Source: php7.3 Version: 7.3.4-2 Severity: important Tags: security upstream Forwarded: https://bugs.php.net/bug.php?id=77950
Hi, The following vulnerability was published for php7.3. CVE-2019-11036[0]: | When processing certain files, PHP EXIF extension in versions 7.1.x | below 7.1.29, 7.2.x below 7.2.18 and 7.3.x below 7.3.5 can be caused | to read past allocated buffer in exif_process_IFD_TAG function. This | may lead to information disclosure or crash. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-11036 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11036 [1] https://bugs.php.net/bug.php?id=77950 Regards, Salvatore
