FEDORA-2021-8dac5c39f3 created by remi 11 months ago for Fedora 33
stable

PHP version 7.4.14 (07 Jan 2021)

Core:

  • Fixed bug #74558 (Can't rebind closure returned by Closure::fromCallable()). (cmb)
  • Fixed bug #80345 (PHPIZE configuration has outdated PHP_RELEASE_VERSION). (cmb)
  • Fixed bug #72964 (White space not unfolded for CC/Bcc headers). (cmb)
  • Fixed bug #80362 (Running dtrace scripts can cause php to crash). (al at coralnet dot name)
  • Fixed bug #80393 (Build of PHP extension fails due to configuration gap with libtool). (kir dot morozov at gmail dot com)
  • Fixed bug #80402 (configure filtering out -lpthread). (Nikita)
  • Fixed bug #77069 (stream filter loses final block of data). (cmb)

Fileinfo:

  • Fixed bug #77961 (finfo_open crafted magic parsing SIGABRT). (cmb)

FPM:

  • Fixed bug #69625 (FPM returns 200 status on request without SCRIPT_FILENAME env). (Jakub Zelenka)

Intl:

  • Fixed bug #80425 (MessageFormatAdapter::getArgTypeList redefined). (Nikita)

OpenSSL:

  • Fixed bug #80368 (OpenSSL extension fails to build against LibreSSL due to lack of OCB support). (Nikita)

Phar:

  • Fixed bug #73809 (Phar Zip parse crash - mmap fail). (cmb)
  • Fixed bug #75102 (PharData says invalid checksum for valid tar). (cmb)
  • Fixed bug #77322 (PharData::addEmptyDir('/') Possible integer overflow). (cmb)

PDO MySQL:

  • Fixed bug #80458 (PDOStatement::fetchAll() throws for upsert queries). (Kamil Tekiela)
  • Fixed bug #63185 (nextRowset() ignores MySQL errors with native prepared statements). (Nikita)
  • Fixed bug #78152 (PDO::exec() - Bad error handling with multiple commands). (Nikita)
  • Fixed bug #70066 (Unexpected "Cannot execute queries while other unbuffered queries"). (Nikita)
  • Fixed bug #71145 (Multiple statements in init command triggers unbuffered query error). (Nikita)
  • Fixed bug #76815 (PDOStatement cannot be GCed/closeCursor-ed when a PROCEDURE resultset SIGNAL). (Nikita)

Standard:

  • Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid userinfo). (CVE-2020-7071) (cmb)
  • Fixed bug #80366 (Return Value of zend_fstat() not Checked). (sagpant, cmb)
  • Fixed bug #80411 (References to null-serialized object break serialize()). (Nikita)

Tidy:

  • Fixed bug #77594 (ob_tidyhandler is never reset). (cmb)

Zlib:

  • Fixed #48725 (Support for flushing in zlib stream). (cmb)

How to install

sudo dnf upgrade --advisory=FEDORA-2021-8dac5c39f3

This update has been submitted for testing by remi.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

This update's test gating status has been changed to 'waiting'.

11 months ago

This update's test gating status has been changed to 'ignored'.

11 months ago

This update has been pushed to testing.

11 months ago

remi edited this update.

11 months ago

This update can be pushed to stable now if the maintainer wishes

11 months ago

This update has been submitted for stable by bodhi.

11 months ago

This update has been pushed to stable.

11 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
11 months ago
in testing
11 months ago
in stable
11 months ago
modified
11 months ago
BZ#1913847 CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo [fedora-all]
0
0

Automated Test Results