FEDORA-2015-8281 created by remi 5 years ago for Fedora 22
stable

14 May 2015, PHP 5.6.9

Core: * Fixed bug #69467 (Wrong checked for the interface by using Trait). (Laruence) * Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence) * Fixed bug #60022 ("use statement [...] has no effect" depends on leading backslash). (Nikita) * Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). (Dmitry) * Fixed bug #68652 (segmentation fault in destructor). (Dmitry) * Fixed bug #69419 (Returning compatible sub generator produces a warning). (Nikita) * Fixed bug #69472 (php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA). (Jan Starke) * Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas) * Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). (Stas) * Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas) * Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)

FTP: * Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (Stas)

ODBC: * Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0). (Anatol) * Fixed bug #69474 (ODBC: Query with same field name from two tables returns incorrect result). (Anatol) * Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, Anatol Belski)

OpenSSL: * Fixed bug #69402 (Reading empty SSL stream hangs until timeout). (Daniel Lowrey)

PCNTL: * Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

PCRE: * Upgraded pcrelib to 8.37.

Phar: * Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename starts with null). (Stas)

How to install

sudo dnf upgrade --advisory=FEDORA-2015-8281

This update has been submitted for testing by remi.

5 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/70359/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/70359/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 testing updates repository.

5 years ago

This update has been pushed to testing

5 years ago

This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes

5 years ago

This update has been submitted for stable by remi.

5 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71563/steps/runtask/logs/stdio (results are informative only)

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71951/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71952/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71952/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71958/steps/runtask/logs/stdio (results are informative only)

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71972/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/71994/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 22 stable updates repository.

5 years ago

This update is currently being pushed to the Fedora 22 stable updates repository.

5 years ago

This update has been pushed to stable

5 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
5 years ago
in testing
5 years ago
in stable
5 years ago
modified
5 years ago
BZ#1222485 CVE-2015-4024 PHP Multipart/form-data remote dos Vulnerability
0
0
BZ#1223402 CVE-2015-4024 php: PHP Multipart/form-data remote dos Vulnerability [fedora-all]
0
0
BZ#1223408 CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+
0
0
BZ#1223412 CVE-2015-4022 php: integer overflow on reading FTP server data leading to heap overflow
0
0
BZ#1223422 CVE-2015-4026 php: pcntl_exec() does not check path validity
0
0
BZ#1223425 CVE-2015-4021 php: memory corruption in phar_parse_tarfile when entry filename starts with NULL
0
0
BZ#1223447 CVE-2015-4021 CVE-2015-4025 CVE-2015-4026 php: various flaws [fedora-all]
0
0

Automated Test Results