FEDORA-2020-9fa7f4e25c created by remi 4 months ago for Fedora 30
stable

PHP version 7.3.18 (14 May 2020)

Core:

  • Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb)
  • Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb)
  • Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita)
  • Fixed bug #79477 (casting object into array creates references). (Nikita)
  • Fixed bug #79470 (PHP incompatible with 3rd party file system on demand). (cmb)
  • Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository). (cmb)

DOM:

  • Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes). (cmb)

FCGI:

  • Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)

MBString:

  • Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported). (Girgias)

OpenSSL:

  • Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout). (Joe Cai)

Phar:

  • Fix bug #79503 (Memory leak on duplicate metadata). (cmb)

SimpleXML:

  • Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4). (cmb)

Standard:

  • Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended). (dinosaur)

How to install

sudo dnf upgrade --advisory=FEDORA-2020-9fa7f4e25c

This update has been submitted for testing by remi.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago
karma

remi edited this update.

4 months ago

This update can be pushed to stable now if the maintainer wishes

4 months ago

This update has been submitted for stable by bodhi.

4 months ago

This update has been pushed to stable.

4 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
4 months ago
modified
4 months ago
BZ#1837842 CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms
0
0
BZ#1837843 CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms [fedora-all]
0
0

Automated Test Results