TEMP-0000000-D591DC

NameTEMP-0000000-D591DC
DescriptionInteger overflow in iptcembed()
SourceAutomatically generated temporary name. Not for external reference.

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
php5 (PTS)jessie, jessie (lts)5.6.40+dfsg-0+deb8u21fixed
php7.0 (PTS)stretch (security)7.0.33-0+deb9u12fixed
stretch (lts), stretch7.0.33-0+deb9u19fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
hhvmsource(unstable)3.12.1+dfsg-1
php5sourcesqueeze5.3.3.1-7+squeeze29
php5sourcewheezy5.4.45-0+deb7u7
php5sourcejessie5.6.19+dfsg-0+deb8u1
php5source(unstable)5.6.18+dfsg-1
php5.6source(unstable)5.6.18+dfsg-1
php7.0source(unstable)7.0.3-1

Notes

temporary workaround until CVE assigned to explitly tag for squeeze
https://bugs.php.net/bug.php?id=71459
https://bugzilla.redhat.com/show_bug.cgi?id=1305518
https://git.php.net/?p=php-src.git;a=commit;h=54c210d2ea9b8539edcde1888b1104b96b38e886
Fixed in 5.6.18, 5.5.32, 7.0.3
https://github.com/facebook/hhvm/commit/381702ffbfdae170ba3fff97d6cc1b9c69666854

Search for package or bug name: Reporting problems