FEDORA-2019-bab3944fee

security update in Fedora 28 for php

Status: stable 15 days ago

PHP version 7.2.18 (02 May 2019)

CLI:

  • Fixed bug #77794 (Incorrect Date header format in built-in server). (kelunik)

EXIF

  • Fixed bug #77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG). (CVE-2019-11036) (Stas)

Interbase:

  • Fixed bug #72175 (Impossibility of creating multiple connections to Interbase with php 7.x). (Nikita)

Intl:

  • Fixed bug #77895 (IntlDateFormatter::create fails in strict mode if $locale = null). (Nikita)

PCRE:

  • Fixed bug #77827 (preg_match does not ignore \r in regex flags). (requinix, cmb)

PDO:

  • Fixed bug #77849 (Disable cloning of PDO handle/connection objects). (camporter)

phpdbg:

  • Fixed bug #76801 (too many open files). (alekitto)
  • Fixed bug #77800 (phpdbg segfaults on listing some conditional breakpoints). (krakjoe)
  • Fixed bug #77805 (phpdbg build fails when readline is shared). (krakjoe) Reflection:

  • Fixed bug #77772 (ReflectionClass::getMethods(null) doesn't work). (Nikita)

  • Fixed bug #77882 (Different behavior: always calls destructor). (Nikita)

Standard:

  • Fixed bug #77680 (recursive mkdir on ftp stream wrapper is incorrect). (Vlad Temian)
  • Fixed bug #77844 (Crash due to null pointer in parse_ini_string with INI_SCANNER_TYPED). (Nikita)
  • Fixed bug #77853 (Inconsistent substr_compare behaviour with empty haystack). (Nikita)

How to install

sudo dnf upgrade --advisory=FEDORA-2019-bab3944fee

Comments 7

This update has been submitted for testing by remi.

This update has been pushed to testing.

remi edited this update.

This update has reached 7 days in testing and can be pushed to stable now if the maintainer wishes

This update has been submitted for batched by remi.

This update has been submitted for stable by remi.

This update has been pushed to stable.


Add Comment & Feedback
Toggle Preview

Comment fields support Fedora-Flavored Markdown. Comments are governed under this privacy policy.

-1 0 +1 Feedback Guidelines

Is the update generally functional? (karma)

You need to be logged in to add karma!

#1707299 CVE-2019-11036 php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure
#1707300 CVE-2019-11036 php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure [fedora-all]
Content Type
RPM
Status
stable
Test Gating
Submitted by
Update Type
security
Update Severity
medium
Karma
0
stable threshold: 3
unstable threshold: -3
Autopush
Enabled
Dates
submitted a month ago
in testing a month ago
in stable 15 days ago
modified 19 days ago

Related Bugs 2

00 #1707299 CVE-2019-11036 php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure
00 #1707300 CVE-2019-11036 php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure [fedora-all]

Automated Test Results