Changelog for
php56-5.6.36-lp150.1.3.x86_64.rpm :
* Sun May 27 2018 mkubecekAATTsuse.cz- update to version 5.6.36
* potential infinite loop in gdImageCreateFromGifCtx (CVE-2018-5711)
* reflected XSS in .phar 404 page (CVE-2018-5712)
* stack-buffer-overflow while parsing HTTP response (CVE-2018-7584)
* dumpable FPM child processes allow bypassing opcache access controls (CVE-2018-10545)
* heap Buffer Overflow (READ: 1786) in exif_iif_add_value (CVE-2018-10549)
* stream filter convert.iconv leads to infinite loop on invalid sequence (CVE-2018-10546)
* malicious LDAP-Server response causes crash (CVE-2018-10548)
* fix for CVE-2018-5712 may have not been complete (CVE-2018-10547)
* Sat Nov 11 2017 mkubecekAATTsuse.cz- update to version 5.6.32
* wddx: invalid read when wddx decodes empty boolean element (CVE-2016-9935)
* openssl: invalid parameter in memcpy function trough openssl_pbkdf2
* exif: FPE when parsing a tag format (CVE-2016-10158)
* gd: DOS vulnerability in gdImageCreateFromGd2Ctx() (CVE-2016-10167)
* gd: signed Integer Overflow gd_io.c (CVE-2016-10168)
* phar: crash while loading hostile phar archive (CVE-2016-10159)
* phar: memory corruption when loading hostile phar (CVE-2016-10160)
* standard: heap out of bounds read on unserialize in finish_nested_data() (CVE-2016-10161)
* gd: buffer over-read into uninitialized memory (CVE-2017-7890)
* mbstring: add oniguruma upstream fix (CVE-2017-9224, CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229)
* pcre: fixed bug #75207 (applied upstream patch for CVE-2016-1283)
* Fri Nov 25 2016 mkubecekAATTsuse.cz- update to version 5.6.28
* intl: add locale length check (CVE-2016-7416)
* mysqlnd: eap overflow in mysqlnd related to bit fields (CVE-2016-7412)
* out of bound when verify signature of zip phar in phar_parse_zipfile (CVE-2016-7414)
* spl: missing type check when unserializing SplArray (CVE-2016-7417)
* standard: memory corruption in during deserialized-object destruction (CVE-2016-7411)
* wddx: wddx_deserialize use-after-free (CVE-2016-7413)
* wddx: out-of-bounds read in php_wddx_push_element (CVE-2016-7418)
* Mon Sep 05 2016 mkubecekAATTsuse.cz- update to version 5.6.25
* core: stack-based buffer overflow vulnerability in virtual_file_ex (CVE-2016-6289)
* core: use after free in unserialize() with unexpected session deserialization (CVE-2016-6290)
* HTTP_PROXY is improperly trusted by some PHP libraries and applications (CVE-2016-5385)
* bz2: inadequate error handling in bzread() (CVE-2016-5399)
* exif: out of bound read in exif_process_IFD_in_MAKERNOTE (CVE-2016-6291)
* exif: null pointer dereference in exif_process_user_comment (CVE-2016-6292)
* gd: integer overflow error within _gdContributionsAlloc() (CVE-2016-6207)
* intl: locale_accept_from_http out-of-bounds access (CVE-2016-6294)
* odbc: PHP segfaults when accessing nvarchar(max) defined columns (CVE-2015-8879)
* snmp: use after free vulnerability in SNMP with GC and unserialize() (CVE-2016-6295)
* xmlrpc: heap-buffer-overflow (write) simplestring_addn simplestring.c (CVE-2016-6296)
* zip: stack-based buffer overflow vulnerability in php_stream_zip_opener). (CVE-2016-6297)
* Fri Jul 01 2016 mkubecekAATTsuse.cz- fix fbclient build dependency- specfile cleanup
* Fri Jul 01 2016 mkubecekAATTsuse.cz- update to version 5.6.23
* fpm: fpm_log.c memory leak and buffer overflow (CVE-2016-5114)
* gd: memory Read via gdImageRotateInterpolated Array Index Out of Bounds (CVE-2016-1903)
* wddx: use After Free Vulnerability in WDDX Packet Deserialization
* wddx: session WDDX Packet Deserialization Type Confusion Vulnerability
* xmlrpc: type Confusion Vulnerability in PHP_to_XMLRPC_worker()
* pcre: upgrade bundled PCRE library to 8.38. (CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389, CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394)
* phar: heap corruption in tar/zip/phar parser (CVE-2016-4342)
* phar: uninitialized pointer in phar_make_dirstream()). (CVE-2016-4343)
* phar: NULL Pointer Dereference in phar_tar_setupmetadata()
* phar: stack overflow when decompressing tar archives (CVE-2016-2554)
* add support for HTTP 451 error code
* fileinfo: buffer over-write in finfo_open with malformed magic file (CVE-2015-8865)
* mbstring: addressSanitizer: negative-size-param (-1) in mbfl_strcut (CVE-2016-4073)
* odbc: invalid memory write in phar on filename with \\0 in name (CVE-2016-4072)
* snmp: php_snmp_error() format string vulnerability (CVE-2016-4071)
* standard: integer overflow in php_raw_url_encode (CVE-2016-4070)
* bcmath: bcpowmod accepts negative scale and corrupts _one_ definition (CVE-2016-4537, CVE-2016-4538)
* exif: out of bounds heap read access in exif header processing (CVE-2016-4542, CVE-2016-4543, CVE-2016-4544)
* gd: libgd: signedness vulnerability (CVE-2016-3074)
* intl: out-of-bounds reads in zif_grapheme_stripos with negative offset (CVE-2016-4540, CVE-2016-4541)
* xml: xml_parse_into_struct segmentation fault (CVE-2016-4539)
* core: integer underflow / arbitrary null write in fread/gzread (CVE-2016-5096)
* core: integer Overflow in php_html_entities (CVE-2016-5094)
* gd: imagescale out-of-bounds read (CVE-2013-7456)
* intl: get_icu_value_internal out-of-bounds read (CVE-2016-5093)
* stack overflow with imagefilltoborder (CVE-2015-8874)
* integer Overflow in _gd2GetHeader() resulting in heap overflow (CVE-2016-5766)
* integer overflow in gdImagePaletteToTrueColor() resulting in heap overflow (CVE-2016-5767)
* mbstring: _php_mb_regex_ereg_replace_exec - double free (CVE-2016-5768)
* mcrypt: heap Overflow due to integer overflows (CVE-2016-5769)
* spl: int/size_t confusion in SplFileObject::fread (CVE-2016-5770)
* spl: use after free vulnerability in PHP\'s GC algorithm and unserialize (CVE-2016-5771)
* wddx: double free courruption in wddx_deserialize (CVE-2016-5772)
* zip: ZipArchive class use after free vulnerability in PHP\'s GC algorithm and unserialize (CVE-2016-5773)- avoid-gcc-warnings-in-mbstring-extensions.patch: update (drop part added to upstream)
* Sat Dec 26 2015 mikeAATTmk-sys.cz- update to version 5.6.16
* phar: null pointer dereference in phar_get_fp_offset() (CVE-2015-7803)
* phar: uninitialized pointer in phar_make_dirstream when zip entry filename is \"/\" (CVE-2015-7804)
* various segfaults
* Wed Sep 30 2015 mikeAATTmk-sys.cz- update to version 5.6.13
* apache2handler: potential remote code execution with apache 2.4 apache2handler (CVE-2015-3330)
* opcache: user after free (CVE-2015-1351)
* phar: buffer over-read in unserialize when parsing phar (CVE-2015-2783)
* phar: buffer overflow when parsing tar/zip/phar in phar_set_inode (CVE-2015-3329)
* postgres: null pointer dereference (CVE-2015-1352)
* core: PHP Multipart/form-data remote dos Vulnerability (CVE-2015-4024)
* core: CVE-2006-7243 fix regressions in 5.4+ (CVE-2015-4025)
* ftp: integer overflow in ftp_genlist() resulting in heap overflow (CVE-2015-4022)
* pcntl: pcntl_exec() should not allow null char (CVE-2015-4026)
* pcre: upgrade pcrelib to 8.37 (CVE-2015-2325 CVE-2015-2326)
* phar: memory corruption in phar_parse_tarfile when entry filename starts with null (CVE-2015-4021)
* core: OS command injection vulnerability in escapeshellarg (CVE-2015-4642)
* ftp: integer overflow in ftp_genlist() resulting in heap overflow (CVE-2015-4643)
* postgres: segfault in php_pgsql_meta_data (CVE-2015-4644)
* sqlite3: upgrade bundled sqlite to 3.8.10.2 (CVE-2015-3414 CVE-2015-3415 CVE-2015-3416)
* mysqlnd: mysqlnd is vulnerable to BACKRONYM (CVE-2015-3152)
* phar: segfault in Phar::convertToData on invalid file (CVE-2015-5589)
* phar: buffer overflow and stack smashing error in phar_fix_filepath (CVE-2015-5590)
* phar: files extracted from archive may be placed outside of destination directory (CVE-2015-6833)
* spl: dangling pointer in the unserialization of ArrayObject items (CVE-2015-6832)
* spl: use after free vulnerability in unserialize() with SPLArrayObject (CVE-2015-6831)
* spl: use after free vulnerability in unserialize() with SplObjectStorage (CVE-2015-6831)
* spl: use after free vulnerability in unserialize() with SplDoublyLinkedList (CVE-2015-6831)
* core: use after free vulnerability in unserialize()). (CVE-2015-6834)
* core: use after free vulnerability in session deserializer (CVE-2015-6835)
* soap: SOAP serialize_function_call() type confusion / RCE (CVE-2015-6836)
* spl: use-after-free vulnerability in unserialize() with SplObjectStorage (CVE-2015-6834)
* spl: use-after-free vulnerability in unserialize() with SplDoublyLinkedList (CVE-2015-6834)
* xslt: null pointer dereference (CVE-2015-6837 CVE-2015-6838)
* Sun Mar 22 2015 mikeAATTmk-sys.cz- initial checkin of PHP 5.6.7