php 보안 업데이트
업데이트 : 2016.06.20
이름 : php-100:7.0.7-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- security issues
. CVE-2016-3074 libgd: signedness vulnerability (#71912)
. CVE-2016-3078 integer overflow in ZipArchive::getFrom* (#71923)
- fixed zend_mm_heap corrupted problems of exec_dir patch
- official 7.0.7 bug fixed
. fixed #72221 Core: segfault, past-the-end access
. fixed #72218 Core: If host name cannot be resolved then PHP 7 crashes
. fixed #72308 FPM: fastcgi_finish_request and logging environment variables
. fixed #72337 GD: invalid dimensions can lead to crash
. fixed #72143 PCRE: preg_replace uses int instead of size_t
. fixed #71573 PDO_pgsql: Segfault (core dumped) if paramno beyond bound
. fixed #72294 PDO_pgsql: Segmentation fault/invalid pointer in connection with pgsql_stmt_dtor
. fixed #72284 Phpdbg: phpdbg fatal errors with coverage
. fixed #72195 Postgres: pg_pconnect/pg_connect cause use-after-free
. fixed #72197 Postgres: pg_lo_create arbitrary read
. fixed #72206 XML: xml_parser_create/xml_parser_free leaks mem
. fixed #72369 Standard: array_merge() produces references in PHP7
. fixed #72017 Standard: range() with float step produces unexpected result
. fixed #72229 Standard: Wrong reference when serialize/unserialize an object
. fixed #72300 Standard: ignore_user_abort(false) has no effect
. fixed #72258 Zip: ZipArchive converts filenames to unrecoverable form
- official 7.0.8 bug fixed
. fixed #43475 GD: Thick styled lines have scrambled patterns
. fixed #53640 GD: XBM images require width to be multiple of 8
. fixed #72399 Mbstring: Use-After-Free in MBString (search_re)
. fixed #72405 Mbstring: mb_ereg_replace - mbc_to_code (oniguruma) - oob read access
. fixed #72306 Standard: Heap overflow through proc_open and $env parameter
. fixed #72439 Stream: Stream socket with remote address leads to a segmentation fault
업데이트 패키지
SRPMS:
. php-7.0.7-1.an3.src.rpm
x86_64:
. php-7.0.7-1.an3.x86_64.rpm
. php-cli-7.0.7-1.an3.x86_64.rpm
. php-dba-7.0.7-1.an3.x86_64.rpm
. php-dblib-7.0.7-1.an3.x86_64.rpm
. php-devel-7.0.7-1.an3.x86_64.rpm
. php-extension-7.0.7-1.an3.x86_64.rpm
. php-fpm-7.0.7-1.an3.x86_64.rpm
. php-odbc-7.0.7-1.an3.x86_64.rpm
. php-pgsql-7.0.7-1.an3.x86_64.rpm
|