ALT Linux Team

Branch p8 update on 2017-09-21

2017-09-21

ALT-BU-2017-3363-1

Branch p8 update bulletin.

ALT-PU-2017-2251-1

Package php7 updated to version 7.1.9-alt1.M80P.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2252-1

Package php7-curl updated to version 7.1.9-alt1.M80P.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2253-1

Package php7-openssl updated to version 7.1.9-alt1.M80P.1.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2254-1

Package php7-pgsql updated to version 7.1.9-alt1.M80P.1.2 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2255-1

Package php7-zip updated to version 7.1.9-alt1.M80P.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2256-1

Package php7-xsl updated to version 7.1.9-alt1.M80P.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2257-1

Package php7-intl updated to version 7.1.9-alt1.M80P.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2258-1

Package php7-opcache updated to version 7.1.9-alt1.M80P.1.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:

ALT-PU-2017-2259-1

Package php7-xmlrpc updated to version 7.1.9-alt1.M80P.1 for branch p8 in task 188389.

Closed vulnerabilities

Published: 2017-01-09

BDU:2017-02024

Уязвимость в ext/standard/var_unserializer.re гипертекстового процессора PHP, позволяющая нарушителю оказать неопределенное воздействие на целостность данных

Severity: HIGH (7.5)
References:
Published: 2017-08-18
Modified: 2024-11-21

CVE-2017-12932

ext/standard/var_unserializer.re in PHP 7.0.x through 7.0.22 and 7.1.x through 7.1.8 is prone to a heap use after free while unserializing untrusted data, related to improper use of the hash API for key deletion in a situation with an invalid array size. Exploitation of this issue can have an unspecified impact on the integrity of PHP.

Severity: CRITICAL (9.8) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.1
Back to top