php72 보안 업데이트
업데이트 : 2019.06.08
이름 : php72-2:7.2.19-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP 7.2 is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- update 7.2.19
. http://www.php.net/ChangeLog-7.php#7.2.19
. http://www.php.net/ChangeLog-7.php#7.2.18
. http://www.php.net/ChangeLog-7.php#7.2.17
. http://www.php.net/ChangeLog-7.php#7.2.16
. http://www.php.net/ChangeLog-7.php#7.2.15
- 7.2.19 official bugs
. fixed #76980 Core: Interface gets skipped if autoloader throws an exception).
. fixed #78025 DOM: segfault when accessing properties of DOMDocumentType).
. fixed #77956 MySQLi: When mysqli.allow_local_infile = Off, use a meaningful
. fixed #38546 MySQLi: bindParam incorrect processing of bool types).
. fixed #78079 OpenSSL: openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c).
. fixed #78038 Sockets: Socket_select fails when resource array contains
. fixed #77135 Standard: Extract with EXTR_SKIP should skip $this).
. fixed #76345 Zip: zip.h not found). (Michael Maroszek)
- security issues
. CVE-2019-11040 EXIF: heap-buffer-overflow on php_jpg_get16 (#77988)
. CVE-2019-11038 GD: Uninitialized read in gdImageCreateFromXbm (#77973)
. CVE-2019-11039 Iconv: Out-of-bounds read in iconv.c:_php_iconv_mime_decode()
due to integer overflow (#78069)
. CVE-2019-11036 EXIF: Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG (#77950)
. CVE-2019-11035 EXIF: Heap-buffer-overflow in exif_iif_add_value (#77831)
. CVE-2019-11034 EXIF: Heap-buffer-overflow in php_ifd_get32s (#77753)
- link openssl 1.1 (openssl11)
. support TLS 1.3
- 3rd party extensions
. mysql: removed and seperated by php72-mysql package
. libevent: fixed #23 Segmentation fault where there is more than one timer event
업데이트 패키지
SRPMS:
. php72-7.2.19-1.an3.src.rpm
x86_64:
. php72-7.2.19-1.an3.x86_64.rpm
. php72-cli-7.2.19-1.an3.x86_64.rpm
. php72-dba-7.2.19-1.an3.x86_64.rpm
. php72-dblib-7.2.19-1.an3.x86_64.rpm
. php72-devel-7.2.19-1.an3.x86_64.rpm
. php72-extension-7.2.19-1.an3.x86_64.rpm
. php72-fpm-7.2.19-1.an3.x86_64.rpm
. php72-odbc-7.2.19-1.an3.x86_64.rpm
. php72-pgsql-7.2.19-1.an3.x86_64.rpm
|