Description
In PHP versions 7.2.x below 7.2.33, 7.3.x below 7.3.21 and 7.4.x below
7.4.9, while processing PHAR files using phar extension, phar_parse_zipfile
could be tricked into accessing freed memory, which could lead to a crash
or information disclosure.
Package
| Upstream: | needs-triage
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 21.10: | DNE
|
| Ubuntu 22.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | released
(5.5.9+dfsg-1ubuntu4.29+esm14)
|
Patches:
Package
| Upstream: | needs-triage
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 21.10: | DNE
|
| Ubuntu 16.04 ESM: | released
(7.0.33-0ubuntu0.16.04.16+esm1)
|
| Ubuntu 22.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(7.2.33)
|
| Ubuntu 18.04 LTS: | released
(7.2.24-0ubuntu0.18.04.8)
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 21.10: | DNE
|
| Ubuntu 22.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | released
(7.4.9)
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | released
(7.4.3-4ubuntu2.5)
|
| Ubuntu 21.10: | DNE
|
| Ubuntu 22.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | needs-triage
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 21.10: | not-affected
(8.0.5-1ubuntu1)
|
| Ubuntu 22.04 LTS: | DNE
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Package
| Upstream: | needs-triage
|
| Ubuntu 18.04 LTS: | DNE
|
| Ubuntu 20.04 LTS: | DNE
|
| Ubuntu 21.10: | DNE
|
| Ubuntu 22.04 LTS: | not-affected
(8.1.0-1)
|
| Ubuntu 14.04 ESM: | DNE
|
Patches:
Updated: 2022-04-25 00:50:54 UTC (commit ecc1009cb19540b950de59270950018900f37f15)