FEDORA-2015-11581

security update in Fedora 21 for php

Status: stable 4 years ago

10 Jul 2015, PHP 5.6.11

Core: Fixed bug #69768 (escapeshell() doesn't cater to !). (cmb) Fixed bug #69703 (Use __builtin_clzl on PowerPC). (dja at axtens dot net, Kalle) Fixed bug #69732 (can induce segmentation fault with basic php code). (Dmitry) Fixed bug #69642 (Windows 10 reported as Windows 8). (Christian Wenz, Anatol Belski) Fixed bug #69551 (parse_ini_file() and parse_ini_string() segmentation fault). (Christoph M. Becker) Fixed bug #69781 (phpinfo() reports Professional Editions of Windows 7/8/8.1/10 as "Business"). (Christian Wenz) Fixed bug #69740 (finally in generator (yield) swallows exception in iteration). (Nikita) Fixed bug #69835 (phpinfo() does not report many Windows SKUs). (Christian Wenz) Fixed bug #69892 (Different arrays compare indentical due to integer key truncation). (Nikita) * Fixed bug #69874 (Can't set empty additional_headers for mail()), regression from fix to bug #68776. (Yasuo)

GD: * Fixed bug #61221 (imagegammacorrect function loses alpha channel). (cmb)

GMP: * Fixed bug #69803 (gmp_random_range() modifies second parameter if GMP number). (Nikita)

PCRE: Fixed Bug #53823 (preg_replace: * qualifier on unicode replace garbles the string). (cmb) Fixed bug #69864 (Segfault in preg_replace_callback) (cmb, ab)

PDO_pgsql: Fixed bug #69752 (PDOStatement::execute() leaks memory with DML Statements when closeCuror() is u). (Philip Hofstetter) Fixed bug #69362 (PDO-pgsql fails to connect if password contains a leading single quote). (Matteo) * Fixed bug #69344 (PDO PgSQL Incorrect binding numeric array with gaps). (Matteo)

SimpleXML: * Refactored the fix for bug #66084 (simplexml_load_string() mangles empty node name). (Christoph Michael Becker)

SPL: Fixed bug #69737 (Segfault when SplMinHeap::compare produces fatal error). (Stas) Fixed bug #67805 (SplFileObject setMaxLineLength). (Willian Gustavo Veiga). * Fixed bug #69970 (Use-after-free vulnerability in spl_recursive_it_move_forward_ex()). (Laruence)

Sqlite3: * Fixed bug #69972 (Use-after-free vulnerability in sqlite3SafetyCheckSickOrOk()). (Laruence)

Comments 14

This update has been submitted for testing by remi.

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/105678/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/105678/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

This update has been pushed to testing

works for me

karma: +1

This update has been submitted for stable by remi.

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/108159/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/108160/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/108160/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

This update is currently being pushed to the Fedora 21 stable updates repository.

This update has been pushed to stable

Add Comment & Feedback

Please login to add feedback.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
+2
stable threshold: 3
unstable threshold: -3
Autopush (karma)
Disabled
Autopush (time)
Disabled
Dates
submitted 4 years ago
in testing 4 years ago
in stable 4 years ago
modified 4 years ago

Related Bugs 3

00 #1245236 CVE-2015-5589 php: segmentation fault in Phar::convertToData on invalid file
00 #1245242 CVE-2015-5590 php: buffer overflow and stack smashing error in phar_fix_filepath
00 #1245245 CVE-2015-5589 CVE-2015-5590 php: various flaws [fedora-all]

Automated Test Results