Description
An issue was discovered in PHP before 7.1.27, 7.2.x before 7.2.16, and
7.3.x before 7.3.3. Due to the way rename() across filesystems is
implemented, it is possible that file being renamed is briefly available
with wrong permissions while the rename is ongoing, thus enabling
unauthorized users to access the data.
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | released
(5.5.9+dfsg-1ubuntu4.29)
|
Patches:
Package
Upstream: | needs-triage
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 16.04 ESM: | released
(7.0.33-0ubuntu0.16.04.3)
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | released
(7.2.16)
|
Ubuntu 18.04 LTS: | released
(7.2.15-0ubuntu0.18.04.2)
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
Upstream: | released
(7.3.3)
|
Ubuntu 18.04 LTS: | DNE
|
Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-13 14:01:32 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)