Bug 28037 - PHP 7.4.14 (fixes CVE-2020-7071)
Summary: PHP 7.4.14 (fixes CVE-2020-7071)
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Backports (show other bugs)
Version: 7
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact:
URL:
Whiteboard: MGA7-64-OK
Keywords: validated_backport
Depends on: 28036
Blocks:
  Show dependency treegraph
 
Reported: 2021-01-07 19:17 CET by Marc Krämer
Modified: 2021-01-24 00:57 CET (History)
2 users (show)

See Also:
Source RPM: php-7.4.12-1.mga7.src.rpm
CVE:
Status comment:


Attachments

Description Marc Krämer 2021-01-07 19:17:53 CET
PHP 7.4.14 fixes:
Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid userinfo). (CVE-2020-7071)

and many other bugs more.
Marc Krämer 2021-01-07 19:18:24 CET

Depends on: (none) => 28036

David Walser 2021-01-07 20:44:33 CET

Source RPM: php-7.4 => php-7.4.12-1.mga7.src.rpm
Summary: PHP: Security issue => PHP 7.4.14 (fixes CVE-2020-7071)

Comment 1 Marc Krämer 2021-01-07 20:48:00 CET
Suggested advisory:
========================

Updated php to fix security vulnerabilities
========================

Updated packages in core/backpors_testing:
apache-mod_php-7.4.14-1.mga7
php-bcmath-7.4.14-1.mga7
php-bz2-7.4.14-1.mga7
php-calendar-7.4.14-1.mga7
php-cgi-7.4.14-1.mga7
php-cli-7.4.14-1.mga7
php-ctype-7.4.14-1.mga7
php-curl-7.4.14-1.mga7
php-dba-7.4.14-1.mga7
php-devel-7.4.14-1.mga7
php-doc-7.4.14-1.mga7
php-dom-7.4.14-1.mga7
php-enchant-7.4.14-1.mga7
php-exif-7.4.14-1.mga7
php-fileinfo-7.4.14-1.mga7
php-filter-7.4.14-1.mga7
php-fpm-7.4.14-1.mga7
php-fpm-apache-7.4.14-1.mga7
php-ftp-7.4.14-1.mga7
php-gd-7.4.14-1.mga7
php-gettext-7.4.14-1.mga7
php-gmp-7.4.14-1.mga7
php-iconv-7.4.14-1.mga7
php-imap-7.4.14-1.mga7
php-ini-7.4.14-1.mga7
php-intl-7.4.14-1.mga7
php-json-7.4.14-1.mga7
php-ldap-7.4.14-1.mga7
php-mbstring-7.4.14-1.mga7
php-mysqli-7.4.14-1.mga7
php-mysqlnd-7.4.14-1.mga7
php-odbc-7.4.14-1.mga7
php-opcache-7.4.14-1.mga7
php-openssl-7.4.14-1.mga7
php-pcntl-7.4.14-1.mga7
php-pdo-7.4.14-1.mga7
php-pdo_dblib-7.4.14-1.mga7
php-pdo_firebird-7.4.14-1.mga7
php-pdo_mysql-7.4.14-1.mga7
php-pdo_odbc-7.4.14-1.mga7
php-pdo_pgsql-7.4.14-1.mga7
php-pdo_sqlite-7.4.14-1.mga7
php-pgsql-7.4.14-1.mga7
php-phar-7.4.14-1.mga7
php-posix-7.4.14-1.mga7
php-readline-7.4.14-1.mga7
php-session-7.4.14-1.mga7
php-shmop-7.4.14-1.mga7
php-snmp-7.4.14-1.mga7
php-soap-7.4.14-1.mga7
php-sockets-7.4.14-1.mga7
php-sodium-7.4.14-1.mga7
php-sqlite3-7.4.14-1.mga7
php-sysvmsg-7.4.14-1.mga7
php-sysvsem-7.4.14-1.mga7
php-sysvshm-7.4.14-1.mga7
php-tidy-7.4.14-1.mga7
php-tokenizer-7.4.14-1.mga7
php-xmlreader-7.4.14-1.mga7
php-xmlrpc-7.4.14-1.mga7
php-xmlwriter-7.4.14-1.mga7
php-xsl-7.4.14-1.mga7
php-zip-7.4.14-1.mga7
php-zlib-7.4.14-1.mga7
phpdbg-7.4.14-1.mga7

SRPM:
php-7.4.14-1.mga7.src.rpm
Marc Krämer 2021-01-08 01:55:01 CET

Assignee: mageia => qa-bugs

Comment 2 Aurelien Oudelet 2021-01-17 16:14:38 CET
Installation over latest php-7.3 updates.
Run a local wordpress CMS.
No errors.
Validating backport.

CC: (none) => ouaurelien
Keywords: (none) => validated_backport
Whiteboard: (none) => MGA7-64-OK

Comment 3 Aurelien Oudelet 2021-01-23 10:16:11 CET
Please push it.

CC: (none) => sysadmin-bugs

Comment 4 Thomas Backlund 2021-01-24 00:57:01 CET
packages are moved

Resolution: (none) => FIXED
Status: NEW => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.