(RHSA-2020:5275) Moderate: rh-php73-php security, bug fix, and enhancement update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.

The following packages have been upgraded to a later upstream version: rh-php73-php (7.3.20). (BZ#1853211)

Security Fix(es):

• php: DirectoryIterator class accepts filenames with embedded \0 byte and treats them as terminating at that byte (CVE-2019-11045)

• php: Information disclosure in exif_read_data() (CVE-2019-11047)

• php: Integer wraparounds when receiving multipart forms (CVE-2019-11048)

• oniguruma: Heap-based buffer over-read in function gb18030_mbc_enc_len in file gb18030.c (CVE-2019-19203)

• oniguruma: Heap-based buffer over-read in function fetch_interval_quantifier in regparse.c (CVE-2019-19204)

• php: Out of bounds read in php_strip_tags_ex (CVE-2020-7059)

• php: Global buffer-overflow in mbfl_filt_conv_big5_wchar function (CVE-2020-7060)

• php: NULL pointer dereference in PHP session upload progress (CVE-2020-7062)

• php: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)

• php: Information disclosure in exif_read_data() function (CVE-2020-7064)

• php: Using mb_strtolower() function with UTF-32LE encoding leads to potential code execution (CVE-2020-7065)

• php: Out of bounds read when parsing EXIF information (CVE-2019-11050)

• oniguruma: Heap-based buffer overflow in str_lower_case_match in regexec.c (CVE-2019-19246)

• php: Information disclosure in function get_headers (CVE-2020-7066)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Software Collections 3.6 Release Notes linked from the References section.