drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in PHP
Name: |
Mehrere Probleme in PHP |
|
ID: |
FEDORA-2016-9282d83bee |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 22 |
|
Datum: |
So, 10. April 2016, 08:39 |
|
Referenzen: |
Keine Angabe |
|
Applikationen: |
PHP |
|
Originalnachricht |
Name : php Product : Fedora 22 Version : 5.6.20 Release : 1.fc22 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.
The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server.
------------------------------------------------------------------------------- - Update Information:
31 Mar 2016, **PHP 5.6.20** **CLI Server:** * Fixed bug php#69953 (Support MKCALENDAR request method). (Christoph) **Core:** * Fixed bug php#71596 (Segmentation fault on ZTS with date function (setlocale)). (Anatol) **Curl:** * Fixed bug php#71694 (Support constant CURLM_ADDED_ALREADY). (mpyw) **Date:** * Fixed bug php#71635 (DatePeriod::getEndDate segfault). (Thomas Punt) **Fileinfo:** * Fixed bug php#71527 (Buffer over-write in finfo_open with malformed magic file). (Anatol) **Mbstring:** * Fixed bug php#71906 (AddressSanitizer: negative-size-param (-1) in mbfl_strcut). (Stas) **ODBC:** * Fixed bug php#47803, php#69526 (Executing prepared statements is succesfull only for the first two statements). (einavitamar, Anatol) * Fixed bug php#71860 (Invalid memory write in phar on filename with \0 in name). (Stas) **PDO_DBlib:** * Fixed bug php#54648 (PDO::MSSQL forces format of datetime fields). (steven, Anatol) **Phar:** * Fixed bug php#71625 (Crash in php7.dll with bad phar filename). (Anatol) * Fixed bug php#71504 (Parsing of tar file with duplicate filenames causes memory leak). (Jos Elstgeest) **SNMP:** * Fixed bug php#71704 (php_snmp_error() Format String Vulnerability). (andrew) **Standard** * Fixed bug php#71798 (Integer Overflow in php_raw_url_encode). (taoguangchen, Stas) ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1323114 - php: Integer overflow in php_raw_url_encode https://bugzilla.redhat.com/show_bug.cgi?id=1323114 [ 2 ] Bug #1323108 - php: Format string vulnerability in php_snmp_error() https://bugzilla.redhat.com/show_bug.cgi?id=1323108 [ 3 ] Bug #1323106 - php: Invalid memory write in phar on filename containing \0 inside name https://bugzilla.redhat.com/show_bug.cgi?id=1323106 [ 4 ] Bug #1323103 - php: Negative size parameter in memcpy https://bugzilla.redhat.com/show_bug.cgi?id=1323103 [ 5 ] Bug #1323118 - file: Buffer over-write in finfo_open with malformed magic file https://bugzilla.redhat.com/show_bug.cgi?id=1323118 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update php' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|