PHP
Security
update

PHP 7.3.4/7.2.17/7.1.28 Released. This is a security release


PHP 7.3.4/7.2.17/7.1.28

ちょっと遅れましたがまとめました。


結論

前回と同じく、外部から直接攻撃される類の問題ではなさそうです。以下のいずれかを満たす必要があります


  • 外部から提供された画像ファイルをアップロードされ、それをexif処理する可能性がある


    • CMS

    • wiki



  • phpコードをサーバ管理者以外がアップロードされうる


    • 共有レンタルサーバなど




発行されたCVE


Changelog

Module
7.x
Type
Link
Note

Core
3,2
Bug
#77738
Nullptr deref in zend_compile_expr

Core
3,2
Bug
#77660
Segmentation fault on break 2147483648

Core
3,2
Bug
#77652
Anonymous classes can lose their interface information

Core
3
Bug
#77345
Stack Overflow caused by circular reference in garbage collection

Core
3
Doc Bug
#76956
Wrong value for 'syslog.filter' documented in php.ini

Core
2
Bug
#77676
Unable to run tests when building shared extension on AIX

Apache2Handler
3
Bug
#77648
BOM in sapi/apache2handler/php_functions.c

Bcmath
3,2
Bug
#77742
bcpow() implementation related to gcc compiler optimization

CLI Server
3
Bug
#77722
Incorrect IP set to $_SERVER['REMOTE_ADDR'] on the localhost

COM
3,2
Bug
#77578
Crash when php unload

Date
2
Bug
#50020
DateInterval:createDateFromString() silently fails

Date
2
Request
#75113
Added DatePeriod::getRecurrences() method

EXIF
ALL
Sec Bug
#77753
Heap-buffer-overflow in php_ifd_get32s

EXIF
ALL
Sec Bug
#77831
Heap-buffer-overflow in exif_iif_add_value

FPM
3,2
Bug
#77677
FPM fails to build on AIX due to missing WCOREDUMP

GD
3,2
Bug
#77700
Writing truecolor images as GIF ignores interlace flag

MySQLi
3,2
Bug
#77597
mysqli_fetch_field hangs scripts

Opcache
2
Bug
#77691
Opcache passes wrong value for inline array push assignments

Opcache
3,2
Bug
#77743
Incorrect pi node insertion for jmpznz with identical successors

PCRE
3
Bug
#76127
preg_split does not raise an error on invalid UTF-8

Phar
3
Bug
#77697
Crash on Big_Endian platform

phpdbg
3,2
Bug
#77767
phpdbg break cmd aliases listed in help do not match actual aliases

sodium
3,2
Bug
#77646
sign_detached() strings not terminated

SQLite3
ALL
?

sqlite3.defensive INI directive

Standard
2
Bug
#77664
Segmentation fault when using undefined constant in custom wrapper

Standard
2
Bug
#77669
Crash in extract() when overwriting extracted array

Standard
2
Bug
#76717
var_export() does not create a parsable value for PHP_INT_MIN

Standard
2
Bug
#77765
FTP stream wrapper should set the directory as executable