FEDORA-2020-8838d072d5 created by remi 13 days ago for Fedora 31
stable

PHP version 7.3.18 (14 May 2020)

Core:

  • Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb)
  • Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb)
  • Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita)
  • Fixed bug #79477 (casting object into array creates references). (Nikita)
  • Fixed bug #79470 (PHP incompatible with 3rd party file system on demand). (cmb)
  • Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository). (cmb)

DOM:

  • Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes). (cmb)

FCGI:

  • Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)

MBString:

  • Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported). (Girgias)

OpenSSL:

  • Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout). (Joe Cai)

Phar:

  • Fix bug #79503 (Memory leak on duplicate metadata). (cmb)

SimpleXML:

  • Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4). (cmb)

Standard:

  • Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended). (dinosaur)

How to install

sudo dnf upgrade --advisory=FEDORA-2020-8838d072d5

This update has been submitted for testing by remi.

13 days ago

This update's test gating status has been changed to 'waiting'.

13 days ago

This update's test gating status has been changed to 'ignored'.

13 days ago

This update has been pushed to testing.

12 days ago

remi edited this update.

6 days ago

This update can be pushed to stable now if the maintainer wishes

5 days ago

This update has been submitted for stable by bodhi.

5 days ago

This update has been pushed to stable.

5 days ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
13 days ago
in testing
12 days ago
in stable
5 days ago
modified
6 days ago
BZ#1837842 CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms
0
0
BZ#1837843 CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms [fedora-all]
0
0

Automated Test Results