SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for php56-devel-5.6.36-1.2.x86_64.rpm :
Sun May 27 14:00:00 2018 mkubecekAATTsuse.cz
- update to version 5.6.36

* potential infinite loop in gdImageCreateFromGifCtx
(CVE-2018-5711)

* reflected XSS in .phar 404 page (CVE-2018-5712)

* stack-buffer-overflow while parsing HTTP response
(CVE-2018-7584)

* dumpable FPM child processes allow bypassing opcache access
controls (CVE-2018-10545)

* heap Buffer Overflow (READ: 1786) in exif_iif_add_value
(CVE-2018-10549)

* stream filter convert.iconv leads to infinite loop on invalid
sequence (CVE-2018-10546)

* malicious LDAP-Server response causes crash (CVE-2018-10548)

* fix for CVE-2018-5712 may have not been complete
(CVE-2018-10547)

Sat Nov 11 13:00:00 2017 mkubecekAATTsuse.cz
- update to version 5.6.32

* wddx: invalid read when wddx decodes empty boolean element
(CVE-2016-9935)

* openssl: invalid parameter in memcpy function trough
openssl_pbkdf2

* exif: FPE when parsing a tag format (CVE-2016-10158)

* gd: DOS vulnerability in gdImageCreateFromGd2Ctx()
(CVE-2016-10167)

* gd: signed Integer Overflow gd_io.c (CVE-2016-10168)

* phar: crash while loading hostile phar archive (CVE-2016-10159)

* phar: memory corruption when loading hostile phar
(CVE-2016-10160)

* standard: heap out of bounds read on unserialize in
finish_nested_data() (CVE-2016-10161)

* gd: buffer over-read into uninitialized memory (CVE-2017-7890)

* mbstring: add oniguruma upstream fix (CVE-2017-9224,
CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229)

* pcre: fixed bug #75207 (applied upstream patch for
CVE-2016-1283)

Fri Nov 25 13:00:00 2016 mkubecekAATTsuse.cz
- update to version 5.6.28

* intl: add locale length check (CVE-2016-7416)

* mysqlnd: eap overflow in mysqlnd related to bit fields
(CVE-2016-7412)

* out of bound when verify signature of zip phar in
phar_parse_zipfile (CVE-2016-7414)

* spl: missing type check when unserializing SplArray
(CVE-2016-7417)

* standard: memory corruption in during deserialized-object
destruction (CVE-2016-7411)

* wddx: wddx_deserialize use-after-free (CVE-2016-7413)

* wddx: out-of-bounds read in php_wddx_push_element
(CVE-2016-7418)

Mon Sep 5 14:00:00 2016 mkubecekAATTsuse.cz
- update to version 5.6.25

* core: stack-based buffer overflow vulnerability in
virtual_file_ex (CVE-2016-6289)

* core: use after free in unserialize() with unexpected session
deserialization (CVE-2016-6290)

* HTTP_PROXY is improperly trusted by some PHP libraries and
applications (CVE-2016-5385)

* bz2: inadequate error handling in bzread() (CVE-2016-5399)

* exif: out of bound read in exif_process_IFD_in_MAKERNOTE
(CVE-2016-6291)

* exif: null pointer dereference in exif_process_user_comment
(CVE-2016-6292)

* gd: integer overflow error within _gdContributionsAlloc()
(CVE-2016-6207)

* intl: locale_accept_from_http out-of-bounds access
(CVE-2016-6294)

* odbc: PHP segfaults when accessing nvarchar(max) defined
columns (CVE-2015-8879)

* snmp: use after free vulnerability in SNMP with GC and
unserialize() (CVE-2016-6295)

* xmlrpc: heap-buffer-overflow (write) simplestring_addn
simplestring.c (CVE-2016-6296)

* zip: stack-based buffer overflow vulnerability in
php_stream_zip_opener). (CVE-2016-6297)

Fri Jul 1 14:00:00 2016 mkubecekAATTsuse.cz
- fix fbclient build dependency
- specfile cleanup

Fri Jul 1 14:00:00 2016 mkubecekAATTsuse.cz
- update to version 5.6.23

* fpm: fpm_log.c memory leak and buffer overflow (CVE-2016-5114)

* gd: memory Read via gdImageRotateInterpolated Array Index Out
of Bounds (CVE-2016-1903)

* wddx: use After Free Vulnerability in WDDX Packet
Deserialization

* wddx: session WDDX Packet Deserialization Type Confusion
Vulnerability

* xmlrpc: type Confusion Vulnerability in PHP_to_XMLRPC_worker()

* pcre: upgrade bundled PCRE library to 8.38. (CVE-2015-8383,
CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390,
CVE-2015-8391, CVE-2015-8393, CVE-2015-8394)

* phar: heap corruption in tar/zip/phar parser (CVE-2016-4342)

* phar: uninitialized pointer in phar_make_dirstream()).
(CVE-2016-4343)

* phar: NULL Pointer Dereference in phar_tar_setupmetadata()

* phar: stack overflow when decompressing tar archives
(CVE-2016-2554)

* add support for HTTP 451 error code

* fileinfo: buffer over-write in finfo_open with malformed magic
file (CVE-2015-8865)

* mbstring: addressSanitizer: negative-size-param (-1) in
mbfl_strcut (CVE-2016-4073)

* odbc: invalid memory write in phar on filename with \\0 in
name (CVE-2016-4072)

* snmp: php_snmp_error() format string vulnerability
(CVE-2016-4071)

* standard: integer overflow in php_raw_url_encode
(CVE-2016-4070)

* bcmath: bcpowmod accepts negative scale and corrupts _one_
definition (CVE-2016-4537, CVE-2016-4538)

* exif: out of bounds heap read access in exif header
processing (CVE-2016-4542, CVE-2016-4543, CVE-2016-4544)

* gd: libgd: signedness vulnerability (CVE-2016-3074)

* intl: out-of-bounds reads in zif_grapheme_stripos with negative
offset (CVE-2016-4540, CVE-2016-4541)

* xml: xml_parse_into_struct segmentation fault (CVE-2016-4539)

* core: integer underflow / arbitrary null write in fread/gzread
(CVE-2016-5096)

* core: integer Overflow in php_html_entities (CVE-2016-5094)

* gd: imagescale out-of-bounds read (CVE-2013-7456)

* intl: get_icu_value_internal out-of-bounds read (CVE-2016-5093)

* stack overflow with imagefilltoborder (CVE-2015-8874)

* integer Overflow in _gd2GetHeader() resulting in heap
overflow (CVE-2016-5766)

* integer overflow in gdImagePaletteToTrueColor() resulting in
heap overflow (CVE-2016-5767)

* mbstring: _php_mb_regex_ereg_replace_exec - double free
(CVE-2016-5768)

* mcrypt: heap Overflow due to integer overflows (CVE-2016-5769)

* spl: int/size_t confusion in SplFileObject::fread
(CVE-2016-5770)

* spl: use after free vulnerability in PHP\'s GC algorithm and
unserialize (CVE-2016-5771)

* wddx: double free courruption in wddx_deserialize
(CVE-2016-5772)

* zip: ZipArchive class use after free vulnerability in PHP\'s GC
algorithm and unserialize (CVE-2016-5773)
- avoid-gcc-warnings-in-mbstring-extensions.patch:
update (drop part added to upstream)

Sat Dec 26 13:00:00 2015 mikeAATTmk-sys.cz
- update to version 5.6.16

* phar: null pointer dereference in phar_get_fp_offset()
(CVE-2015-7803)

* phar: uninitialized pointer in phar_make_dirstream when zip
entry filename is \"/\" (CVE-2015-7804)

* various segfaults

Wed Sep 30 14:00:00 2015 mikeAATTmk-sys.cz
- update to version 5.6.13

* apache2handler: potential remote code execution with apache 2.4
apache2handler (CVE-2015-3330)

* opcache: user after free (CVE-2015-1351)

* phar: buffer over-read in unserialize when parsing phar
(CVE-2015-2783)

* phar: buffer overflow when parsing tar/zip/phar in
phar_set_inode (CVE-2015-3329)

* postgres: null pointer dereference (CVE-2015-1352)

* core: PHP Multipart/form-data remote dos Vulnerability
(CVE-2015-4024)

* core: CVE-2006-7243 fix regressions in 5.4+ (CVE-2015-4025)

* ftp: integer overflow in ftp_genlist() resulting in heap
overflow (CVE-2015-4022)

* pcntl: pcntl_exec() should not allow null char (CVE-2015-4026)

* pcre: upgrade pcrelib to 8.37 (CVE-2015-2325 CVE-2015-2326)

* phar: memory corruption in phar_parse_tarfile when entry
filename starts with null (CVE-2015-4021)

* core: OS command injection vulnerability in escapeshellarg
(CVE-2015-4642)

* ftp: integer overflow in ftp_genlist() resulting in heap
overflow (CVE-2015-4643)

* postgres: segfault in php_pgsql_meta_data (CVE-2015-4644)

* sqlite3: upgrade bundled sqlite to 3.8.10.2 (CVE-2015-3414
CVE-2015-3415 CVE-2015-3416)

* mysqlnd: mysqlnd is vulnerable to BACKRONYM (CVE-2015-3152)

* phar: segfault in Phar::convertToData on invalid file
(CVE-2015-5589)

* phar: buffer overflow and stack smashing error in
phar_fix_filepath (CVE-2015-5590)

* phar: files extracted from archive may be placed outside of
destination directory (CVE-2015-6833)

* spl: dangling pointer in the unserialization of ArrayObject
items (CVE-2015-6832)

* spl: use after free vulnerability in unserialize() with
SPLArrayObject (CVE-2015-6831)

* spl: use after free vulnerability in unserialize() with
SplObjectStorage (CVE-2015-6831)

* spl: use after free vulnerability in unserialize() with
SplDoublyLinkedList (CVE-2015-6831)

* core: use after free vulnerability in unserialize()).
(CVE-2015-6834)

* core: use after free vulnerability in session deserializer
(CVE-2015-6835)

* soap: SOAP serialize_function_call() type confusion / RCE
(CVE-2015-6836)

* spl: use-after-free vulnerability in unserialize() with
SplObjectStorage (CVE-2015-6834)

* spl: use-after-free vulnerability in unserialize() with
SplDoublyLinkedList (CVE-2015-6834)

* xslt: null pointer dereference (CVE-2015-6837 CVE-2015-6838)

Sun Mar 22 13:00:00 2015 mikeAATTmk-sys.cz
- initial checkin of PHP 5.6.7


 
ICM