stable
FEDORA-2014-17241 created by remi 7 years ago for Fedora 21

18 Dec 2014, PHP 5.6.4

Core: * Fixed bug #68091 (Some Zend headers lack appropriate extern "C" blocks). (Adam) * Fixed bug #68104 (Segfault while pre-evaluating a disabled function). (Laruence) * Fixed bug #68185 ("Inconsistent insteadof definition."- incorrectly triggered). (Julien) * Fixed bug #68355 (Inconsistency in example php.ini comments). (Chris McCafferty) * Fixed bug #68370 ("unset($this)" can make the program crash). (Laruence) * Fixed bug #68422 (Incorrect argument reflection info for array_multisort()). (Alexander Lisachenko) * Fixed bug #68446 (Array constant not accepted for array parameter default). (Bob, Dmitry) * Fixed bug #68545 (NULL pointer dereference in unserialize.c). (Anatol) * Fixed bug #68594 (Use after free vulnerability in unserialize()). (CVE-2014-8142) (Stefan Esser)

Date: * Fixed day_of_week function as it could sometimes return negative values internally. (Derick)

FPM: * Fixed bug #68381 (fpm_unix_init_main ignores log_level). (David Zuelke, Remi) * Fixed bug #68420 (listen=9000 listens to ipv6 localhost instead of all addresses). (Remi) * Fixed bug #68421 (access.format='%R' doesn't log ipv6 address). (Remi) * Fixed bug #68423 (PHP-FPM will no longer load all pools). (Remi) * Fixed bug #68428 (listen.allowed_clients is IPv4 only). (Remi) * Fixed bug #68452 (php-fpm man page is oudated). (Remi) * Fixed request #68458 (Change pm.start_servers default warning to notice). (David Zuelke, Remi) * Fixed bug #68463 (listen.allowed_clients can silently result in no allowed access). (Remi) * Fixed request #68391 (php-fpm conf files loading order). (Florian Margaine, Remi) * Fixed bug #68478 (access.log don't use prefix). (Remi)

GMP: * Fixed bug #68419 (build error with gmp 4.1). (Remi)

Mcrypt: * Fixed possible read after end of buffer and use after free. (Dmitry)

PDO_pgsql: * Fixed bug #67462 (PDO_PGSQL::beginTransaction() wrongly throws exception when not in transaction) (Matteo) * Fixed bug #68351 (PDO::PARAM_BOOL and ATTR_EMULATE_PREPARES misbehaving) (Matteo)

Session: * Fixed bug #68331 (Session custom storage callable functions not being called) (Yasuo Ohgaki)

SOAP: * Fixed bug #68361 (Segmentation fault on SoapClient::__getTypes). (Laruence)

zlib: * Fixed bug #53829 (Compiling PHP with large file support will replace function gzopen by gzopen64) (Sascha Kettler, Matteo)

How to install

sudo dnf upgrade --refresh --advisory=FEDORA-2014-17241

This update has been submitted for testing by remi.

7 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/20027/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/20027/steps/runtask/logs/stdio (results are informative only)

remi has edited this update. New build(s): php-5.6.4-2.fc21. Removed build(s): php-5.6.4-1.fc21.

7 years ago

This update has been submitted for testing by remi.

7 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22003/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22003/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22128/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/22128/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

7 years ago
User Icon empateinfinito commented & provided feedback 7 years ago
karma

no issues :)

This update has been pushed to testing

7 years ago

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

7 years ago

This update has been submitted for stable by remi.

7 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/23885/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/23884/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/23884/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

7 years ago

This update has been pushed to stable

7 years ago
User Icon am1g0 commented & provided feedback 7 years ago
karma

Seems to be ok


Please login to add feedback.

Metadata
Type
security
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
7 years ago
in testing
7 years ago
in stable
7 years ago
modified
7 years ago
BZ#1175718 CVE-2014-8142 php: use after free vulnerability in unserialize()
0
0
BZ#1176156 CVE-2014-8142 php: use after free vulnerability in unserialize() [fedora-all]
0
0

Automated Test Results