php56 보안 업데이트
업데이트 : 2016.06.21
이름 : php56-100:5.6.22-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts. The mod_php module enables the Apache web server to
understand and process the embedded PHP language in web pages.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- fixed zend_mm_heap corrupted problems of exec_dir patch
- security isseus
. CVE-2016-3074 libgd: signedness vulnerability (#71912)
. CVE-2015-8865 Buffer over-write in finfo_open with malformed magic file (#71527)
. CVE-2016-4073 AddressSanitizer: negative-size-param (-1) in mbfl_strcut (#71906)
. CVE-2016-4072 Invalid memory write in phar on filename with \0 in name (#71860)
. CVE-2016-4071 php_snmp_error() Format String Vulnerability (#71704)
. CVE-2016-4070 Integer Overflow in php_raw_url_encode (#71798)
- fixed 5.6.22 Official bug
. fixed #72140 OpenSSL: segfault after calling ERR_free_strings()
. fixed #70484 Intl: selectordinal doesn't work with named parameters
. fixed #72337 GD: invalid dimensions can lead to crash
- fixed 5.6.23 Official bug
. fixed #72439 Stream: tream socket with remote address leads to a segmentation fault
. fixed #72336 OpenSSL: openssl_pkey_new does not fail for invalid DSA params
. fixed #72915 OpenSSL: openssl_random_pseudo_bytes is not fork-safe
. fixed #50854 EXIF: exif_read_data() returns corrupted exif headers
. fixed #72138 Core: Integer Overflow in Length of String-typed ZVAL
. fixed #72447 bz2: Type Confusion in php_bz2_filter_create()
. fixed #43475 GD: Thick styled lines have scrambled patterns
. fixed #53640 GD: XBM images require width to be multiple of 8
. fixed #64641 GD: imagefilledpolygon doesn't draw horizontal line
업데이트 패키지
SRPMS:
. php56-5.6.22-1.an3.src.rpm
|