Description
In PHP versions 7.2.x below 7.2.26, 7.3.x below 7.3.13 and 7.4.0, PHP
bcmath extension functions on some systems, including Windows, can be
tricked into reading beyond the allocated space by supplying it with string
containing characters that are identified as numeric by the OS but aren't
ASCII numbers. This can read to disclosure of the content of some memory
locations.
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | released
(5.5.9+dfsg-1ubuntu4.29+esm8)
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 16.04 ESM: | released
(7.0.33-0ubuntu0.16.04.9)
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | released
(7.2.26)
|
Ubuntu 18.04 LTS: | released
(7.2.24-0ubuntu0.18.04.2)
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | released
(7.3.13)
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-13 13:36:51 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)