| AnNyung Official Homepage | Home > Update [ 1.2 ] |
|
HOME What is AnNyung Documents Packages System White Paper Download Update . 3.x [RSS] . 2.x [RSS] . 1.3 [RSS] . 1.2 [RSS] . 1.1 [RSS] . 1.0 [RSS] FAQ Hardware RoadMap Gallery |
|
php 보안 업데이트 
Web Browser 로는 FTP 접속이 불가능 합니다. 문서번호 : 1131044965 업데이트 : 2005.11.04 상세내용 * update 5.0.5 - Fixed memory allocation bug - Additinal fix for bug #34277 (array_filter() crashes with references and objects) - fix #34450 (Segfault when calling mysqli_close() in destructor) - Fixed shutdown order. - Fixed access to uninitialized value - fix crash on restarting static PHP having session modules loaded - Remove HTML fragments from phpcredits() in CLI mode - Backport stream_socket_enable_crypto() - Fixed memory corryption - fix #32081 (mysqli_real_connect(): mysqli.default_socket in php.ini has no effect) for real - fix #33220, infinite loop while loading invalid GIF (nlopees) - Fixed bug #32937 (open_basedir looses trailing / in the limiter). - Fixed possible GLOBALS variable override when register_globals are ON. - Fixed possible register_globals toggle via parse_str(). - Fixed possible crash and/or memory corruption in import_request_variables() - Fixed potential GLOBALS overwrite via import_request_variables(). - GLOBALS protection for extract() function. - fix #32179 (xmlrpc_encode() segfaults with recursive references) - fix #34731 - fix #34723 (array_count_values() strips leading zeroes) - Missing safe_mode/open_basedir checks for file uploads. - Fix #34557 php -m exits with "error" 1 - Added missing safe_mode checks. - Fix issue (endless loop) with temp/memory streams - Bugfix #34704 (Infinite recursion due to corrupt JPEG) - fix #33383 (crash when retrieving empty LOBs) - fix #34810 (mysqli::init() and others use wrong pointer without checks) - Fixed bug #34790 (preg_match_all(), named capturing groups, variable assignment/return => crash) - fix #34757 (iconv_substr() gives "Unknown error" when offset > string length) - Fixed an error in mysqli_fetch_fields (returned NULL instead of an array when row number > field_count). (Georg) - Further URL validations in safe_mode/open_basedir configs. - fix mime_magic problems with ZTS - use php_error_docref() instead of php_error() everywhere - backport Ilia's fix for #34884 - fixed bug #29983 (PHP does not explicitly set mime type & charset) + call sapi_deactivate() when called with -m switch - Fixed bug #34782 (token_get_all() gives wrong result) - fix possible crash in dns_get_record() cleanup code a bit (partly fixes #34938) - fix #34938 (dns_get_record() doesn't resolve long hostnames and leaks) - apply workaround for the leak only when GLIBC is used - fix #34996 (ImageTrueColorToPalette() crashes when ncolors is zero) - Fixed bug #34982 (array_walk_recursive() modifies elements outside function scope) - Fix #35037. Selecting a uniqueidentifier would return unknown data type when used with freetds. - chagned allow_url_fopen INI_ALL - changed semaphore order to avoid leak - libsqlite version update to 2.8.16 * php 4.4.1 update - Added missing safe_mode checks for image* functions and cURL. - Added missing safe_mode/open_basedir checks for file uploads. - Fixed a memory corruption bug regarding included files. - Fixed possible INI setting leak via virtual() in Apache 2 sapi. - Fixed possible crash and/or memory corruption in import_request_variables(). - Fixed potential GLOBALS overwrite via import_request_variables(). - Fixed possible GLOBALS variable override when register_globals are ON. - Fixed possible register_globals toggle via parse_str(). Autoupdates 지원 : 일부 지원 Autoupdate 대상 : . php-binary . php-devel . php-pear Autoupdate 비 대상 : . 나머지 패키지들 . pkgadd -F php* 명령으로 업데이트 가능 또는 pkginfo -u 옵션으로 업데이트 대상 확인 추가 정보 : . php 4 패키지는 자동 업데이트 및 Packages System 대상이 아니며, 수동으로 업데이트 해 주어야 함. (php 5 로 업데이트를 하지 못하는 유저들을 위해 임시 지원) . php 4 는 보안 버그 관련 패키지만 업데이트 지원 (revision 은 달라도 운영상 상관은 없으나, shared extension 의 경우 php.ini 에서 등록 확인 要.) update 패키지 RPMS : + PHP5 . php-binary-5.0.5-1.i686.rpm . php-devel-5.0.5-1.i686.rpm . php-pear-5.0.5-1.i686.rpm . php-5.0.5-1.i686.rpm . php-bcmath-5.0.5-1.i686.rpm . php-calendar-5.0.5-1.i686.rpm . php-curl-5.0.5-1.i686.rpm . php-dba-5.0.5-1.i686.rpm . php-eaccelerator-5.0.5-1.i686.rpm . php-exif-5.0.5-1.i686.rpm . php-ftp-5.0.5-1.i686.rpm . php-gd-5.0.5-1.i686.rpm . php-gettext-5.0.5-1.i686.rpm . php-iconv-5.0.5-1.i686.rpm . php-imap-5.0.5-1.i686.rpm . php-korean-5.0.5-1.i686.rpm . php-mbstring-5.0.5-1.i686.rpm . php-mcrypt-5.0.5-1.i686.rpm . php-mhash-5.0.5-1.i686.rpm . php-mssql-5.0.5-1.i686.rpm . php-mysql-5.0.5-1.i686.rpm . php-mysqli-5.0.5-1.i686.rpm . php-openssl-5.0.5-1.i686.rpm . php-pgsql-5.0.5-1.i686.rpm . php-rrd-5.0.5-1.i686.rpm . php-sockets-5.0.5-1.i686.rpm . php-sqlite-5.0.5-1.i686.rpm . php-zlib-5.0.5-1.i686.rpm + PHP4 . php-binary-4.4.1-1.i686.rpm . php-devel-4.4.1-1.i686.rpm . php-pear-4.4.1-1.i686.rpm . php-4.4.1-1.i686.rpm . php-iconv-4.4.1-1.i686.rpm . php-mbstring-4.4.1-1.i686.rpm SRPMS : . php-4.4.1-1.src.rpm 참고 : http://www.hardened-php.net/advisory_202005.79.html http://www.hardened-php.net/index.76.html http://www.hardened-php.net/advisory_192005.78.html http://www.hardened-php.net/advisory_182005.77.html http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=323585 http://itpro.nikkeibp.co.jp/article/NEWS/20051102/223939/ |
Home > Update [ 1.2 ]
Copyright 2024 OOPS Development Organization
LAST MODIFIED: 2018/04/10