Skip to content

GitLab

  • Menu
Projects Groups Snippets
    • Loading...
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • Adélie Package Tree Adélie Package Tree
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 309
    • Issues 309
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 21
    • Merge requests 21
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Releases
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • Adélie Linux
  • Adélie Package TreeAdélie Package Tree
  • Issues
  • #267

Closed
Open
Created Apr 20, 2020 by Emily@emily🤖

user/php7: multiple vulnerabilities

Bugzilla ID 267
Alias(es) CVE-2019-11048, CVE-2020-28948, CVE-2020-28949, CVE-2020-7067, CVE-2020-7068, CVE-2020-7069, CVE-2020-7070
Reporter Max Rees (sroracle)
Assignee Max Rees (sroracle)
Reported 2020-04-20 18:55:36 -0500
Modified 2020-11-24 17:44:39 -0600
Status UNCONFIRMED
Version 1.0-RC1
Hardware Adélie Linux / All
Importance --- / minor
Package(s) user/php7

Description

If CHARSET_EBCDIC is defined (usually, on systems with EBCDIC
encoding support), an Out-of-Bounds read can occur using a malformed
url-encoded string.

Fixed in >= 7.4.5:

http://git.php.net/?p=php-src.git;a=commitdiff;h=9d6bf8221b05f86ce5875832f0f646c4c1f218be;hp=14fcc813948254b84f382ff537247d8a7e5e0e62

Since we are not an EBCDIC system, low priority to fix.

Assignee
Assign to
Time tracking