FEDORA-2020-9fa7f4e25c created by remi 10 months ago for Fedora 30
stable

PHP version 7.3.18 (14 May 2020)

Core:

  • Fixed bug #78875 (Long filenames cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb)
  • Fixed bug #78876 (Long variables in multipart/form-data cause OOM and temp files are not cleaned). (CVE-2019-11048) (cmb)
  • Fixed bug #79434 (PHP 7.3 and PHP-7.4 crash with NULL-pointer dereference on !CS constant). (Nikita)
  • Fixed bug #79477 (casting object into array creates references). (Nikita)
  • Fixed bug #79470 (PHP incompatible with 3rd party file system on demand). (cmb)
  • Fixed bug #78784 (Unable to interact with files inside a VFS for Git repository). (cmb)

DOM:

  • Fixed bug #78221 (DOMNode::normalize() doesn't remove empty text nodes). (cmb)

FCGI:

  • Fixed bug #79491 (Search for .user.ini extends up to root dir). (cmb)

MBString:

  • Fixed bug #79441 (Segfault in mb_chr() if internal encoding is unsupported). (Girgias)

OpenSSL:

  • Fixed bug #79497 (stream_socket_client() throws an unknown error sometimes with <1s timeout). (Joe Cai)

Phar:

  • Fix bug #79503 (Memory leak on duplicate metadata). (cmb)

SimpleXML:

  • Fixed bug #79528 (Different object of the same xml between 7.4.5 and 7.4.4). (cmb)

Standard:

  • Fixed bug #79468 (SIGSEGV when closing stream handle with a stream filter appended). (dinosaur)

How to install

sudo dnf upgrade --advisory=FEDORA-2020-9fa7f4e25c

This update has been submitted for testing by remi.

10 months ago

This update's test gating status has been changed to 'waiting'.

10 months ago

This update's test gating status has been changed to 'ignored'.

10 months ago

This update has been pushed to testing.

10 months ago
karma

remi edited this update.

10 months ago

This update can be pushed to stable now if the maintainer wishes

10 months ago

This update has been submitted for stable by bodhi.

10 months ago

This update has been pushed to stable.

10 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
1
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
10 months ago
in testing
10 months ago
in stable
10 months ago
modified
10 months ago
BZ#1837842 CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms
0
0
BZ#1837843 CVE-2019-11048 php: 2 integer wraparound when receiving multipart forms [fedora-all]
0
0

Automated Test Results