SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for php71-php-common-7.1.33-18.fc33.remi.x86_64.rpm :

* Wed Oct 20 2021 Remi Collet - 7.1.33-18- fix PHP-FPM oob R/W in root process leading to priv escalation CVE-2021-21703- use libicu version 69- use oracle client library version 21.3
* Tue Sep 07 2021 Remi Collet - 7.1.33-17- fix intl build on F35
* Wed Aug 25 2021 Remi Collet - 7.1.33-16- Fix #81211 Symlinks are followed when creating PHAR archive
* Mon Jun 28 2021 Remi Collet - 7.1.33-15- Fix #81122 SSRF bypass in FILTER_VALIDATE_URL CVE-2021-21705- Fix #76448 Stack buffer overflow in firebird_info_cb- Fix #76449 SIGSEGV in firebird_handle_doer- Fix #76450 SIGSEGV in firebird_stmt_execute- Fix #76452 Crash while parsing blob data in firebird_fetch_blob CVE-2021-21704
* Thu May 27 2021 Remi Collet - 7.1.33-14- fix snmp extension build with net-snmp without DES
* Wed Apr 28 2021 Remi Collet - 7.1.33-13- Fix #80710 imap_mail_compose() header injection- use oracle client library version 21.1
* Wed Feb 03 2021 Remi Collet - 7.1.33-12- Fix #80672 Null Dereference in SoapClient CVE-2021-21702- better fix for #77423
* Mon Jan 04 2021 Remi Collet - 7.1.33-11- Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfo CVE-2020-7071
* Tue Sep 29 2020 Remi Collet - 7.1.33-10- Core: Fix #79699 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent CVE-2020-7070- OpenSSL: Fix #79601 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 Fix bug #78079 openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c
* Tue Aug 04 2020 Remi Collet - 7.1.33-9- Core: Fix #79877 getimagesize function silently truncates after a null byte- Phar: Fix #79797 use of freed hash key in the phar_parse_zipfile function CVE-2020-7068
* Tue May 12 2020 Remi Collet - 7.1.33-8- Core: Fix #78875 Long filenames cause OOM and temp files are not cleaned CVE-2019-11048 Fix #78876 Long variables in multipart/form-data cause OOM and temp files are not cleaned
* Tue Apr 14 2020 Remi Collet - 7.1.33-7- standard: Fix #79330 shell_exec silently truncates after a null byte Fix #79465 OOB Read in urldecode CVE-2020-7067
* Tue Mar 17 2020 Remi Collet - 7.1.33-6- standard: Fix #79329 get_headers() silently truncates after a null byte CVE-2020-7066- exif: Fix #79282 Use-of-uninitialized-value in exif CVE-2020-7064- use oracle client library version 19.6 (18.5 on EL-6)
* Tue Feb 18 2020 Remi Collet - 7.1.33-5- dom: Fix #77569 Write Access Violation in DomImplementation- phar: Fix #79082 Files added to tar with Phar::buildFromIterator have all-access permissions CVE-2020-7063- session: Fix #79221 Null Pointer Dereference in PHP Session Upload Progress CVE-2020-7062
* Thu Jan 23 2020 Remi Collet - 7.1.33-4- mbstring: Fix #79037 global buffer-overflow in mbfl_filt_conv_big5_wchar CVE-2020-7060- session: Fix #79091 heap use-after-free in session_create_id- standard: Fix #79099 OOB read in php_strip_tags_ex CVE-2020-7059
* Tue Dec 17 2019 Remi Collet - 7.1.33-2- bcmath: Fix #78878 Buffer underflow in bc_shift_addsub CVE-2019-11046- core: Fix #78862 link() silently truncates after a null byte on Windows CVE-2019-11044 Fix #78863 DirectoryIterator class silently truncates after a null byte CVE-2019-11045- exif Fix #78793 Use-after-free in exif parsing under memory sanitizer CVE-2019-11050 Fix #78910 Heap-buffer-overflow READ in exif CVE-2019-11047- use oracle client library version 19.5 (18.5 on EL-6)
* Wed Oct 23 2019 Remi Collet - 7.1.33-1- Update to 7.1.33 - http://www.php.net/releases/7_1_33.php
 
ICM