Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#69242 - [php] [Security] insufficient validation (CVE-2020-7071)
Attached to Project:
Arch Linux
Opened by Jonas Witschel (diabonas) - Thursday, 07 January 2021, 18:12 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 21 April 2021, 11:39 GMT
Opened by Jonas Witschel (diabonas) - Thursday, 07 January 2021, 18:12 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 21 April 2021, 11:39 GMT
|
DetailsSummary
======= The package php is vulnerable to insufficient validation via CVE-2020-7071. Guidance ======== Updating to version 8.0.1 or to version 7.4.14 from the previous stable series fixes the issue. References ========== https://security.archlinux.org/AVG-1415 https://bugs.php.net/bug.php?id=77423 https://git.php.net/?p=php-src.git;a=commitdiff;h=b7f837381ef642d7fb369bfd0069e7525d4c22ea https://git.php.net/?p=php-src.git;a=commitdiff;h=5346d0ae69f290c7704a39cd10a574a2d661f05a https://git.php.net/?p=php-src.git;a=commitdiff;h=d4f5aed22193106271510efd643ba8f349b7d85f |
This task depends upon
Closed by Andreas Radke (AndyRTR)
Wednesday, 21 April 2021, 11:39 GMT
Reason for closing: Fixed
Additional comments about closing: 7.4.14-1
Wednesday, 21 April 2021, 11:39 GMT
Reason for closing: Fixed
Additional comments about closing: 7.4.14-1