user/php7: multiple vulnerabilities
| Bugzilla ID | 267 |
| Alias(es) | CVE-2019-11048, CVE-2020-28948, CVE-2020-28949, CVE-2020-7067, CVE-2020-7068, CVE-2020-7069, CVE-2020-7070 |
| Reporter | Max Rees (sroracle) |
| Assignee | Max Rees (sroracle) |
| Reported | 2020-04-20 18:55:36 -0500 |
| Modified | 2020-11-24 17:44:39 -0600 |
| Status | UNCONFIRMED |
| Version | 1.0-RC1 |
| Hardware | Adélie Linux / All |
| Importance | --- / minor |
| Package(s) | user/php7 |
Description
If
CHARSET_EBCDICis defined (usually, on systems with EBCDIC
encoding support), an Out-of-Bounds read can occur using a malformed
url-encoded string.
Fixed in >= 7.4.5:
Since we are not an EBCDIC system, low priority to fix.