new version released which closes #78599 (env_path_info underflow in fpm_main.c can lead to RCE). (CVE-2019-11043) #78633 (Heap buffer overflow (read) in mb_eregi). #78620 (Out of memory error). #78525 (Memory leak in pdo when reusing native prepared statements).
and #78272 (calling preg_match() before pcntl_fork() will freeze child process).
Suggested advisory: ======================== Updated php packages fix security vulnerabilities: - FPM (#78599) env_path_info underflow in fpm_main.c can lead to RCE. (CVE-2019-11043) - MBString (#78633) Heap buffer overflow (read) in mb_eregi. - Mysqlnd (#78525) Memory leak in pdo when reusing native prepared statements. - PCRE (#78272) calling preg_match() before pcntl_fork() will freeze child process. - Base (#78612) strtr leaks memory when integer keys are used and the subject string shorter. References: https://www.php.net/ChangeLog-7.php#7.3.11 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11043 https://bugs.php.net/bug.php?id=78272 Updated packages in core/updates_testing: ======================== php-ini-7.3.11-1.mga7 apache-mod_php-7.3.11-1.mga7 php-cli-7.3.11-1.mga7 php-cgi-7.3.11-1.mga7 libphp_common7-7.3.11-1.mga7 php-devel-7.3.11-1.mga7 php-openssl-7.3.11-1.mga7 php-zlib-7.3.11-1.mga7 php-doc-7.3.11-1.mga7 php-bcmath-7.3.11-1.mga7 php-bz2-7.3.11-1.mga7 php-calendar-7.3.11-1.mga7 php-ctype-7.3.11-1.mga7 php-curl-7.3.11-1.mga7 php-dba-7.3.11-1.mga7 php-dom-7.3.11-1.mga7 php-enchant-7.3.11-1.mga7 php-exif-7.3.11-1.mga7 php-fileinfo-7.3.11-1.mga7 php-filter-7.3.11-1.mga7 php-ftp-7.3.11-1.mga7 php-gd-7.3.11-1.mga7 php-gettext-7.3.11-1.mga7 php-gmp-7.3.11-1.mga7 php-hash-7.3.11-1.mga7 php-iconv-7.3.11-1.mga7 php-imap-7.3.11-1.mga7 php-interbase-7.3.11-1.mga7 php-intl-7.3.11-1.mga7 php-json-7.3.11-1.mga7 php-ldap-7.3.11-1.mga7 php-mbstring-7.3.11-1.mga7 php-mysqli-7.3.11-1.mga7 php-mysqlnd-7.3.11-1.mga7 php-odbc-7.3.11-1.mga7 php-opcache-7.3.11-1.mga7 php-pcntl-7.3.11-1.mga7 php-pdo-7.3.11-1.mga7 php-pdo_dblib-7.3.11-1.mga7 php-pdo_firebird-7.3.11-1.mga7 php-pdo_mysql-7.3.11-1.mga7 php-pdo_odbc-7.3.11-1.mga7 php-pdo_pgsql-7.3.11-1.mga7 php-pdo_sqlite-7.3.11-1.mga7 php-pgsql-7.3.11-1.mga7 php-phar-7.3.11-1.mga7 php-posix-7.3.11-1.mga7 php-readline-7.3.11-1.mga7 php-recode-7.3.11-1.mga7 php-session-7.3.11-1.mga7 php-shmop-7.3.11-1.mga7 php-snmp-7.3.11-1.mga7 php-soap-7.3.11-1.mga7 php-sockets-7.3.11-1.mga7 php-sodium-7.3.11-1.mga7 php-sqlite3-7.3.11-1.mga7 php-sysvmsg-7.3.11-1.mga7 php-sysvsem-7.3.11-1.mga7 php-sysvshm-7.3.11-1.mga7 php-tidy-7.3.11-1.mga7 php-tokenizer-7.3.11-1.mga7 php-xml-7.3.11-1.mga7 php-xmlreader-7.3.11-1.mga7 php-xmlrpc-7.3.11-1.mga7 php-xmlwriter-7.3.11-1.mga7 php-xsl-7.3.11-1.mga7 php-wddx-7.3.11-1.mga7 php-zip-7.3.11-1.mga7 php-fpm-7.3.11-1.mga7 phpdbg-7.3.11-1.mga7 php-debugsource-7.3.11-1.mga7 php-debuginfo-7.3.11-1.mga7 apache-mod_php-debuginfo-7.3.11-1.mga7 php-cli-debuginfo-7.3.11-1.mga7 php-cgi-debuginfo-7.3.11-1.mga7 libphp_common7-debuginfo-7.3.11-1.mga7 php-openssl-debuginfo-7.3.11-1.mga7 php-zlib-debuginfo-7.3.11-1.mga7 php-bcmath-debuginfo-7.3.11-1.mga7 php-bz2-debuginfo-7.3.11-1.mga7 php-calendar-debuginfo-7.3.11-1.mga7 php-ctype-debuginfo-7.3.11-1.mga7 php-curl-debuginfo-7.3.11-1.mga7 php-dba-debuginfo-7.3.11-1.mga7 php-dom-debuginfo-7.3.11-1.mga7 php-enchant-debuginfo-7.3.11-1.mga7 php-exif-debuginfo-7.3.11-1.mga7 php-fileinfo-debuginfo-7.3.11-1.mga7 php-filter-debuginfo-7.3.11-1.mga7 php-ftp-debuginfo-7.3.11-1.mga7 php-gd-debuginfo-7.3.11-1.mga7 php-gettext-debuginfo-7.3.11-1.mga7 php-gmp-debuginfo-7.3.11-1.mga7 php-hash-debuginfo-7.3.11-1.mga7 php-iconv-debuginfo-7.3.11-1.mga7 php-imap-debuginfo-7.3.11-1.mga7 php-interbase-debuginfo-7.3.11-1.mga7 php-intl-debuginfo-7.3.11-1.mga7 php-json-debuginfo-7.3.11-1.mga7 php-ldap-debuginfo-7.3.11-1.mga7 php-mbstring-debuginfo-7.3.11-1.mga7 php-mysqli-debuginfo-7.3.11-1.mga7 php-mysqlnd-debuginfo-7.3.11-1.mga7 php-odbc-debuginfo-7.3.11-1.mga7 php-opcache-debuginfo-7.3.11-1.mga7 php-pcntl-debuginfo-7.3.11-1.mga7 php-pdo-debuginfo-7.3.11-1.mga7 php-pdo_dblib-debuginfo-7.3.11-1.mga7 php-pdo_firebird-debuginfo-7.3.11-1.mga7 php-pdo_mysql-debuginfo-7.3.11-1.mga7 php-pdo_odbc-debuginfo-7.3.11-1.mga7 php-pdo_pgsql-debuginfo-7.3.11-1.mga7 php-pdo_sqlite-debuginfo-7.3.11-1.mga7 php-pgsql-debuginfo-7.3.11-1.mga7 php-phar-debuginfo-7.3.11-1.mga7 php-posix-debuginfo-7.3.11-1.mga7 php-readline-debuginfo-7.3.11-1.mga7 php-recode-debuginfo-7.3.11-1.mga7 php-session-debuginfo-7.3.11-1.mga7 php-shmop-debuginfo-7.3.11-1.mga7 php-snmp-debuginfo-7.3.11-1.mga7 php-soap-debuginfo-7.3.11-1.mga7 php-sockets-debuginfo-7.3.11-1.mga7 php-sodium-debuginfo-7.3.11-1.mga7 php-sqlite3-debuginfo-7.3.11-1.mga7 php-sysvmsg-debuginfo-7.3.11-1.mga7 php-sysvsem-debuginfo-7.3.11-1.mga7 php-sysvshm-debuginfo-7.3.11-1.mga7 php-tidy-debuginfo-7.3.11-1.mga7 php-tokenizer-debuginfo-7.3.11-1.mga7 php-xml-debuginfo-7.3.11-1.mga7 php-xmlreader-debuginfo-7.3.11-1.mga7 php-xmlrpc-debuginfo-7.3.11-1.mga7 php-xmlwriter-debuginfo-7.3.11-1.mga7 php-xsl-debuginfo-7.3.11-1.mga7 php-wddx-debuginfo-7.3.11-1.mga7 php-zip-debuginfo-7.3.11-1.mga7 php-fpm-debuginfo-7.3.11-1.mga7 phpdbg-debuginfo-7.3.11-1.mga7 libpcre2_0-10.33-1.1.mga7 libpcre2posix2-10.33-1.1.mga7 libpcre2-devel-10.33-1.1.mga7 pcre2-tools-10.33-1.1.mga7 pcre2-debugsource-10.33-1.1.mga7 pcre2-debuginfo-10.33-1.1.mga7 libpcre2_0-debuginfo-10.33-1.1.mga7 libpcre2posix2-debuginfo-10.33-1.1.mga7 pcre2-tools-debuginfo-10.33-1.1.mga7 Source RPMs: php-7.3.11-1.mga7.src.rpm pcre2-10.33-1.1.mga7.src.rpm
Assignee: mageia => qa-bugs
Installed and tested without issues. Tested with various large (e.g. roundcubemail, phpmyadmin, wordpress, drupal, custom) and small scripts, using HTTP(S) and CLI. System: Mageia 7, x86_64, Intel CPU. $ uname -a Linux marte 5.3.6-desktop-2.mga7 #1 SMP Sun Oct 13 18:22:10 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux $ php --version PHP 7.3.11 (cli) (built: Oct 24 2019 15:24:10) ( NTS ) Copyright (c) 1997-2018 The PHP Group Zend Engine v3.3.11, Copyright (c) 1998-2018 Zend Technologies $ rpm -qa | grep 7.3.11 | sort -u apache-mod_php-7.3.11-1.mga7 lib64php_common7-7.3.11-1.mga7 php-bz2-7.3.11-1.mga7 php-cli-7.3.11-1.mga7 php-ctype-7.3.11-1.mga7 php-dom-7.3.11-1.mga7 php-filter-7.3.11-1.mga7 php-ftp-7.3.11-1.mga7 php-gd-7.3.11-1.mga7 php-gettext-7.3.11-1.mga7 php-hash-7.3.11-1.mga7 php-ini-7.3.11-1.mga7 php-json-7.3.11-1.mga7 php-mbstring-7.3.11-1.mga7 php-mysqli-7.3.11-1.mga7 php-mysqlnd-7.3.11-1.mga7 php-openssl-7.3.11-1.mga7 php-pdo-7.3.11-1.mga7 php-pdo_mysql-7.3.11-1.mga7 php-pdo_sqlite-7.3.11-1.mga7 php-posix-7.3.11-1.mga7 php-session-7.3.11-1.mga7 php-sysvsem-7.3.11-1.mga7 php-sysvshm-7.3.11-1.mga7 php-tokenizer-7.3.11-1.mga7 php-xml-7.3.11-1.mga7 php-xmlreader-7.3.11-1.mga7 php-xmlwriter-7.3.11-1.mga7 php-zip-7.3.11-1.mga7 php-zlib-7.3.11-1.mga7
CC: (none) => mageia
Flushing out as exploits for CVE-2019-11043 RCE is out in the wild...
Keywords: (none) => advisory, validated_updateWhiteboard: (none) => MGA7-64-OKCC: (none) => tmb, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2019-0307.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED