FS#69242 : [php] [Security] insufficient validation (CVE-2020-7071)

FS#69242 - [php] [Security] insufficient validation (CVE-2020-7071)

Attached to Project: Arch Linux
Opened by Jonas Witschel (diabonas) - Thursday, 07 January 2021, 18:12 GMT
Last edited by Andreas Radke (AndyRTR) - Wednesday, 21 April 2021, 11:39 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	No-one
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Summary
=======

The package php is vulnerable to insufficient validation via CVE-2020-7071.

Guidance
========

Updating to version 8.0.1 or to version 7.4.14 from the previous stable series fixes the issue.

References
==========

https://security.archlinux.org/AVG-1415
https://bugs.php.net/bug.php?id=77423
https://git.php.net/?p=php-src.git;a=commitdiff;h=b7f837381ef642d7fb369bfd0069e7525d4c22ea
https://git.php.net/?p=php-src.git;a=commitdiff;h=5346d0ae69f290c7704a39cd10a574a2d661f05a
https://git.php.net/?p=php-src.git;a=commitdiff;h=d4f5aed22193106271510efd643ba8f349b7d85f

This task depends upon

Closed by Andreas Radke (AndyRTR)
Wednesday, 21 April 2021, 11:39 GMT
Reason for closing: Fixed
Additional comments about closing: 7.4.14-1

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#69242 - [php] [Security] insufficient validation (CVE-2020-7071)

Details

Loading...