TTCSIRT-221.080619: TT-CSIRT Advisory – PHP Security Updates
PHP has released a security update stating that it has discovered the following issues in PHP7 –
a) Bug #78256 – Heap-buffer-overflow on exif_process_user_comment.
b) Bug #78222 – Heap-buffer-overflow on exif_scan_thumbnail.
c) Bug #78039 – FTP with SSL memory leak.
d) Bug #78279 – libxml_disable_entity_loader settings is shared between requests cgi-fcgi.
e) Bug #76058 – After “POST data can’t be buffered”, using php://input makes huge tmp files.
f) Bug #78231 – Segmentation fault upon stream_socket_accept of exported socket-to-stream.
g) Bug #78341 – Failure to detect smart branch in DFA pass.
h) Bug #78189 – File cache strips last character of uname hash.
i) Bug #78202 – Opcache stats for cache hits are capped at 32bit NUM.
j) Bug #78271 – Invalid result of if-else.
k) Bug #78291 – opcache_get_configuration doesn’t list all directives.
l) Bug #78338 – Array cross-border reading in PCRE.
m) Bug #78197 – PCRE2 version check in configure fails for “##.##-xxx” version strings.
n) Bug #78192 – SegFault when reuse statement after schema has changed.
o) Bug #77919 – Potential UAF in Phar RSHUTDOWN.
Successfully exploiting the most severe of these vulnerabilities could allow for arbitrary code execution in the context of the affected application.
| Further information on these vulnerabilities and how they can be mitigated can be found at https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php-could-allow-for-arbitrary-code-execution_2019-077/ |