FEDORA-2016-65f1ffdc0c

security update in Fedora 22 for php

Status: stable 3 years ago

26 May 2016, PHP 5.6.22

Core:

  • Fixed bug #72172 (zend_hex_strtod should not use strlen). (bwitz at hotmail dot com )
  • Fixed bug #72114 (Integer underflow / arbitrary null write in fread/gzread). (Stas)
  • Fixed bug #72135 (Integer Overflow in php_html_entities). (Stas)

GD:

  • Fixed bug #72227 (imagescale out-of-bounds read). (Stas)

Intl:

  • Fixed bug #64524 (Add intl.use_exceptions to php.ini-*). (Anatol)
  • Fixed bug #72241 (get_icu_value_internal out-of-bounds read). (Stas)

Postgres:

  • Fixed bug #72151 (mysqli_fetch_object changed behaviour). (Anatol)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-65f1ffdc0c

Comments 7

This update has been submitted for testing by remi.

This update has been pushed to testing.

remi edited this update.

remi edited this update.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for stable by remi.

This update has been pushed to stable.

Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
unspecified
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted 3 years ago
in testing 3 years ago
in stable 3 years ago
modified 3 years ago

Related Bugs 6

00 #1339590 CVE-2016-5093 php: Out-of-bounds heap read in get_icu_value_internal
00 #1339949 CVE-2016-5096 php: Integer underflow causing arbitrary null write in fread/gzread
00 #1339950 php: various flaws [fedora-all]
00 #1340738 CVE-2016-5094 php: Integer overflow in php_html_entities()
00 #1340742 CVE-2016-5095 php: Integer overflow in php_filter_full_special_chars
00 #1340745 CVE-2016-5094 CVE-2016-5095 php: various flaws [fedora-all]

Automated Test Results