user/php7: multiple vulnerabilities
Bugzilla ID | 267 |
Alias(es) | CVE-2019-11048, CVE-2020-28948, CVE-2020-28949, CVE-2020-7067, CVE-2020-7068, CVE-2020-7069, CVE-2020-7070 |
Reporter | Max Rees (sroracle) |
Assignee | Max Rees (sroracle) |
Reported | 2020-04-20 18:55:36 -0500 |
Modified | 2020-11-24 17:44:39 -0600 |
Status | UNCONFIRMED |
Version | 1.0-RC1 |
Hardware | Adélie Linux / All |
Importance | --- / minor |
Package(s) | user/php7 |
Description
If
CHARSET_EBCDIC
is defined (usually, on systems with EBCDIC
encoding support), an Out-of-Bounds read can occur using a malformed
url-encoded string.
Fixed in >= 7.4.5:
Since we are not an EBCDIC system, low priority to fix.