018-19518

 -- Mike Salvatore <email address hidden> Fri, 08 Feb 2019 09:54:22 -0500

CVE-2018-19935 ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers to cause a denial of service (NULL pointer dereference and application cr
CVE-2018-19518 University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_



About   -   Send Feedback to @ubuntu_updates