RLSA-2020:3662

Import Source
https://storage.googleapis.com/resf-osv-data/RLSA-2020:3662.json
Related
Published
2020-09-08T08:38:31Z
Modified
2023-02-02T13:07:45.364217Z
Summary
Moderate: php:7.3 security, bug fix, and enhancement update
Details

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

The following packages have been upgraded to a later upstream version: php (7.3.20). (BZ#1856655)

Security Fix(es):

  • php: Out-of-bounds read due to integer overflow in iconvmimedecode_headers() (CVE-2019-11039)

  • php: Buffer over-read in exifreaddata() (CVE-2019-11040)

  • php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte (CVE-2019-11045)

  • php: Information disclosure in exifreaddata() (CVE-2019-11047)

  • php: Integer wraparounds when receiving multipart forms (CVE-2019-11048)

  • oniguruma: Use-after-free in onignewdeluxe() in regext.c (CVE-2019-13224)

  • oniguruma: NULL pointer dereference in match_at() in regexec.c (CVE-2019-13225)

  • oniguruma: Stack exhaustion in regcomp.c because of recursion in regparse.c (CVE-2019-16163)

  • oniguruma: Heap-based buffer over-read in function gb18030mbcenc_len in file gb18030.c (CVE-2019-19203)

  • oniguruma: Heap-based buffer over-read in function fetchintervalquantifier in regparse.c (CVE-2019-19204)

  • pcre: Out of bounds read in JIT mode when \X is used in non-UTF mode (CVE-2019-20454)

  • php: Out of bounds read in phpstriptags_ex (CVE-2020-7059)

  • php: Global buffer-overflow in mbflfiltconvbig5wchar function (CVE-2020-7060)

  • php: NULL pointer dereference in PHP session upload progress (CVE-2020-7062)

  • php: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)

  • php: Information disclosure in exifreaddata() function (CVE-2020-7064)

  • php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution (CVE-2020-7065)

  • php: Heap buffer over-read in exifscanthumbnail() (CVE-2019-11041)

  • php: Heap buffer over-read in exifprocessuser_comment() (CVE-2019-11042)

  • php: Out of bounds read when parsing EXIF information (CVE-2019-11050)

  • oniguruma: Heap-based buffer overflow in strlowercase_match in regexec.c (CVE-2019-19246)

  • php: Information disclosure in function get_headers (CVE-2020-7066)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

Rocky Linux:8 / libzip

Package

Name
libzip

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.5.2-1.module+el8.4.0+414+2e7afcdd

Rocky Linux:8 / php

Package

Name
php

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:7.3.20-1.module+el8.4.0+414+2e7afcdd

Rocky Linux:8 / php-pear

Package

Name
php-pear

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
1:1.10.9-1.module+el8.4.0+414+2e7afcdd

Rocky Linux:8 / php-pecl-apcu

Package

Name
php-pecl-apcu

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:5.1.17-1.module+el8.4.0+414+2e7afcdd

Rocky Linux:8 / php-pecl-rrd

Package

Name
php-pecl-rrd

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.0.1-1.module+el8.4.0+414+2e7afcdd

Rocky Linux:8 / php-pecl-xdebug

Package

Name
php-pecl-xdebug

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:2.8.0-1.module+el8.4.0+414+2e7afcdd

Rocky Linux:8 / php-pecl-zip

Package

Name
php-pecl-zip

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0The exact introduced commit is unknown
Fixed
0:1.15.4-1.module+el8.4.0+414+2e7afcdd