drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Umgebungsvariablen in php-guzzlehttp-guzzle6
| Name: |
Mangelnde Prüfung von Umgebungsvariablen in php-guzzlehttp-guzzle6 |
|
| ID: |
FEDORA-2016-9c8cf5912c |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 23 |
|
| Datum: |
Fr, 29. Juli 2016, 07:23 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385 |
|
| Applikationen: |
php-guzzlehttp-guzzle6 |
|
Originalnachricht |
Name : php-guzzlehttp-guzzle6
Product : Fedora 23
Version : 6.2.1
Release : 1.fc23
URL : http://guzzlephp.org
Summary : PHP HTTP client library
Description :
Guzzle is a PHP HTTP client that makes it easy to send HTTP requests and
trivial
to integrate with web services.
* Simple interface for building query strings, POST requests, streaming large
uploads, streaming large downloads, using HTTP cookies, uploading JSON data,
etc...
* Can send both synchronous and asynchronous requests using the same interface.
* Uses PSR-7 interfaces for requests, responses, and streams. This allows you
to utilize other PSR-7 compatible libraries with Guzzle.
* Abstracts away the underlying HTTP transport, allowing you to write
environment and transport agnostic code; i.e., no hard dependency on cURL,
PHP streams, sockets, or non-blocking event loops.
* Middleware system allows you to augment and compose client behavior.
Autoloader: /usr/share/php/GuzzleHttp6/autoload.php
-------------------------------------------------------------------------------
-
Update Information:
## 6.2.1 - 2016-07-18 * Address HTTP_PROXY security vulnerability,
CVE-2016-5385: https://httpoxy.org/ * Fixing timeout bug with StreamHandler:
https://github.com/guzzle/guzzle/pull/1488 * Only read up to `Content-Length` in
PHP StreamHandler to avoid timeouts when a server does not honor `Connection:
close`. * Ignore URI fragment when sending requests.
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1357582 - php-guzzlehttp-guzzle6-6.2.1 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1357582
-------------------------------------------------------------------------------
-
This update can be installed with the "yum" update program. Use
su -c 'yum update php-guzzlehttp-guzzle6' at the command line.
For more information, refer to "Managing Software with yum",
available at https://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://lists.fedoraproject.org/admin/lists/package-announce@lists.fedoraproject.org
|
|
|
|
