php 보안 업데이트
업데이트 : 2022.02.06
이름 : php-100:7.0.33-7.an3
벤더 : AnNyung Packaging Team
설명 :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- security issues
. #79812 Pcntl: Potential integer overflow in pcntl_exec()
. CVE-2020-7071 Standard: FILTER_VALIDATE_URL accepts URLs with invalid userinfo (#77423)
. CVE-2021-21706 Zip: ZipArchive::extractTo extracts outside of destinatio (#81420)
. CVE-2021-21703 FPM; PHP-FPM oob R/W in root process leading to privilege escalation (#81026)
. CVE-2021-21707 XML: special character is breaking the path in xml function (#79971)
업데이트 패키지
SRPMS:
. php-7.0.33-7.an3.src.rpm
x86_64:
. php-7.0.33-7.an3.x86_64.rpm
. php-cli-7.0.33-7.an3.x86_64.rpm
. php-dba-7.0.33-7.an3.x86_64.rpm
. php-dblib-7.0.33-7.an3.x86_64.rpm
. php-devel-7.0.33-7.an3.x86_64.rpm
. php-extension-7.0.33-7.an3.x86_64.rpm
. php-fpm-7.0.33-7.an3.x86_64.rpm
. php-odbc-7.0.33-7.an3.x86_64.rpm
. php-pgsql-7.0.33-7.an3.x86_64.rpm
|