php72 보안 업데이트
업데이트 : 2018.07.08
이름 : php72-2:7.2.7-1.an2
벤더 : AnNyung Packaging Team
설명 :
PHP 7.2 is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- update 7.2.7
. http://www.php.net/ChangeLog-7.php#7.2.7
- 7.2.7 official bugs
. fixed #76534 Core: PHP hangs on 'illegal string offset on string references with an error handler
. fixed #76520 Core: Object creation leaks memory when executed over HTTP
. fixed #76502 Core: Chain of mixed exceptions and errors does not serialize properly
. fixed #76462 Date: Undefined property: DateInterval::$f
. fixed #76409 EXIF: heap use after free in _php_stream_free
. fixed #73342 FPM: Vulnerability in php-fpm by changing stdin to non-blocking
. fixed #74670 GMP: Integer Underflow when unserializing GMP and possible other classes
. fixed #76556 intl: get_debug_info handler for BreakIterator shows wrong type
. fixed #76532 mbstring: Integer overflow and excessive memory usage in mb_strimwidth
. fixed #76477 Opcache: Opcache causes empty return value
. fixed #76548 PGSQL: pg_fetch_result did not fetch the next row
. fixed #76536 Reflection: PHP crashes with core dump when throwing exception in error handler
. fixed #75231 Reflection: ReflectionProperty#getValue() incorrectly works with inherited classes
. fixed #76505 Standard: array_merge_recursive() is duplicating sub-array keys
. fixed #71848 Standard: getimagesize with $imageinfo returns false
. fixed #76461 ZIP: OPSYS_Z_CPM defined instead of OPSYS_CPM
- 7.2.8 official bugs
. Fixed bug #76366 Filter: References in sub-array for filtering breaks the filter
- security issues
. CVE-2018-10549 Exif: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value (#76130)
. CVE-2018-10546 iconv: stream filter convert.iconv leads to infinite loop on invalid sequence (#76249)
. CVE-2018-10548 ldap: Malicious LDAP-Server Response causes Crash (#76248)
. CVE-2018-10547 Phar: fix for CVE-2018-5712 may not be complete (#76129)
. CVE-2018-10545 FPM: Dumpable FPM child processes allow bypassing opcache access controls (#75605)
업데이트 패키지
SRPMS:
. php72-7.2.7-1.an2.src.rpm
x86_64:
. php72-cli-7.2.7-1.an2.x86_64.rpm
. php72-odbc-7.2.7-1.an2.x86_64.rpm
. php72-7.2.7-1.an2.x86_64.rpm
. php72-fpm-7.2.7-1.an2.x86_64.rpm
. php72-dblib-7.2.7-1.an2.x86_64.rpm
. php72-pgsql-7.2.7-1.an2.x86_64.rpm
. php72-dba-7.2.7-1.an2.x86_64.rpm
. php72-extension-7.2.7-1.an2.x86_64.rpm
. php72-devel-7.2.7-1.an2.x86_64.rpm
i686:
. php72-cli-7.2.7-1.an2.i686.rpm
. php72-fpm-7.2.7-1.an2.i686.rpm
. php72-dblib-7.2.7-1.an2.i686.rpm
. php72-extension-7.2.7-1.an2.i686.rpm
. php72-pgsql-7.2.7-1.an2.i686.rpm
. php72-devel-7.2.7-1.an2.i686.rpm
. php72-odbc-7.2.7-1.an2.i686.rpm
. php72-7.2.7-1.an2.i686.rpm
. php72-dba-7.2.7-1.an2.i686.rpm
|