Mageia 8: MGASA-2021-0330 Moderate: Buffer Overflow and SSRF Fix
mageia
July 10, 2021
Updated php packages provides upstream 8.0.8 and fixes the following security vulnerabilities: - PDO_Firebird: * Fix Stack buffer overflow in firebird_info_cb (CVE-2021-21704)
Summary
Updated php packages provides upstream 8.0.8 and fixes the following
security vulnerabilities:
- PDO_Firebird:
* Fix Stack buffer overflow in firebird_info_cb (CVE-2021-21704).
* Fix SIGSEGV in firebird_handle_doer (CVE-2021-21704).
* Fix SIGSEGV in firebird_stmt_execute (CVE-2021-21704).
* Fix Crash while parsing blob data in firebird_fetch_blob
(CVE-2021-21704)
- Fix SSRF bypass in FILTER_VALIDATE_URL (CVE-2021-21705).
For other fixes in this update, see the referenced Changelog.
References
- https://bugs.mageia.org/show_bug.cgi?id=29094
- https://www.php.net/ChangeLog-8.php#8.0.8
- https://www.cve.org/CVERecord?id=CVE-2021-21704
- https://www.cve.org/CVERecord?id=CVE-2021-21705
Topics Covered
Resolution
SRPMS
- 8/core/php-8.0.8-1.1.mga8
PREVIOUS
NEXT
Publication date: 10 Jul 2021
URL: https://advisories.mageia.org/MGASA-2021-0330.html
Type: security
CVE: CVE-2021-21704,
CVE-2021-21705
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!