CVE-2018-19935 (retired)

Priority
Description
ext/imap/php_imap.c in PHP 5.x and 7.x before 7.3.0 allows remote attackers
to cause a denial of service (NULL pointer dereference and application
crash) via an empty string in the message argument to the imap_mail
function.
Notes
mdeslaurphp5 in precise and trusty doesn't build imap, it is in a
separate php-imap source package.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Source: php5 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Package
Upstream:released (7.0.33)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):released (7.0.33-0ubuntu0.16.04.1)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
Package
Upstream:released (7.2.14)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):released (7.2.15-0ubuntu0.18.04.1)
Ubuntu 19.04 (Disco Dingo):released (7.2.15-0ubuntu2)
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
Package
Upstream:released (7.3.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 19.04 (Disco Dingo):not-affected (7.3.0-2)
Patches:
Upstream:https://git.php.net/?p=php-src.git;a=commit;h=648fc1e369fc05fb9200a42c7938912236b2a318
Binaries built from this source package are in universe and so are supported by the community. For more details see https://wiki.ubuntu.com/SecurityTeam/FAQ#Official_Support
More Information

Updated: 2019-10-09 08:03:47 UTC (commit 33aea848a182c0afcd0a3f927a01a7ecd9a061ee)