UbuntuUpdates.org

Package "php7.2-pspell"

Name: php7.2-pspell

Description:

pspell module for PHP

Latest version: 7.2.19-0ubuntu0.19.04.2
Release: disco (19.04)
Level: security
Repository: main
Head package: php7.2
Homepage: http://www.php.net/

Links

Save this URL for the latest version of "php7.2-pspell": https://www.ubuntuupdates.org/php7.2-pspell


Download "php7.2-pspell"


Other versions of "php7.2-pspell" in Disco

Repository Area Version
base main 7.2.15-0ubuntu3
updates main 7.2.19-0ubuntu0.19.04.2

Changelog

Version: 7.2.19-0ubuntu0.19.04.2 2019-08-13 19:07:17 UTC

  php7.2 (7.2.19-0ubuntu0.19.04.2) disco-security; urgency=medium

  * SECURITY UPDATE: Heap-buffer-overflow
    - debian/patches/CVE-2019-11041.patch: check Thumbnail.size in order
      to avoid an overflow in ext/exif.exif.c and adding test to
      ext/exif/tests/bug78222.phpt.
    - CVE-2019-11041
  * SECURITY UPDATE: Heap-buffer-overflow
    - debian/patches/CVE-2019-11042.patch: check ByteCount in order to
      avoid an overflow in ext/exif/exif.c and adding tests to
      ext/exif/tests/bug78256.phpt.
    - CVE-2019-11042

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 13 Aug 2019 08:45:23 -0300

Source diff to previous version
CVE-2019-11041 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x belo
CVE-2019-11042 When PHP EXIF extension is parsing EXIF information from an image, e.g. via exif_read_data() function, in PHP versions 7.1.x below 7.1.31, 7.2.x belo

Version: 7.2.19-0ubuntu0.19.04.1 2019-06-05 18:07:51 UTC

  php7.2 (7.2.19-0ubuntu0.19.04.1) disco-security; urgency=medium

  * Updated to 7.2.19 to fix multiple security issues.
    - CVE-2019-11036
    - CVE-2019-11039
    - CVE-2019-11040
  * Refreshed patches:
    - debian/patches/0039-hack-phpdbg-to-explicitly-link-with-libedit.patch

 -- Marc Deslauriers <email address hidden> Tue, 04 Jun 2019 10:44:42 -0400

Source diff to previous version
CVE-2019-11036 When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused to read past
CVE-2019-11039 Out-of-bounds read in iconv.c:_php_iconv_mime_decode() due to integer overflow
CVE-2019-11040 heap-buffer-overflow on php_jpg_get16

Version: 7.2.17-0ubuntu0.19.04.1 2019-04-23 13:06:28 UTC

  php7.2 (7.2.17-0ubuntu0.19.04.1) disco-security; urgency=medium

  * Updated to 7.2.17 to fix multiple security issues.
    - CVE-2019-11034
    - CVE-2019-11035
  * Refreshed patches:
    - debian/patches/0013-Add-support-for-use-of-the-system-timezone-database.patch
  * Removed patches included in new version:
    - debian/patches/0049-ext-intl-Use-pkg-config-to-detect-icu.patch
    - debian/patches/CVE-2019-9637.patch
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-1.patch
    - debian/patches/CVE-2019-9638-and-CVE-2019-9639-2.patch
    - debian/patches/CVE-2019-9640.patch
    - debian/patches/CVE-2019-9641.patch
    - debian/patches/CVE-2019-9675.patch

 -- Marc Deslauriers <email address hidden> Thu, 18 Apr 2019 14:01:25 -0400

CVE-2019-11034 When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past
CVE-2019-11035 When processing certain files, PHP EXIF extension in versions 7.1.x below 7.2.8, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past
CVE-2019-9637 An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. Due to the way rename() across filesystems is implemented,
CVE-2019-9638 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in ex
CVE-2019-9639 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in ex
CVE-2019-9640 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an Invalid Read in exif_pro
CVE-2019-9641 An issue was discovered in the EXIF component in PHP before 7.1.27, 7.2.x before 7.2.16, and 7.3.x before 7.3.3. There is an uninitialized read in ex
CVE-2019-9675 ** DISPUTED ** An issue was discovered in PHP 7.x before 7.1.27 and 7.3.x before 7.3.3. phar_tar_writeheaders_int in ext/phar/tar.c has a buffer over



About   -   Send Feedback to @ubuntu_updates