Changelog for
php56-php-gmp-5.6.40-34.fc35.remi.x86_64.rpm :
* Tue Sep 27 2022 Remi Collet
- 5.6.40-34- phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628- core: fix #81727 Don\'t mangle HTTP variable names that clash with ones that have a specific semantic meaning. CVE-2022-31629- use oracle client library version 21.7
* Tue Jun 07 2022 Remi Collet - 5.6.40-33- use oracle client library version 21.6- mysqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626- pgsql: fix #81720: Uninitialized array in pg_query_params(). CVE-2022-31625
* Mon Nov 15 2021 Remi Collet - 5.6.40-32- Fix #79971 special character is breaking the path in xml function CVE-2021-21707
* Wed Oct 20 2021 Remi Collet - 5.6.40-31- fix PHP-FPM oob R/W in root process leading to priv escalation CVE-2021-21703- use libicu version 69- use oracle client library version 21.3
* Tue Sep 07 2021 Remi Collet - 5.6.40-30- fix intl build on F35
* Thu Aug 26 2021 Remi Collet - 5.6.40-29- Fix #81211 Symlinks are followed when creating PHAR archive
* Mon Jun 28 2021 Remi Collet - 5.6.40-28- Fix #81122 SSRF bypass in FILTER_VALIDATE_URL CVE-2021-21705- Fix #65689 PDO_Firebrid / exec() does not free allocated statement- Fix #76488 Memory leak when fetching a BLOB field- Fix #76448 Stack buffer overflow in firebird_info_cb- Fix #76449 SIGSEGV in firebird_handle_doer- Fix #76450 SIGSEGV in firebird_stmt_execute- Fix #76452 Crash while parsing blob data in firebird_fetch_blob CVE-2021-21704
* Thu May 27 2021 Remi Collet - 5.6.40-27- fix snmp extension build with net-snmp without DES
* Wed Apr 28 2021 Remi Collet - 5.6.40-26- Fix #80710 imap_mail_compose() header injection- use oracle client library version 21.1
* Wed Feb 03 2021 Remi Collet - 5.6.40-25- Fix #80672 Null Dereference in SoapClient CVE-2021-21702- better fix for #77423
* Mon Jan 04 2021 Remi Collet - 5.6.40-24- Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfo CVE-2020-7071
* Tue Sep 29 2020 Remi Collet - 5.6.40-23- Core: Fix #79699 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent CVE-2020-7070