You are here
Home > Preporuke > Sigurnosni nedostaci programskog paketa php

Sigurnosni nedostaci programskog paketa php

——————————————————————————–
Fedora Update Notification
FEDORA-2016-1bc6ca8445
2016-02-14 22:34:20.703238
——————————————————————————–

Name : php
Product : Fedora 22
Version : 5.6.18
Release : 1.fc22
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

——————————————————————————–
Update Information:

04 Feb 2016, **PHP 5.6.18** **Core:** * Fixed bug php#71039 (exec functions
ignore length but look for NULL termination). (Anatol) * Fixed bug php#71089 (No
check to duplicate zend_extension). (Remi) * Fixed bug php#71201 (round()
segfault on 64-bit builds). (Anatol) * Added support for new HTTP 451 code.
(Julien) * Fixed bug php#71273 (A wrong ext directory setup in php.ini leads to
crash). (Anatol) * Fixed bug php#71323 (Output of stream_get_meta_data can be
falsified by its input). (Leo Gaspard) * Fixed bug php#71459 (Integer overflow
in iptcembed()). (Stas) **Apache2handler:** * Fix >2G Content-Length headers
in apache2handler. (Adam Harvey) **FTP:** * Implemented FR php#55651 (Option
to ignore the returned FTP PASV address). (abrender at elitehosts dot com)
**Opcache:** * Fixed bug php#71127 (Define in auto_prepend_file is overwrite).
(Laruence) * Fixed bug php#71024 (Unable to use PHP 7.0 x64 side-by-side with
PHP 5.6 x32 on the same server). (Anatol) **Phar:** * Fixed bug php#71354
(Heap corruption in tar/zip/phar parser). (Stas) * Fixed bug php#71391 (NULL
Pointer Dereference in phar_tar_setupmetadata()). (Stas) * Fixed bug php#71488
(Stack overflow when decompressing tar archives). (Stas) **Session:** * Fixed
bug php#69111 (Crash in SessionHandler::read()). (Anatol) **SOAP:** * Fixed
bug php#70979 (crash with bad soap request). (Anatol) **SPL:** * Fixed bug
php#71204 (segfault if clean spl_autoload_funcs while autoloading). (Laruence)
**WDDX:** * Fixed bug php#71335 (Type Confusion in WDDX Packet
Deserialization). (Stas)
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

——————————————————————————–
Fedora Update Notification
FEDORA-2016-46a34efa06
2016-02-14 22:36:30.486497
——————————————————————————–

Name : php
Product : Fedora 23
Version : 5.6.18
Release : 1.fc23
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

——————————————————————————–
Update Information:

04 Feb 2016, **PHP 5.6.18** **Core:** * Fixed bug php#71039 (exec functions
ignore length but look for NULL termination). (Anatol) * Fixed bug php#71089 (No
check to duplicate zend_extension). (Remi) * Fixed bug php#71201 (round()
segfault on 64-bit builds). (Anatol) * Added support for new HTTP 451 code.
(Julien) * Fixed bug php#71273 (A wrong ext directory setup in php.ini leads to
crash). (Anatol) * Fixed bug php#71323 (Output of stream_get_meta_data can be
falsified by its input). (Leo Gaspard) * Fixed bug php#71459 (Integer overflow
in iptcembed()). (Stas) **Apache2handler:** * Fix >2G Content-Length headers
in apache2handler. (Adam Harvey) **FTP:** * Implemented FR php#55651 (Option
to ignore the returned FTP PASV address). (abrender at elitehosts dot com)
**Opcache:** * Fixed bug php#71127 (Define in auto_prepend_file is overwrite).
(Laruence) * Fixed bug php#71024 (Unable to use PHP 7.0 x64 side-by-side with
PHP 5.6 x32 on the same server). (Anatol) **Phar:** * Fixed bug php#71354
(Heap corruption in tar/zip/phar parser). (Stas) * Fixed bug php#71391 (NULL
Pointer Dereference in phar_tar_setupmetadata()). (Stas) * Fixed bug php#71488
(Stack overflow when decompressing tar archives). (Stas) **Session:** * Fixed
bug php#69111 (Crash in SessionHandler::read()). (Anatol) **SOAP:** * Fixed
bug php#70979 (crash with bad soap request). (Anatol) **SPL:** * Fixed bug
php#71204 (segfault if clean spl_autoload_funcs while autoloading). (Laruence)
**WDDX:** * Fixed bug php#71335 (Type Confusion in WDDX Packet
Deserialization). (Stas)
——————————————————————————–

This update can be installed with the “yum” update program. Use
su -c ‘yum update php’ at the command line.
For more information, refer to “Managing Software with yum”,
available at https://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Top
More in Preporuke
Sigurnosni nedostatak programskog paketa mingw

Otkriven je sigurnosni nedostatak u komponentama programskog paketa mingw za operacijski sustav Fedora. Ranjive komponente su gnutls i nettle, a...

Close