I don't know if a CVE was generated or not, I'm only going off the information at
https://www.cisecurity.org/advisory/multiple-vulnerabilities-in-php- could-allow-for-arbitrary-code-execution_2017-093/ Steven Lindsey Sr. Systems Administrator RPI Computer Science On 10/13/2017 03:41 PM, Nish Aravamudan wrote: > Thank Tyler :) > > Steven, > > a) The patched version from Ondrej's repo is not an official, nor > supported version, it's irrelevant to this discussion. > > b) If you can provide the CVEs that Tyler asked for, then a security > update will occur. > > c) We do have an MRE for PHP7.0 (probably also for PHP7.1 by the same > logic) and I plan on submitting an update to the latest PHP7.0 upstream > in the next week or two. But that will only be present in -updates, not > -security unless b) is addressed. > > Sorry for the delay on my end in replying to this bug. > -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1721607 Title: please update to latest upstream release 7.0.24 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php7.0/+bug/1721607/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
