openssl_random_pseudo_bytes() security bug and PHP packages
Bug #1534203 reported by
vinc-q
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
php5 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Precise |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Trusty |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Vivid |
Won't Fix
|
Medium
|
Marc Deslauriers | ||
Wily |
Fix Released
|
Medium
|
Marc Deslauriers | ||
Xenial |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
Maybe Ubuntu official PHP packages aren't patched against openssl_
5.6.12, 5.5.28, 5.4.44, so it might be still affecting the currently supported Ubuntu PHP packages (5.6.11, 5.6.4, 5.5.9).
information type: | Public → Public Security |
Changed in php5 (Ubuntu Xenial): | |
status: | New → Fix Released |
Changed in php5 (Ubuntu Precise): | |
status: | New → Confirmed |
Changed in php5 (Ubuntu Trusty): | |
status: | New → Confirmed |
Changed in php5 (Ubuntu Vivid): | |
status: | New → Confirmed |
Changed in php5 (Ubuntu Wily): | |
status: | New → Confirmed |
Changed in php5 (Ubuntu Precise): | |
importance: | Undecided → Medium |
Changed in php5 (Ubuntu Trusty): | |
importance: | Undecided → Medium |
Changed in php5 (Ubuntu Precise): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in php5 (Ubuntu Vivid): | |
importance: | Undecided → Medium |
Changed in php5 (Ubuntu Wily): | |
importance: | Undecided → Medium |
Changed in php5 (Ubuntu Trusty): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in php5 (Ubuntu Vivid): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
Changed in php5 (Ubuntu Wily): | |
assignee: | nobody → Marc Deslauriers (mdeslaur) |
To post a comment you must log in.
https:/ /github. com/php/ php-src/ commit/ 16023f3e3b9c06c f677c3c980e8d57 4e4c162827 is the relevant patch.