php 보안 업데이트
업데이트 : 2016.06.20
이름 : php-1:5.3.28-16.an2
벤더 : AnNyung Packaging Team
설명 :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- fixed zend_mm_heap corrupted problems of exec_dir patch
- security issues
. CVE-2016-4070 Standard: Integer Overflow in php_raw_url_encode (#71798)
. CVE-2016-4072 Phar: Invalid memory write in phar on filename with \0 in name (#71860)
. CVE-2016-4073 Mbstring: AddressSanitizer: negative-size-param (-1) in mbfl_strcut (#71906)
. CVE-2015-8865 Fileinfo: Buffer over-write in finfo_open with malformed magic file (#71527)
. CVE-2016-3074 GD: libgd: signedness vulnerability (#71912)
. fixed bug #72099 XML: xml_parse_into_struct segmentation fault
. CVE-2016-4343 Phar: Uninitialized pointer in phar_make_dirstream() (#71331)
. fixed bug #72135 Core: Integer Overflow in php_html_entities
. fixed bug #72114 Core: Integer underflow / arbitrary null write in fread/gzread
. CVE-2015-8874 GD: Stack overflow with imagefilltoborder (#66387)
. CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389,
CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394
Upgraded pcrelib to 8.38
주의사항
php54-repos 또는 php55-repos 패키지를 설치하면 yum update 명령 실행시에
php 버전이 5.4 또는 5.5로 업데이트가 됩니다. php 5.3.x 를 사용하는 경우에는
php54-repos 또는 php55-repos 패키지를 설치 하지 마십시오!
업데이트 패키지
SRPMS:
. php-5.3.28-16.an2.src.rpm
x86_64:
. php-fpm-5.3.28-16.an2.x86_64.rpm
. php-cli-5.3.28-16.an2.x86_64.rpm
. php-devel-5.3.28-16.an2.x86_64.rpm
. php-extension-5.3.28-16.an2.x86_64.rpm
. php-5.3.28-16.an2.x86_64.rpm
i686:
. php-devel-5.3.28-16.an2.i686.rpm
. php-5.3.28-16.an2.i686.rpm
. php-extension-5.3.28-16.an2.i686.rpm
. php-cli-5.3.28-16.an2.i686.rpm
. php-fpm-5.3.28-16.an2.i686.rpm
|