CLSA-2021-1639681846

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2021-1639681846
Upstream
Published
2021-12-16T19:10:46Z
Modified
2026-06-04T10:04:25.346771486Z
Summary
Fix CVE(s): CVE-2020-7071, CVE-2020-7068, CVE-2021-21705, CVE-2021-21704, CVE-2021-21703, CVE-2021-21702
Details
  • SECURITY UPDATE: Process crash and information disclosure
    • debian/patches/CVE-2020-7068.patch: fix access-after-free for actual_alias pointer
    • CVE-2020-7068
  • SECURITY UPDATE: logic error due to invalid input validation
    • debian/patches/CVE-2020-7071.patch: add validation fo url->user field
    • CVE-2020-7071
  • SECURITY UPDATE: program crash due to null pointer dereference
    • debian/patches/CVE-2021-21702.patch: pass empty string instead for NULL pointers to soaperror1(). Check NULL pointer in attrisequalex() and nodeisequal_ex()
    • CVE-2021-21702
  • SECURITY UPDATE: integer overflow and subsequent incorrect buffer allocation
    • debian/patches/CVE-2021-21704.patch: add checks that prevent the overflow, replace strcat() with more secure strlcat()
    • CVE-2021-21704
  • SECURITY UPDATE: logic error due to incorrect input validation
    • debian/patches/CVE-2021-21705.patch: fix validation of url password with FILTERVALIDATEURL parameter,
    • CVE-2021-21705
  • SECURITY UPDATE: priv escalation due to shared memory between worker processes
    • debian/patches/CVE-2021-21703.patch: change scoreboard->proc type to array of structs and use scoreboard->nprocs only in child processes
    • CVE-2021-21703
References

Affected packages

TuxCare:Ubuntu:16.04
libapache2-mod-php7.0

Package

Name
libapache2-mod-php7.0
Purl
pkg:deb/tuxcare/libapache2-mod-php7.0?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
libphp7.0-embed

Package

Name
libphp7.0-embed
Purl
pkg:deb/tuxcare/libphp7.0-embed?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0

Package

Name
php7.0
Purl
pkg:deb/tuxcare/php7.0?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-bcmath

Package

Name
php7.0-bcmath
Purl
pkg:deb/tuxcare/php7.0-bcmath?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-bz2

Package

Name
php7.0-bz2
Purl
pkg:deb/tuxcare/php7.0-bz2?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-cgi

Package

Name
php7.0-cgi
Purl
pkg:deb/tuxcare/php7.0-cgi?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-cli

Package

Name
php7.0-cli
Purl
pkg:deb/tuxcare/php7.0-cli?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-common

Package

Name
php7.0-common
Purl
pkg:deb/tuxcare/php7.0-common?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-curl

Package

Name
php7.0-curl
Purl
pkg:deb/tuxcare/php7.0-curl?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-dba

Package

Name
php7.0-dba
Purl
pkg:deb/tuxcare/php7.0-dba?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-dev

Package

Name
php7.0-dev
Purl
pkg:deb/tuxcare/php7.0-dev?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-enchant

Package

Name
php7.0-enchant
Purl
pkg:deb/tuxcare/php7.0-enchant?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-fpm

Package

Name
php7.0-fpm
Purl
pkg:deb/tuxcare/php7.0-fpm?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-gd

Package

Name
php7.0-gd
Purl
pkg:deb/tuxcare/php7.0-gd?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-gmp

Package

Name
php7.0-gmp
Purl
pkg:deb/tuxcare/php7.0-gmp?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-imap

Package

Name
php7.0-imap
Purl
pkg:deb/tuxcare/php7.0-imap?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-interbase

Package

Name
php7.0-interbase
Purl
pkg:deb/tuxcare/php7.0-interbase?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-intl

Package

Name
php7.0-intl
Purl
pkg:deb/tuxcare/php7.0-intl?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-json

Package

Name
php7.0-json
Purl
pkg:deb/tuxcare/php7.0-json?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-ldap

Package

Name
php7.0-ldap
Purl
pkg:deb/tuxcare/php7.0-ldap?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-mbstring

Package

Name
php7.0-mbstring
Purl
pkg:deb/tuxcare/php7.0-mbstring?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-mcrypt

Package

Name
php7.0-mcrypt
Purl
pkg:deb/tuxcare/php7.0-mcrypt?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-mysql

Package

Name
php7.0-mysql
Purl
pkg:deb/tuxcare/php7.0-mysql?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-odbc

Package

Name
php7.0-odbc
Purl
pkg:deb/tuxcare/php7.0-odbc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-opcache

Package

Name
php7.0-opcache
Purl
pkg:deb/tuxcare/php7.0-opcache?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-pgsql

Package

Name
php7.0-pgsql
Purl
pkg:deb/tuxcare/php7.0-pgsql?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-phpdbg

Package

Name
php7.0-phpdbg
Purl
pkg:deb/tuxcare/php7.0-phpdbg?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-pspell

Package

Name
php7.0-pspell
Purl
pkg:deb/tuxcare/php7.0-pspell?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-readline

Package

Name
php7.0-readline
Purl
pkg:deb/tuxcare/php7.0-readline?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-recode

Package

Name
php7.0-recode
Purl
pkg:deb/tuxcare/php7.0-recode?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-snmp

Package

Name
php7.0-snmp
Purl
pkg:deb/tuxcare/php7.0-snmp?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-soap

Package

Name
php7.0-soap
Purl
pkg:deb/tuxcare/php7.0-soap?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-sqlite3

Package

Name
php7.0-sqlite3
Purl
pkg:deb/tuxcare/php7.0-sqlite3?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-sybase

Package

Name
php7.0-sybase
Purl
pkg:deb/tuxcare/php7.0-sybase?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-tidy

Package

Name
php7.0-tidy
Purl
pkg:deb/tuxcare/php7.0-tidy?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-xml

Package

Name
php7.0-xml
Purl
pkg:deb/tuxcare/php7.0-xml?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-xmlrpc

Package

Name
php7.0-xmlrpc
Purl
pkg:deb/tuxcare/php7.0-xmlrpc?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-xsl

Package

Name
php7.0-xsl
Purl
pkg:deb/tuxcare/php7.0-xsl?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"
php7.0-zip

Package

Name
php7.0-zip
Purl
pkg:deb/tuxcare/php7.0-zip?distro=ubuntu-16.04

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
7.0.33-0ubuntu0.16.04.17

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/ubuntu16.04els/CLSA-2021-1639681846.json"