*** This bug is a security vulnerability *** Public security bug reported:
Upstream has put out many more microversions addressing security issues and other bug fixes. Here is a list of the CVEs addressed by those: PHP 7.0.32 / 7.2.10 (13 Sep 2018): * https://bugs.php.net/bug.php?id=76582 / https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-17082 PHP 7.2.9 (16 Aug 2018): * No CVE addressed PHP 7.0.31 / 7.2.8 (19 Jul 2018): * https://bugs.php.net/76423 / https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14883 * https://bugs.php.net/bug.php?id=76557 / https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14851 * https://bugs.php.net/bug.php?id=76459 / https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15132 (irrelevant: Windows only) PHP 7.2.8 (19 Jul 2018): * https://bugs.php.net/bug.php?id=76409 / https://cve.mitre.org/cgi- bin/cvename.cgi?name=CVE-2018-12882 Changelog: https://secure.php.net/ChangeLog-7.php ** Affects: php7.0 (Ubuntu) Importance: Undecided Status: New ** Affects: php7.2 (Ubuntu) Importance: Undecided Status: New ** Information type changed from Private Security to Public Security ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-12882 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-14851 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-14883 ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2018-17082 ** Also affects: php7.2 (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1792987 Title: [MRE] Please update to latest upstream release 7.0.32 / 7.2.10 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php7.0/+bug/1792987/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
