FEDORA-2021-ca0e53d310 created by remi 8 months ago for Fedora 32
stable

PHP version 7.4.14 (07 Jan 2021)

Core:

  • Fixed bug #74558 (Can't rebind closure returned by Closure::fromCallable()). (cmb)
  • Fixed bug #80345 (PHPIZE configuration has outdated PHP_RELEASE_VERSION). (cmb)
  • Fixed bug #72964 (White space not unfolded for CC/Bcc headers). (cmb)
  • Fixed bug #80362 (Running dtrace scripts can cause php to crash). (al at coralnet dot name)
  • Fixed bug #80393 (Build of PHP extension fails due to configuration gap with libtool). (kir dot morozov at gmail dot com)
  • Fixed bug #80402 (configure filtering out -lpthread). (Nikita)
  • Fixed bug #77069 (stream filter loses final block of data). (cmb)

Fileinfo:

  • Fixed bug #77961 (finfo_open crafted magic parsing SIGABRT). (cmb)

FPM:

  • Fixed bug #69625 (FPM returns 200 status on request without SCRIPT_FILENAME env). (Jakub Zelenka)

Intl:

  • Fixed bug #80425 (MessageFormatAdapter::getArgTypeList redefined). (Nikita)

OpenSSL:

  • Fixed bug #80368 (OpenSSL extension fails to build against LibreSSL due to lack of OCB support). (Nikita)

Phar:

  • Fixed bug #73809 (Phar Zip parse crash - mmap fail). (cmb)
  • Fixed bug #75102 (PharData says invalid checksum for valid tar). (cmb)
  • Fixed bug #77322 (PharData::addEmptyDir('/') Possible integer overflow). (cmb)

PDO MySQL:

  • Fixed bug #80458 (PDOStatement::fetchAll() throws for upsert queries). (Kamil Tekiela)
  • Fixed bug #63185 (nextRowset() ignores MySQL errors with native prepared statements). (Nikita)
  • Fixed bug #78152 (PDO::exec() - Bad error handling with multiple commands). (Nikita)
  • Fixed bug #70066 (Unexpected "Cannot execute queries while other unbuffered queries"). (Nikita)
  • Fixed bug #71145 (Multiple statements in init command triggers unbuffered query error). (Nikita)
  • Fixed bug #76815 (PDOStatement cannot be GCed/closeCursor-ed when a PROCEDURE resultset SIGNAL). (Nikita)

Standard:

  • Fixed bug #77423 (FILTER_VALIDATE_URL accepts URLs with invalid userinfo). (CVE-2020-7071) (cmb)
  • Fixed bug #80366 (Return Value of zend_fstat() not Checked). (sagpant, cmb)
  • Fixed bug #80411 (References to null-serialized object break serialize()). (Nikita)

Tidy:

  • Fixed bug #77594 (ob_tidyhandler is never reset). (cmb)

Zlib:

  • Fixed #48725 (Support for flushing in zlib stream). (cmb)

How to install

sudo dnf upgrade --advisory=FEDORA-2021-ca0e53d310

This update has been submitted for testing by remi.

8 months ago

This update's test gating status has been changed to 'ignored'.

8 months ago

This update's test gating status has been changed to 'waiting'.

8 months ago

This update's test gating status has been changed to 'ignored'.

8 months ago

This update has been pushed to testing.

8 months ago
User Icon newbyte provided feedback 8 months ago
karma

remi edited this update.

8 months ago
User Icon ersen provided feedback 8 months ago
karma

This update can be pushed to stable now if the maintainer wishes

8 months ago

This update has been submitted for stable by remi.

8 months ago

This update has been pushed to stable.

8 months ago

Please login to add feedback.

Metadata
Type
security
Severity
low
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
8 months ago
in testing
8 months ago
in stable
8 months ago
modified
8 months ago
BZ#1913847 CVE-2020-7071 php: FILTER_VALIDATE_URL accepts URLs with invalid userinfo [fedora-all]
0
0

Automated Test Results