FEDORA-2015-8383 created by remi 4 years ago for Fedora 21
stable

14 May 2015, PHP 5.6.9

Core: Fixed bug #69467 (Wrong checked for the interface by using Trait). (Laruence) Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence) Fixed bug #60022 ("use statement [...] has no effect" depends on leading backslash). (Nikita) Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). (Dmitry) Fixed bug #68652 (segmentation fault in destructor). (Dmitry) Fixed bug #69419 (Returning compatible sub generator produces a warning). (Nikita) Fixed bug #69472 (php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA). (Jan Starke) Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas) Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). (Stas) Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas) * Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)

FTP: * Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (Stas)

ODBC: Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0). (Anatol) Fixed bug #69474 (ODBC: Query with same field name from two tables returns incorrect result). (Anatol) * Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, Anatol Belski)

OpenSSL: * Fixed bug #69402 (Reading empty SSL stream hangs until timeout). (Daniel Lowrey)

PCNTL: * Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

PCRE: * Upgraded pcrelib to 8.37.

Phar: * Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename starts with null). (Stas)

How to install

sudo dnf upgrade --advisory=FEDORA-2015-8383

This update has been submitted for testing by remi.

4 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/70360/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/70360/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

4 years ago

This update has been pushed to testing

4 years ago
User Icon bradw commented & provided feedback 4 years ago
karma

Personal LAMP and mail server running GNOME. All OK.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

4 years ago

This update has been submitted for stable by remi.

4 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/72969/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/72968/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/72968/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

4 years ago

This update has been pushed to stable

4 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Dates
submitted
4 years ago
in testing
4 years ago
in stable
4 years ago
modified
4 years ago
BZ#1222485 CVE-2015-4024 PHP Multipart/form-data remote dos Vulnerability
0
0
BZ#1223402 CVE-2015-4024 php: PHP Multipart/form-data remote dos Vulnerability [fedora-all]
0
0
BZ#1223408 CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+
0
0
BZ#1223412 CVE-2015-4022 php: integer overflow on reading FTP server data leading to heap overflow
0
0
BZ#1223422 CVE-2015-4026 php: pcntl_exec() does not check path validity
0
0
BZ#1223425 CVE-2015-4021 php: memory corruption in phar_parse_tarfile when entry filename starts with NULL
0
0
BZ#1223447 CVE-2015-4021 CVE-2015-4025 CVE-2015-4026 php: various flaws [fedora-all]
0
0

Automated Test Results