php71 보안 업데이트
업데이트 : 2018.07.08
이름 : php71-2:7.1.19-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP 7.1 is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- update 7.1.19
. http://php.net/ChangeLog-7.php#7.1.19
- official 7.1.19 bug fixed
. Fixed #76534 Core: PHP hangs on 'illegal string offset on string references with an error handler
. Fixed #76502 Core: Chain of mixed exceptions and errors does not serialize properly
. Fixed #76462 Date: Undefined property: DateInterval::$f
. Fixed #73342 FRPM: Vulnerability in php-fpm by changing stdin to non-blocking
. Fixed #74670 GMP: Integer Underflow when unserializing GMP and possible other classes
. Fixed #76556 intl: get_debug_info handler for BreakIterator shows wrong type
. Fixed #76532 mbstring: Integer overflow and excessive memory usage in mb_strimwidth
. Fixed #76548 PGSQL: pg_fetch_result did not fetch the next row
. Fixed #76536 Reflection: PHP crashes with core dump when throwing exception in error handler
. Fixed #75231 Reflection: ReflectionProperty#getValue() incorrectly works with inherited classes
. Fixed #76505 Standard: array_merge_recursive() is duplicating sub-array keys).
. Fixed #71848 Standard: getimagesize with $imageinfo returns false). (cmb)
- official 7.1.20 bug fixed
. fixed #76366 Filter: References in sub-array for filtering breaks the filter
- security issues
. CVE-2018-10549 Exif: Heap Buffer Overflow (READ: 1786) in exif_iif_add_value (#76130)
. CVE-2018-10546 iconv: stream filter convert.iconv leads to infinite loop on invalid sequence (#76249)
. CVE-2018-10548 ldap: Malicious LDAP-Server Response causes Crash (#76248)
. CVE-2018-10547 Phar: fix for CVE-2018-5712 may not be complete (#76129)
. CVE-2018-10545 FPM: Dumpable FPM child processes allow bypassing opcache access controls (#75605)
업데이트 패키지
SRPMS:
. php71-7.1.19-1.an3.src.rpm
x86_64:
. php71-7.1.19-1.an3.x86_64.rpm
. php71-cli-7.1.19-1.an3.x86_64.rpm
. php71-dba-7.1.19-1.an3.x86_64.rpm
. php71-dblib-7.1.19-1.an3.x86_64.rpm
. php71-devel-7.1.19-1.an3.x86_64.rpm
. php71-extension-7.1.19-1.an3.x86_64.rpm
. php71-fpm-7.1.19-1.an3.x86_64.rpm
. php71-odbc-7.1.19-1.an3.x86_64.rpm
. php71-pgsql-7.1.19-1.an3.x86_64.rpm
|