stable

php-5.6.9-1.fc21

FEDORA-2015-8383 created by remi 8 years ago for Fedora 21

14 May 2015, PHP 5.6.9

Core: * Fixed bug #69467 (Wrong checked for the interface by using Trait). (Laruence) * Fixed bug #69420 (Invalid read in zend_std_get_method). (Laruence) * Fixed bug #60022 ("use statement [...] has no effect" depends on leading backslash). (Nikita) * Fixed bug #67314 (Segmentation fault in gc_remove_zval_from_buffer). (Dmitry) * Fixed bug #68652 (segmentation fault in destructor). (Dmitry) * Fixed bug #69419 (Returning compatible sub generator produces a warning). (Nikita) * Fixed bug #69472 (php_sys_readlink ignores misc errors from GetFinalPathNameByHandleA). (Jan Starke) * Fixed bug #69364 (PHP Multipart/form-data remote dos Vulnerability). (Stas) * Fixed bug #69403 (str_repeat() sign mismatch based memory corruption). (Stas) * Fixed bug #69418 (CVE-2006-7243 fix regressions in 5.4+). (Stas) * Fixed bug #69522 (heap buffer overflow in unpack()). (Stas)

FTP: * Fixed bug #69545 (Integer overflow in ftp_genlist() resulting in heap overflow). (Stas)

ODBC: * Fixed bug #69354 (Incorrect use of SQLColAttributes with ODBC 3.0). (Anatol) * Fixed bug #69474 (ODBC: Query with same field name from two tables returns incorrect result). (Anatol) * Fixed bug #69381 (out of memory with sage odbc driver). (Frederic Marchall, Anatol Belski)

OpenSSL: * Fixed bug #69402 (Reading empty SSL stream hangs until timeout). (Daniel Lowrey)

PCNTL: * Fixed bug #68598 (pcntl_exec() should not allow null char). (Stas)

PCRE: * Upgraded pcrelib to 8.37.

Phar: * Fixed bug #69453 (Memory Corruption in phar_parse_tarfile when entry filename starts with null). (Stas)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2015-8383

This update has been submitted for testing by remi.

8 years ago

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/70360/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/70360/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 testing updates repository.

8 years ago

This update has been pushed to testing

8 years ago
User Icon bradw commented & provided feedback 8 years ago
karma

Personal LAMP and mail server running GNOME. All OK.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

8 years ago

This update has been submitted for stable by remi.

8 years ago

Taskotron: upgradepath test PASSED on noarch. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/72969/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on i386. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/72968/steps/runtask/logs/stdio (results are informative only)

Taskotron: depcheck test PASSED on x86_64. Result log: https://taskotron.fedoraproject.org/taskmaster//builders/x86_64/builds/72968/steps/runtask/logs/stdio (results are informative only)

This update is currently being pushed to the Fedora 21 stable updates repository.

8 years ago

This update has been pushed to stable

8 years ago

Please login to add feedback.

Metadata
Type
security
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
8 years ago
in testing
8 years ago
in stable
8 years ago
modified
8 years ago
BZ#1222485 CVE-2015-4024 PHP Multipart/form-data remote dos Vulnerability
0
0
BZ#1223402 CVE-2015-4024 php: PHP Multipart/form-data remote dos Vulnerability [fedora-all]
0
0
BZ#1223408 CVE-2015-4025 php: CVE-2006-7243 regressions in 5.4+
0
0
BZ#1223412 CVE-2015-4022 php: integer overflow on reading FTP server data leading to heap overflow
0
0
BZ#1223422 CVE-2015-4026 php: pcntl_exec() does not check path validity
0
0
BZ#1223425 CVE-2015-4021 php: memory corruption in phar_parse_tarfile when entry filename starts with NULL
0
0
BZ#1223447 CVE-2015-4021 CVE-2015-4025 CVE-2015-4026 php: various flaws [fedora-all]
0
0

Automated Test Results