Bug 28037

Summary: PHP 7.4.14 (fixes CVE-2020-7071)
Product: Mageia Reporter: Marc Krämer <mageia>
Component: BackportsAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: ouaurelien, sysadmin-bugs
Version: 7Keywords: validated_backport
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA7-64-OK
Source RPM: php-7.4.12-1.mga7.src.rpm CVE:
Status comment:
Bug Depends on: 28036    
Bug Blocks:    

Description Marc Krämer 2021-01-07 19:17:53 CET 
PHP 7.4.14 fixes:
Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid userinfo). (CVE-2020-7071)

and many other bugs more.
Marc Krämer 2021-01-07 19:18:24 CET

Depends on: (none) => 28036

David Walser 2021-01-07 20:44:33 CET

Source RPM: php-7.4 => php-7.4.12-1.mga7.src.rpm
Summary: PHP: Security issue => PHP 7.4.14 (fixes CVE-2020-7071)

Comment 1 Marc Krämer 2021-01-07 20:48:00 CET 
Suggested advisory:
========================

Updated php to fix security vulnerabilities
========================

Updated packages in core/backpors_testing:
apache-mod_php-7.4.14-1.mga7
php-bcmath-7.4.14-1.mga7
php-bz2-7.4.14-1.mga7
php-calendar-7.4.14-1.mga7
php-cgi-7.4.14-1.mga7
php-cli-7.4.14-1.mga7
php-ctype-7.4.14-1.mga7
php-curl-7.4.14-1.mga7
php-dba-7.4.14-1.mga7
php-devel-7.4.14-1.mga7
php-doc-7.4.14-1.mga7
php-dom-7.4.14-1.mga7
php-enchant-7.4.14-1.mga7
php-exif-7.4.14-1.mga7
php-fileinfo-7.4.14-1.mga7
php-filter-7.4.14-1.mga7
php-fpm-7.4.14-1.mga7
php-fpm-apache-7.4.14-1.mga7
php-ftp-7.4.14-1.mga7
php-gd-7.4.14-1.mga7
php-gettext-7.4.14-1.mga7
php-gmp-7.4.14-1.mga7
php-iconv-7.4.14-1.mga7
php-imap-7.4.14-1.mga7
php-ini-7.4.14-1.mga7
php-intl-7.4.14-1.mga7
php-json-7.4.14-1.mga7
php-ldap-7.4.14-1.mga7
php-mbstring-7.4.14-1.mga7
php-mysqli-7.4.14-1.mga7
php-mysqlnd-7.4.14-1.mga7
php-odbc-7.4.14-1.mga7
php-opcache-7.4.14-1.mga7
php-openssl-7.4.14-1.mga7
php-pcntl-7.4.14-1.mga7
php-pdo-7.4.14-1.mga7
php-pdo_dblib-7.4.14-1.mga7
php-pdo_firebird-7.4.14-1.mga7
php-pdo_mysql-7.4.14-1.mga7
php-pdo_odbc-7.4.14-1.mga7
php-pdo_pgsql-7.4.14-1.mga7
php-pdo_sqlite-7.4.14-1.mga7
php-pgsql-7.4.14-1.mga7
php-phar-7.4.14-1.mga7
php-posix-7.4.14-1.mga7
php-readline-7.4.14-1.mga7
php-session-7.4.14-1.mga7
php-shmop-7.4.14-1.mga7
php-snmp-7.4.14-1.mga7
php-soap-7.4.14-1.mga7
php-sockets-7.4.14-1.mga7
php-sodium-7.4.14-1.mga7
php-sqlite3-7.4.14-1.mga7
php-sysvmsg-7.4.14-1.mga7
php-sysvsem-7.4.14-1.mga7
php-sysvshm-7.4.14-1.mga7
php-tidy-7.4.14-1.mga7
php-tokenizer-7.4.14-1.mga7
php-xmlreader-7.4.14-1.mga7
php-xmlrpc-7.4.14-1.mga7
php-xmlwriter-7.4.14-1.mga7
php-xsl-7.4.14-1.mga7
php-zip-7.4.14-1.mga7
php-zlib-7.4.14-1.mga7
phpdbg-7.4.14-1.mga7

SRPM:
php-7.4.14-1.mga7.src.rpm
Marc Krämer 2021-01-08 01:55:01 CET

Assignee: mageia => qa-bugs

Comment 2 Aurelien Oudelet 2021-01-17 16:14:38 CET 
Installation over latest php-7.3 updates.
Run a local wordpress CMS.
No errors.
Validating backport.

CC: (none) => ouaurelien
Keywords: (none) => validated_backport
Whiteboard: (none) => MGA7-64-OK

Comment 3 Aurelien Oudelet 2021-01-23 10:16:11 CET 
Please push it.

CC: (none) => sysadmin-bugs

Comment 4 Thomas Backlund 2021-01-24 00:57:01 CET 
packages are moved

Resolution: (none) => FIXED
Status: NEW => RESOLVED