AnNyung Official Homepage Home > Update [ 2 ]  

What is AnNyung
Packages System
White Paper
  . 3.x [RSS]
  . 2.x [RSS]
  . 1.3 [RSS]
  . 1.2 [RSS]
  . 1.1 [RSS]
  . 1.0 [RSS]

  AnNyung banner 88x31

  AnNyung 1 banner 80x15
  AnNyung 2 banner 80x15
  AnNyung 3 banner 80x15
  AnNyung banner 80x15
  AnNyung banner 80x15

php 보안 업데이트

 : 2013.03.14
     : php-10:5.4.12-1.an2
     : AnNyung Packaging Team


    PHP is an HTML-embedded scripting language.  PHP attempts to make it
    easy for developers to write dynamically generated web pages.  PHP
    also offers built-in database integration for several commercial
    and non-commercial database management systems, so writing a
    database-enabled web page with PHP is fairly simple.  The most
    common use of PHP coding is probably as a replacement for CGI
    scripts.  The mod_php module enables the Apache web server to
    understand and process the embedded PHP language in web pages.
    Building option:
    	--with no_goto : if don't add vm kind option with goto..


    - update 5.4.12
    - add fpm server api
    - Fixed bug #64124 (IPv6 malformed)
    - Fixed bug #64106 (Segfault on SplFixedArray[][x] = y when extended)
    - Fixed bug #60840 (undefined symbol: mysqlnd_debug_std_no_trace_funcs)
    - Fixed bug #61930 (openssl corrupts ssl key resource when using
    - New SSL stream context option to prevent CRIME attack vector.
    - Fixed bug #63530 (mysqlnd_stmt::bind_one_parameter crashes, uses
      wrong alloc for stmt->param_bind).
    - mb_split() can now handle empty matches like preg_split() does
    - Fixed bug #64128 (buit-in web server is broken on ppc64)
    - Fixed bug #64142 (dval to lval different behavior on ppc64)
    - Fixed bug #64354 (Unserialize array of objects whose class can't
      be autoloaded fail)
    - Implemented FR #64175 (Added HTTP codes as of RFC 6585)
    - Fixed bug #64197 (_Offsetof() macro used but not defined on ARM/Clang)
    - Fixed bug #64070 (Inheritance with Traits failed with error)
    - Fixed bug #64235 (Insteadof not work for class method in 5.4.11)
    - security issues
      . CVE-2013-1643
        The SOAP parser in PHP before 5.3.22 and 5.4.x before 5.4.13 allows
        remote attackers to read arbitrary files via a SOAP WSDL file
        containing an XML external entity declaration in conjunction with an
        entity reference, related to an XML External Entity (XXE) issue in the
        soap_xmlParseFile and soap_xmlParseMemory functions.
      . CVE-2013-1635
        ext/soap/soap.c in PHP before 5.3.22 and 5.4.x before 5.4.13 does not
        validate the relationship between the soap.wsdl_cache_dir directive
        and the open_basedir directive, which allows remote attackers to bypass
        intended access restrictions by triggering the creation of cached SOAP
        WSDL files in an arbitrary directory.


    php 5.5가 지원이 되고, php 5.4에서 php 5.5로의 업그레이드는 큰 변화가
    없기 때문에 php 5.4의 지원은 더이상 하지 않습니다.
    php 5.4를 사용하시는 분들은 php54-repos package를 삭제 하신 후에,
    php55-repos package를 설치 하시고 업데이트를 하시기 바랍니다.
    만약 php 5.5 패키지로 업그레이드를 하려면 다음의 순서를 따르십시오.
    shell> yum remove php54-repos; yum install php55-repos;
    shell> yum clean all; yum update
    주의할 것은 php-common 패키지에 있는 /etc/php.d 의 php 설정 파일들은 php
    5.4에서 사용할 수 있는 파일들이 *.rpmnew와 같이 생성이 되게 됩니다. 이
    파일들을 설정 파일 이름으로 rename 하신 후에 새로 설정을 하셔야 합니다.

        . php-5.4.12-1.an2.src.rpm


 Home > Update [ 2 ]

Copyright 2021 OOPS Development Organization 
LAST MODIFIED: 2020/12/25