ALT Linux Team

Branch p8 update on 2020-04-28

2020-04-28

ALT-BU-2020-3783-1

Branch p8 update bulletin.

ALT-PU-2020-1868-1

Package php7 updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1869-1

Package php7-curl updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1870-1

Package php7-openssl updated to version 7.2.30-alt1.1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1871-1

Package php7-pdo_mysql updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1872-1

Package php7-pgsql updated to version 7.2.30-alt1.2 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1873-1

Package php7-zip updated to version 7.2.30-alt1.1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1874-1

Package php7-xsl updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1875-1

Package php7-intl updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1876-1

Package php7-opcache updated to version 7.2.30-alt1.1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1877-1

Package php7-xmlrpc updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:

ALT-PU-2020-1878-1

Package php7-tidy updated to version 7.2.30-alt1 for branch p8 in task 250407.

Closed vulnerabilities

Published: 2020-04-14

BDU:2020-05806

Уязвимость функции urldecode() интерпретатора языка программирования PHP, связанная с чтением за допустимыми границами буфера данных, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (7.5) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
Published: 2020-04-28
Modified: 2024-11-21

CVE-2020-7067

In PHP versions 7.2.x below 7.2.30, 7.3.x below 7.3.17 and 7.4.x below 7.4.5, if PHP is compiled with EBCDIC support (uncommon), urldecode() function can be made to access locations past the allocated memory, due to erroneously using signed numbers as array indexes.

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top