php 보안 업데이트
업데이트 : 2016.03.23
이름 : php-100:7.0.4-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- security issues
. CVE-2016-3185 #71610 Soap: Type Confusion Vulnerability - SOAP / make_http_soap_request()
- official 7.0.4 bug fixed
. fixed bug #69953 CLI Server: Support MKCALENDAR request method
. fixed bug #71624 Core: `php -R` (PHP_MODE_PROCESS_STDIN) is broken
. fixed bug #71806 Core: php_strip_whitespace() fails on some numerical values
. fixed bug #71767 Core: ReflectionMethod::getDocComment returns the wrong comment
. fixed bug #71724 Core: yield from does not count EOLs
. Fixed bug #71575 Core: ISO C does not allow extra ‘;’ outside of a function
. fixed bug #71470 Core: Leaked 1 hashtable iterators
. fixed bug #71535 Core: Integer overflow in zend_mm_alloc_heap()
. fixed bug #71596 Core: Segmentation fault on ZTS with date function (setlocale)
. fixed bug #71622 Core: Strings used in pass-as-reference cannot be used to invoke C::$callable()
. fixed bug #71629 Core: Out-of-bounds access in php_url_decode in context php_stream_url_wrap_rfc2397
. fixed bug #71695 Core: Global variables are reserved before execution
. fixed bug #71729 Core: Possible crash in zend_bin_strtod, zend_oct_strtod, zend_hex_strtod
. fixed bug #71756 Core: Call-by-reference widens scope to uninvolved functions when used in switch
. fixed bug #71694 Curl: Support constant CURLM_ADDED_ALREADY
. fixed bug #71635 Date: DatePeriod::getEndDate segfault
. fixed bug #71536 libxml: Access Violation crashes php-cgi.exe
. fixed bug #47803, #69526 ODBC: Executing prepared statements is succesfull only for the first two statements
. fixed bug #71659 PCRE: segmentation fault in pcre running twig tests
. fixed bug #71625 Phar: Crash in php7.dll with bad phar filename
. fixed bug #71317 Phar: PharData fails to open specific file
. fixed Bug #71683 Session: Null pointer dereference in zend_hash_str_find_bucket
. fixed bug #71617 SPL: private properties lost when unserializing ArrayObject
. fixed bug #71660 Standard: array_column behaves incorrectly after foreach by reference
- official 7.0.5 bug fixed
. fixed bug #71841 Core: EG(error_zval) is not handled well
. fixed bug #71731 Core: Null coalescing operator and ArrayAccess
. fixed bug #69659 Core: ArrayAccess, isset() and the offsetExists method
. fixed bug #62059 Core: ArrayObject and isset are not friends
. fixed bug #71871 Core: Interfaces allow final and abstract functions
. fixed Bug #71859 Core: zend_objects_store_call_destructors operates on realloced memory, crashing
. fixed bug #71750 Core: Multiple Heap Overflows in php_raw_url_encode/php_url_encode
. fixed bug #71840 Standard: Unserialize accepts wrongly data
. fixed bug #71837 Standard: Wrong arrays behaviour
. fixed bug #71831 Curl: CURLOPT_NOPROXY applied as long instead of string
. fixed bug #63171 ODBC: Script hangs after max_execution_time
. fixed bug #71843 Opcache: null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER
. fixed bug #52098 PDO: Own PDOStatement implementation ignore __call()
. fixed bug #71820 Postgres: pg_fetch_object binds parameters before call constructor
. fixed bug #71838 SPL: Deserializing serialized SPLObjectStorage-Object can't access properties in PHP
. fixed bug #52339 SPL: SPL autoloader breaks class_exists()
. fixed bug #67582 SPL: Cloned SplObjectStorage with overwritten getHash fails offsetExists()
. fixed bug #71735 SPL: Double-free in SplDoublyLinkedList::offsetSet
업데이트 패키지
SRPMS:
. php-7.0.4-1.an3.src.rpm
x86_64:
. php-7.0.4-1.an3.x86_64.rpm
. php-cli-7.0.4-1.an3.x86_64.rpm
. php-dba-7.0.4-1.an3.x86_64.rpm
. php-dblib-7.0.4-1.an3.x86_64.rpm
. php-devel-7.0.4-1.an3.x86_64.rpm
. php-extension-7.0.4-1.an3.x86_64.rpm
. php-fpm-7.0.4-1.an3.x86_64.rpm
. php-odbc-7.0.4-1.an3.x86_64.rpm
. php-pgsql-7.0.4-1.an3.x86_64.rpm
|