php73 보안 업데이트
업데이트 : 2020.01.23
이름 : php73-1:7.3.14-1.an3
벤더 : AnNyung Packaging Team
설명 :
PHP 7.3 is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP
also offers built-in database integration for several commercial
and non-commercial database management systems, so writing a
database-enabled web page with PHP is fairly simple. The most
common use of PHP coding is probably as a replacement for CGI
scripts.
Building option:
--with no_goto : if don't add vm kind option with goto..
변경사항
- update 7.3.14
. http://www.php.net/ChangeLog-7.php#7.3.7
. http://www.php.net/ChangeLog-7.php#7.3.8
. http://www.php.net/ChangeLog-7.php#7.3.9
. http://www.php.net/ChangeLog-7.php#7.3.10
. http://www.php.net/ChangeLog-7.php#7.3.11
. http://www.php.net/ChangeLog-7.php#7.3.12
. http://www.php.net/ChangeLog-7.php#7.3.13
. http://www.php.net/ChangeLog-7.php#7.3.14
- official fixed
. fixed #71876 Core: Memory corruption htmlspecialchars(): charset `*' not supported
. fixed #79146 Core: cscript can fail to run on some systems
. fixed #79078 CURL: Hypothetical use-after-free in curl_multi_add_handle()
. fixed #79154 MBString: mb_convert_encoding() can modify $from_encoding
. fixed #79084 MySQLnd: mysqlnd may fetch wrong column indexes with MYSQLI_BOTH
. fixed #79145 OpenSSL: openssl memory leak
. fixed #79115 Reflection: ReflectionClass::isCloneable call reflected class __destruct
- security issues
. CVE-2020-7059 Standard: OOB read in php_strip_tags_ex
. CVE-2020-7060 Mbstring: global buffer-overflow in 'mbfl_filt_conv_big5_wchar'
. CVE-2019-11041 EXIF: heap-buffer-overflow on exif_scan_thumbnail
. CVE-2019-11042 EXIF: heap-buffer-overflow on exif_process_user_comment
. CVE-2019-11043 FPM: env_path_info underflow in fpm_main.c can lead to RCE
. CVE-2019-11044 Core: link() silently truncates after a null byte on Windows
. CVE-2019-11045 Core: DirectoryIterator class silently truncates after a null byte
. CVE-2019-11046 Bcmath: Buffer underflow in bc_shift_addsub
. CVE-2019-11047 EXIF: Heap-buffer-overflow READ in exif
. CVE-2019-11049 Core: mail() may release string with refcount==1 twice
. CVE-2019-11050 EXIF: Use-after-free in exif parsing under memory sanitizer
. CVE-2019-13224 MBString: Oniguruma 6.9.3 fixes CVEs
업데이트 패키지
SRPMS:
. php73-7.3.14-1.an3.src.rpm
x86_64:
. php73-7.3.14-1.an3.x86_64.rpm
. php73-cli-7.3.14-1.an3.x86_64.rpm
. php73-dba-7.3.14-1.an3.x86_64.rpm
. php73-dblib-7.3.14-1.an3.x86_64.rpm
. php73-devel-7.3.14-1.an3.x86_64.rpm
. php73-extension-7.3.14-1.an3.x86_64.rpm
. php73-fpm-7.3.14-1.an3.x86_64.rpm
. php73-odbc-7.3.14-1.an3.x86_64.rpm
. php73-pgsql-7.3.14-1.an3.x86_64.rpm
|