USN-3702-2

See a problem?

Source

https://ubuntu.com/security/notices/USN-3702-2

Import Source

https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-3702-2.json

JSON Data

https://api.osv.dev/v1/vulns/USN-3702-2

Related

Published

2018-07-05T12:14:49.091979Z

Modified

2018-07-05T12:14:49.091979Z

Summary

php7.2 vulnerability

Details

USN-3702-1 fixed a vulnerability in PHP. PHP 7.2.7 did not actually include the fix for CVE-2018-12882. This update adds a backported patch to correct the issue.

We apologize for the inconvenience.

Original advisory details:

It was discovered that PHP incorrectly handled exif tags in certain images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code.

References

Affected packages

Ubuntu:18.04:LTS / php7.2

Package

Name: php7.2
Purl: pkg:deb/ubuntu/php7.2@7.2.7-0ubuntu0.18.04.2?arch=src?distro=bionic

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

7.2.7-0ubuntu0.18.04.2

Affected versions

7.*

7.2.1-1ubuntu2

7.2.2-1ubuntu1

7.2.2-1ubuntu2

7.2.3-1ubuntu1

7.2.5-0ubuntu0.18.04.1

7.2.7-0ubuntu0.18.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "binaries": [
        {
            "php7.2-opcache-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "libapache2-mod-php7.2": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-opcache": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-sybase": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-bz2": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-odbc": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-recode": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-phpdbg": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-phpdbg-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "libapache2-mod-php7.2-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-mysql-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-sqlite3-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-sqlite3": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-tidy": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-json": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-curl-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-dba-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-sybase-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-common-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-zip": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-interbase-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-common": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-xml-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-xml": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-fpm-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-mysql": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-tidy-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-imap": "7.2.7-0ubuntu0.18.04.2",
            "libphp7.2-embed": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-ldap-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-gd": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-cgi-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-soap": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-bz2-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-recode-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-ldap": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-gd-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-mbstring": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-mbstring-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-intl-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-intl": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-cli-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-pspell": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-gmp": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-dev": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-bcmath": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-snmp": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-pspell-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-soap-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-pgsql": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-interbase": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-snmp-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-cgi": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-odbc-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-gmp-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-xmlrpc": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-curl": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-imap-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-readline-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-fpm": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-cli": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-xsl": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-enchant-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-zip-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-dba": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-pgsql-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-json-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-bcmath-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-readline": "7.2.7-0ubuntu0.18.04.2",
            "libphp7.2-embed-dbgsym": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-enchant": "7.2.7-0ubuntu0.18.04.2",
            "php7.2-xmlrpc-dbgsym": "7.2.7-0ubuntu0.18.04.2"
        }
    ]
}