php71 보안 업데이트
업데이트 : 2020.01.23
이름 : php71-2:7.1.33-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP 7.1 is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- update 7.2.33
. http://php.net/ChangeLog-7.php#7.1.31
. http://php.net/ChangeLog-7.php#7.1.32
. http://php.net/ChangeLog-7.php#7.1.33
- security issues
. CVE-2019-11050 EXIF: Use-after-free in exif parsing under memory sanitizer #78793
. CVE-2019-11047 EXIF: Heap-buffer-overflow READ in exif #78910
. CVE-2019-11046 Bcmath: Buffer underflow in bc_shift_addsub #78878
. CVE-2019-11045 Core: DirectoryIterator class silently truncates after a null byte #78863
. CVE-2019-11044 Core: link() silently truncates after a null byte on Windows #78862
. CVE-2020-7060 Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar' #79037
. CVE-2020-7059 Standard: OOB read in php_strip_tags_ex #79099
. CVE-2019-13224 MBString: don't allow different encodings for onig_new_deluxe
. CVE-2019-11043 FPM: env_path_info underflow in fpm_main.c can lead to RCE
. CVE-2019-11042 EXIF: heap-buffer-overflow on exif_process_user_comment
. CVE-2019-11041 EXIF: heap-buffer-overflow on exif_scan_thumbnail
업데이트 패키지
SRPMS:
. php71-7.1.33-1.an3.src.rpm
x86_64:
. php71-7.1.33-1.an3.x86_64.rpm
. php71-cli-7.1.33-1.an3.x86_64.rpm
. php71-dba-7.1.33-1.an3.x86_64.rpm
. php71-dblib-7.1.33-1.an3.x86_64.rpm
. php71-devel-7.1.33-1.an3.x86_64.rpm
. php71-extension-7.1.33-1.an3.x86_64.rpm
. php71-fpm-7.1.33-1.an3.x86_64.rpm
. php71-odbc-7.1.33-1.an3.x86_64.rpm
. php71-pgsql-7.1.33-1.an3.x86_64.rpm
|