FEDORA-2021-d867b595d1 created by remi 4 months ago for Fedora 34
stable

PHP version 7.4.21 (01 Jul 2021)

Core:

  • Fixed bug #81068 (Double free in realpath_cache_clean()). (Dimitry Andric)
  • Fixed bug #76359 (open_basedir bypass through adding ".."). (cmb)
  • Fixed bug #81090 (Typed property performance degradation with .= operator). (Nikita)
  • Fixed bug #81070 (Integer underflow in memory limit comparison). (Peter van Dommelen)
  • Fixed bug #81122 (SSRF bypass in FILTER_VALIDATE_URL). (CVE-2021-21705) (cmb)

Bzip2:

  • Fixed bug #81092 (fflush before stream_filter_remove corrupts stream). (cmb)

OpenSSL:

  • Fixed bug #76694 (native Windows cert verification uses CN as sever name). (cmb)

PDO_Firebird:

  • Fixed bug #76448 (Stack buffer overflow in firebird_info_cb). (CVE-2021-21704) (cmb)
  • Fixed bug #76449 (SIGSEGV in firebird_handle_doer). (CVE-2021-21704) (cmb)
  • Fixed bug #76450 (SIGSEGV in firebird_stmt_execute). (CVE-2021-21704) (cmb)
  • Fixed bug #76452 (Crash while parsing blob data in firebird_fetch_blob). (CVE-2021-21704) (cmb)

Standard:

  • Fixed bug #81048 (phpinfo(INFO_VARIABLES) "Array to string conversion"). (cmb)

How to install

sudo dnf upgrade --advisory=FEDORA-2021-d867b595d1

This update has been submitted for testing by remi.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update has been pushed to testing.

4 months ago

remi edited this update.

3 months ago

remi edited this update.

3 months ago

This update has been submitted for stable by bodhi.

3 months ago

This update has been pushed to stable.

3 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
4 months ago
in testing
4 months ago
in stable
3 months ago
modified
3 months ago
BZ#1978755 CVE-2021-21705 php: SSRF bypass in FILTER_VALIDATE_URL
0
0
BZ#1978756 CVE-2021-21705 php: SSRF bypass in FILTER_VALIDATE_URL [fedora-all]
0
0
BZ#1978790 CVE-2021-21704 php: security issues in pdo_firebase module
0
0
BZ#1978791 CVE-2021-21704 php: security issues in pdo_firebase module [fedora-all]
0
0

Automated Test Results