Sicherheit: Mehrere Probleme in php
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in php
ID: FEDORA-2019-be4f895015
Distribution: Fedora
Plattformen: Fedora 30
Datum: Do, 6. Juni 2019, 07:29
Referenzen: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11039
Applikationen: PHP


Fedora Update Notification
2019-06-06 01:05:45.805534

Name : php
Product : Fedora 30
Version : 7.3.6
Release : 1.fc30
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

Update Information:

**PHP version 7.3.6** (30 May 2019) **cURL:** * Implemented FR php#72189 (Add
missing CURL_VERSION_* constants). (Javier Spagnoletti) **EXIF:** * Fixed bug
php#77988 (heap-buffer-overflow on php_jpg_get16). (CVE-2019-11040) (Stas)
**FPM:** * Fixed bug php#77934 (php-fpm kill -USR2 not working). (Jakub
Zelenka) * Fixed bug php#77921 (static.php.net doesn't work anymore).
Kokot) **GD:** * Fixed bug php#77943 (imageantialias($image, false); does not
work). (cmb) * Fixed bug php#77973 (Uninitialized read in
(CVE-2019-11038) (cmb) **Iconv:** * Fixed bug php#78069 (Out-of-bounds read
iconv.c:_php_iconv_mime_decode() due to integer overflow). (CVE-2019-11039).
(maris dot adam) **JSON:** * Fixed bug php#77843 (Use after free with json
serializer). (Nikita) **Opcache:** * Fixed possible crashes, because of
inconsistent PCRE cache and opcache SHM reset. (Alexey Kalinin, Dmitry)
**PDO_MySQL:** * Fixed bug php#77944 (Wrong meta pdo_type for bigint on
(cmb) **Reflection:** * Fixed bug php#75186 (Inconsistent reflection of
Closure:::__invoke()). (Nikita) **Session:** * Fixed bug php#77911 (Wrong
warning for session.sid_bits_per_character). (cmb) **SOAP:** * Fixed bug
php#77945 (Segmentation fault when constructing SoapClient with
WSDL_CACHE_BOTH). (Nikita) **SPL:** * Fixed bug php#77024
(SplFileObject::__toString() may return array). (Craig Duncan) **SQLite:** *
Fixed bug php#77967 (Bypassing open_basedir restrictions via file uris). (Stas)
**Standard:** * Fixed bug php#77931 (Warning for array_map mentions wrong
type). (Nikita) * Fixed bug php#78003 (strip_tags output change since PHP 7.3).

* Tue May 28 2019 Remi Collet <remi@remirepo.net> - 7.3.6-1
- Update to 7.3.6 - http://www.php.net/releases/7_3_6.php
* Wed May 1 2019 Remi Collet <remi@remirepo.net> - 7.3.5-1
- Update to 7.3.5 - http://www.php.net/releases/7_3_5.php

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2019-be4f895015' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Traut euch!
Neue Nachrichten