Package "php7.4"

Name: php7.4


This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • HTML-embedded scripting language (Embedded SAPI library)
  • Bcmath module for PHP
  • bzip2 module for PHP
  • DBA module for PHP

Latest version: 7.4.3-4ubuntu2.3
Release: focal (20.04)
Level: proposed
Repository: universe


Other versions of "php7.4" in Focal

Repository Area Version
base universe 7.4.3-4ubuntu1
base main 7.4.3-4ubuntu1
security main 7.4.3-4ubuntu2.2
security universe 7.4.3-4ubuntu2.2
updates main 7.4.3-4ubuntu2.2
updates universe 7.4.3-4ubuntu2.2
proposed main 7.4.3-4ubuntu2.3

Packages in group

Deleted packages are displayed in grey.


Version: 7.4.3-4ubuntu2.3 2020-09-15 23:06:23 UTC

  php7.4 (7.4.3-4ubuntu2.3) focal; urgency=medium

  * d/p/0041-Fix-79019-Copied-cURL-handles-upload-empty-file.patch,
    Fix issue with cURL causing chunked mode for file transfers.
    (LP: #1887826)

 -- Bryce Harrington <email address hidden> Thu, 03 Sep 2020 13:06:34 -0700

1887826 CURLFile POST missing Content-Length header

Version: *DELETED* 2020-06-05 17:07:32 UTC
No changelog for deleted or moved packages.

Version: 7.4.3-4ubuntu2.1 2020-05-22 23:07:16 UTC

  php7.4 (7.4.3-4ubuntu2.1) focal; urgency=medium

  * libapache2-mod-php.postinst.extra: Disable other mod-php versions.
    Fixes failure when upgrading from previous versions of mod-php.
    (LP: #1865218)

 -- Bryce Harrington <email address hidden> Tue, 21 Apr 2020 23:04:30 +0000

1865218 mod_php gets disabled during do-release-upgrade

Version: *DELETED* 2020-04-30 15:07:06 UTC
No changelog for deleted or moved packages.

Version: 7.4.3-4ubuntu2 2020-04-16 23:07:20 UTC

  php7.4 (7.4.3-4ubuntu2) focal; urgency=medium

  * SECURITY UPDATE: Read one byte of uninitialized memory
    - debian/patches/CVE-2020-7064.patch: check length in
      exif_process_TIFF_in_JPEG to avoid read uninitialized memory
      ext/exif/exif.c, ext/exif/tests/bug79282.phpt.
    - CVE-2020-7064
  * SECURITY UPDATE: Memory corruption, crash and potentially code execution
    - debian/patches/CVE-2020-7065.patch: make sure that negative values are
      properly compared in ext/mbstring/php_unicode.c,
    - CVE-2020-7065
  * SECURITY UPDATE: Truncated url due \0
    - debian/patches/CVE-2020-7066.patch: check for get_headers
      not accepting \0 in ext/standard/url.c.
    - CVE-2020-7066

 -- <email address hidden> (Leonidas S. Barbosa) Mon, 13 Apr 2020 09:32:06 -0300

CVE-2020-7064 In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while parsing EXIF data with exif_read_data() function, it is possible
CVE-2020-7065 In PHP versions 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while using mb_strtolower() function with UTF-32LE encoding, certain invalid strings could
CVE-2020-7066 In PHP versions 7.2.x below 7.2.9, 7.3.x below 7.3.16 and 7.4.x below 7.4.34, while using get_headers() with user-supplied URL, if the URL contains z

About   -   Send Feedback to @ubuntu_updates