Changelog for
php71-php-embedded-7.1.33-10.fc32.remi.x86_64.rpm :
* Tue Sep 29 2020 Remi Collet
- 7.1.33-10- Core: Fix #79699 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent CVE-2020-7070- OpenSSL: Fix #79601 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 Fix bug #78079 openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c
* Tue Aug 04 2020 Remi Collet - 7.1.33-9- Core: Fix #79877 getimagesize function silently truncates after a null byte- Phar: Fix #79797 use of freed hash key in the phar_parse_zipfile function CVE-2020-7068
* Tue May 12 2020 Remi Collet - 7.1.33-8- Core: Fix #78875 Long filenames cause OOM and temp files are not cleaned CVE-2019-11048 Fix #78876 Long variables in multipart/form-data cause OOM and temp files are not cleaned
* Tue Apr 14 2020 Remi Collet - 7.1.33-7- standard: Fix #79330 shell_exec silently truncates after a null byte Fix #79465 OOB Read in urldecode CVE-2020-7067
* Tue Mar 17 2020 Remi Collet - 7.1.33-6- standard: Fix #79329 get_headers() silently truncates after a null byte CVE-2020-7066- exif: Fix #79282 Use-of-uninitialized-value in exif CVE-2020-7064- use oracle client library version 19.6 (18.5 on EL-6)
* Tue Feb 18 2020 Remi Collet - 7.1.33-5- dom: Fix #77569 Write Access Violation in DomImplementation- phar: Fix #79082 Files added to tar with Phar::buildFromIterator have all-access permissions CVE-2020-7063- session: Fix #79221 Null Pointer Dereference in PHP Session Upload Progress CVE-2020-7062
* Thu Jan 23 2020 Remi Collet - 7.1.33-4- mbstring: Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060- session: Fix #79091 heap use-after-free in session_create_id- standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059
* Tue Dec 17 2019 Remi Collet - 7.1.33-2- bcmath: Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046- core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045- exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047- use oracle client library version 19.5 (18.5 on EL-6)
* Wed Oct 23 2019 Remi Collet - 7.1.33-1- Update to 7.1.33 - http://www.php.net/releases/7_1_33.php
* Wed Aug 28 2019 Remi Collet - 7.1.32-1- Update to 7.1.32 - http://www.php.net/releases/7_1_32.php
* Wed Jul 31 2019 Remi Collet - 7.1.31-1- Update to 7.1.31 - http://www.php.net/releases/7_1_31.php
* Tue Jul 02 2019 Remi Collet - 7.1.30-3- use oracle client library version 19.3- disable opcache.huge_code_pages in default configuration
* Tue May 28 2019 Remi Collet - 7.1.30-1- Update to 7.1.30 - http://www.php.net/releases/7_1_30.php
* Wed May 01 2019 Remi Collet - 7.1.29-1- Update to 7.1.29 - http://www.php.net/releases/7_1_29.php
* Tue Apr 02 2019 Remi Collet - 7.1.28-1- Update to 7.1.28 - http://www.php.net/releases/7_1_28.php
* Wed Mar 06 2019 Remi Collet - 7.1.27-1- Update to 7.1.27 - http://www.php.net/releases/7_1_27.php- add upstream patch for OpenSSL 1.1.1b
* Fri Jan 18 2019 Remi Collet - 7.1.26-2- cleanup for EL-8
* Wed Jan 09 2019 Remi Collet - 7.1.26-1- Update to 7.1.26 - http://www.php.net/releases/7_1_26.php
* Sat Dec 08 2018 Remi Collet - 7.1.25-2- Fix null pointer dereference in imap_mail CVE-2018-19935
* Wed Dec 05 2018 Remi Collet - 7.1.25-1- Update to 7.1.25 - http://www.php.net/releases/7_1_25.php
* Thu Nov 22 2018 Remi Collet - 7.1.25~RC1-1- update to 7.1.25RC1
* Thu Nov 15 2018 Remi Collet - 7.1.24-3- test build for https://github.com/php/php-src/pull/3666
* Wed Nov 07 2018 Remi Collet - 7.1.24-1- Update to 7.1.24 - http://www.php.net/releases/7_1_24.php
* Wed Oct 24 2018 Remi Collet - 7.1.24~RC1-2- FPM: add getallheaders, backported from 7.3
* Wed Oct 24 2018 Remi Collet - 7.1.24~RC1-1- update to 7.1.24RC1
* Wed Oct 10 2018 Remi Collet - 7.1.23-1- Update to 7.1.23 - http://www.php.net/releases/7_1_23.php