php72 보안 업데이트
업데이트 : 2019.01.06
이름 : php72-2:7.2.13-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP 7.2 is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- update 7.2.13
. http://www.php.net/ChangeLog-7.php#7.2.13
. http://www.php.net/ChangeLog-7.php#7.2.12
. http://www.php.net/ChangeLog-7.php#7.2.11
. http://www.php.net/ChangeLog-7.php#7.2.10
. http://www.php.net/ChangeLog-7.php#7.2.9
. http://www.php.net/ChangeLog-7.php#7.2.8
- 7.2.13 official bugs
. fixed #71041 Core: zend_signal_startup() needs ZEND_API
. fixed #76046 Core: PHP generates "FE_FREE" opcode on the wrong line
. fixed #77339 Core: __callStatic may get incorrect arguments
. fixed #77097 Date: DateTime::diff gives wrong diff when the actual diff is less than 1 second.
. fixed #77184 Exif: Unsigned rational numbers are written out as signed rationals.
. fixed #77195 GD: Incorrect error handling of imagecreatefromjpeg().
. fixed #77198 GD: auto cropping has insufficient precision.
. fixed #77200 GD: imagecropauto(…, GD_CROP_SIDES) crops left but not right.
. fixed #77020 IMAP: null pointer dereference in imap_mail.
. fixed #76804 OCI8: oci_pconnect with OCI_CRED_EXT not working.
. OCI8: Added oci_set_call_timeout() for call timeouts.
. OCI8: Added oci_set_db_operation() for the DBOP end-to-end-tracing attribute.
. fixed #77215 Opcache: CFG assertion failure on multiple finalizing switch frees in one block.
. PDO: Handle invalid index passed to PDOStatement::fetchColumn() as error.
. fixed #77051 SQLite3: Issue with re-binding on SQLite3.
- 7.2.14 official bugs
. fixed #77391 GD: 1bpp BMPs may fail to be loaded.
. fixed #75684 MySQLnd: In mysqlnd_ext_plugin.h the plugin methods family has no external visibility.
. fixed #77273 PD0: array_walk_recursive corrupts value types leading to PDO failure.
. fixed #77395 Standard: segfault about array_multisort.
- security issues:
. CVE-2018-17082 Apache2: XSS due to the header Transfer-Encoding: chunked (#76582)
. CVE-2018-12882 EXIF: heap use after free in _php_stream_free (#76409)
. CVE-2018-14883 EXIF: Int Overflow lead to Heap OverFlow in exif_thumbnail_extract of exif.c (#76423)
. CVE-2018-14851 EXIF: heap-buffer-overflow (READ of size 48) while reading exif data (#76557)
업데이트 패키지
SRPMS:
. php72-7.2.13-1.an3.src.rpm
x86_64:
. php72-7.2.13-1.an3.x86_64.rpm
. php72-cli-7.2.13-1.an3.x86_64.rpm
. php72-dba-7.2.13-1.an3.x86_64.rpm
. php72-dblib-7.2.13-1.an3.x86_64.rpm
. php72-devel-7.2.13-1.an3.x86_64.rpm
. php72-extension-7.2.13-1.an3.x86_64.rpm
. php72-fpm-7.2.13-1.an3.x86_64.rpm
. php72-odbc-7.2.13-1.an3.x86_64.rpm
. php72-pgsql-7.2.13-1.an3.x86_64.rpm
|