FEDORA-EPEL-2018-31ccd7aee3 created by remi 2 years ago for Fedora EPEL 7
stable

Version 6.2.25

  • Fix support for image URLs.

Version 6.2.24

  • Support remote urls when checking if file exists.

Version 6.2.23

  • Simplify file_exists function.

Version 6.2.20

  • Fix for security vulnerability: Using the phar:// wrapper it was possible to trigger the unserialization of user provided data.

Version 6.2.19

  • Merge various fixes for PHP 7.3 compatibility and security.

This update has been submitted for testing by remi.

2 years ago

This update has obsoleted php-tcpdf-6.2.22-1.el7, and has inherited its bugs and notes.

2 years ago

hello remi, since 6.2.2 which was the prior fedora package (see https://bodhi.fedoraproject.org/updates/?packages=php-tcpdf) there have been the fixes: Version 6.2.25: Fix support for image URLs. Version 6.2.24: Support remote urls when checking if file exists. Version 6.2.23: Simplify file_exists function.

Do you know which of these fixes is a security fix?

@muench, read the above changelog...

Version 6.2.20: Fix for security vulnerability: ...

IIUC other are regression fix.

Sorry my mistake, I wrote since 6.2.2 but i meant 6.2.22 (which is the last fedora package before this security update). The security fix from Version 6.2.20 you mentioned was already referenced in the 6.2.22 release (see https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2018-4255a1292d)

Previous update was obsoleted by this one, so this one keep the security flag for the fix in 6.2.20

thank you!

This update has been pushed to testing.

2 years ago

This update has reached 14 days in testing and can be pushed to stable now if the maintainer wishes

2 years ago

This update has been submitted for batched by remi.

2 years ago

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
2 years ago
in testing
2 years ago
in stable
2 years ago

Automated Test Results