FEDORA-2016-e205218629 created by remi 3 years ago for Fedora 22
stable

28 Apr 2016, PHP 5.6.21

Core:

  • Fixed bug #69537 (__debugInfo with empty string for key gives error). (krakjoe)
  • Fixed bug #71841 (EG(error_zval) is not handled well). (Laruence)

BCmath:

  • Fixed bug #72093 (bcpowmod accepts negative scale and corrupts one definition). (Stas)

Curl:

  • Fixed bug #71831 (CURLOPT_NOPROXY applied as long instead of string). (Michael Sierks)

Date:

  • Fixed bug #71889 (DateInterval::format Segmentation fault). (Thomas Punt)

EXIF:

  • Fixed bug #72094 (Out of bounds heap read access in exif header processing). (Stas)

GD:

  • Fixed bug #71952 (Corruption inside imageaffinematrixget). (Stas)
  • Fixed bug #71912 (libgd: signedness vulnerability). (Stas)

Intl:

  • Fixed bug #72061 (Out-of-bounds reads in zif_grapheme_stripos with negative offset). (Stas)

OCI8:

  • Fixed bug #71422 (Fix ORA-01438: value larger than specified precision allowed for this column). (Chris Jones)

ODBC:

  • Fixed bug #63171 (Script hangs after max_execution_time). (Remi)

Opcache:

  • Fixed bug #71843 (null ptr deref ZEND_RETURN_SPEC_CONST_HANDLER). (Laruence)

PDO:

  • Fixed bug #52098 (Own PDOStatement implementation ignore __call()). (Daniel Kalaspuffar, Julien)
  • Fixed bug #71447 (Quotes inside comments not properly handled). (Matteo)

Postgres:

  • Fixed bug #71820 (pg_fetch_object binds parameters before call constructor). (Anatol)

SPL:

  • Fixed bug #67582 (Cloned SplObjectStorage with overwritten getHash fails offsetExists()). (Nikita)

Standard:

  • Fixed bug #71840 (Unserialize accepts wrongly data). (Ryat, Laruence)
  • Fixed bug #67512 (php_crypt() crashes if crypt_r() does not exist or _REENTRANT is not defined). (Nikita)

XML:

  • Fixed bug #72099 (xml_parse_into_struct segmentation fault). (Stas)

How to install

sudo dnf upgrade --advisory=FEDORA-2016-e205218629
This update has been submitted for testing by remi. 3 years ago
This update has been pushed to testing. 3 years ago
remi edited this update. 3 years ago
This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes 3 years ago
This update has been submitted for stable by remi. 3 years ago
This update has been pushed to stable. 3 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Dates
submitted
3 years ago
in testing
3 years ago
in stable
3 years ago
modified
3 years ago
BZ#1332860 CVE-2016-4537 CVE-2016-4538 php: bcpowmod accepts negative scale causing heap buffer overflow corrupting _one_ definition
0
0
BZ#1332865 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 php: Out-of-bounds heap memory read in exif_read_data() caused by malformed input
0
0
BZ#1332872 CVE-2016-4540 CVE-2016-4541 php: Out-of-bounds memory read in zif_grapheme_stripos when given negative offset
0
0
BZ#1332877 CVE-2016-4539 php: Malformed input causes segmentation fault in xml_parse_into_struct() function
0
0
BZ#1332882 CVE-2016-4537 CVE-2016-4538 CVE-2016-4539 CVE-2016-4540 CVE-2016-4541 CVE-2016-4542 CVE-2016-4543 CVE-2016-4544 php: various flaws [fedora-all]
0
0

Automated Test Results