[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

https://usn.ubuntu.com/4166-2/ provided the fix for 14.04 ESM so all supported releases are patched. As such, closing. ** Changed in: php-defaults (Ubuntu) Status: Confirmed => Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

@mig5 - php5 is covered by 14.04 ESM - see https://wiki.ubuntu.com/SecurityTeam/ESM/14.04 - so there will be a corresponding release for this. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1849620 Tit

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

I see that updated packages have come out for PHP 7 (https://usn.ubuntu.com/4166-1/), thanks! Will you also do a release for PHP 5 on the ESM 14.04? Although the public exploit does not (yet) work with PHP 5, it is still affected. Debian Jessie already released an update on the weekend for PHP 5.6

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

** Changed in: php-defaults (Ubuntu) Assignee: (unassigned) => Ubuntu Security Team (ubuntu-security) -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1849620 Title: CVE-2019-11043 PHP+Nginx remot

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

Status changed to 'Confirmed' because the bug affects multiple users. ** Changed in: php-defaults (Ubuntu) Status: New => Confirmed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1849620 Title:

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

Hi A Z, I'm not sure what VLC has to do with it, but I know that the CVE is being dealt with by the security team at the moment. => https://people.canonical.com/~ubuntu- security/cve/2019/CVE-2019-11043.html @Marc it is assigned to you so I subscribe you here to close the bug when it got release

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-11043 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1849620 Title: CVE-2019-11043 PHP+Nginx remote code execution To manage notific

[Bug 1849620] Re: CVE-2019-11043 PHP+Nginx remote code execution

** Also affects: php-defaults (Ubuntu) Importance: Undecided Status: New ** Changed in: vlc (Ubuntu) Status: New => Invalid ** Changed in: vlc (Ubuntu) Assignee: (unassigned) => A Z (azaagman) -- You received this bug notification because you are a member of Ubuntu Bugs, w