Changelog for
php71-php-common-7.1.33-22.fc35.remi.x86_64.rpm :
* Tue Sep 27 2022 Remi Collet
- 7.1.33-22- phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628- core: fix #81727 Don\'t mangle HTTP variable names that clash with ones that have a specific semantic meaning. CVE-2022-31629- use oracle client library version 21.7
* Tue Jun 07 2022 Remi Collet - 7.1.33-20- use oracle client library version 21.6- mysqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626- pgsql: fix #81720: Uninitialized array in pg_query_params(). CVE-2022-31625
* Mon Nov 15 2021 Remi Collet - 7.1.33-19- Fix #79971 special character is breaking the path in xml function CVE-2021-21707
* Wed Oct 20 2021 Remi Collet - 7.1.33-18- fix PHP-FPM oob R/W in root process leading to priv escalation CVE-2021-21703- use libicu version 69- use oracle client library version 21.3
* Tue Sep 07 2021 Remi Collet - 7.1.33-17- fix intl build on F35
* Wed Aug 25 2021 Remi Collet - 7.1.33-16- Fix #81211 Symlinks are followed when creating PHAR archive
* Mon Jun 28 2021 Remi Collet - 7.1.33-15- Fix #81122 SSRF bypass in FILTER_VALIDATE_URL CVE-2021-21705- Fix #76448 Stack buffer overflow in firebird_info_cb- Fix #76449 SIGSEGV in firebird_handle_doer- Fix #76450 SIGSEGV in firebird_stmt_execute- Fix #76452 Crash while parsing blob data in firebird_fetch_blob CVE-2021-21704
* Thu May 27 2021 Remi Collet - 7.1.33-14- fix snmp extension build with net-snmp without DES
* Wed Apr 28 2021 Remi Collet - 7.1.33-13- Fix #80710 imap_mail_compose() header injection- use oracle client library version 21.1
* Wed Feb 03 2021 Remi Collet - 7.1.33-12- Fix #80672 Null Dereference in SoapClient CVE-2021-21702- better fix for #77423
* Mon Jan 04 2021 Remi Collet - 7.1.33-11- Fix #77423 FILTER_VALIDATE_URL accepts URLs with invalid userinfo CVE-2020-7071
* Tue Sep 29 2020 Remi Collet - 7.1.33-10- Core: Fix #79699 PHP parses encoded cookie names so malicious `__Host-` cookies can be sent CVE-2020-7070- OpenSSL: Fix #79601 Wrong ciphertext/tag in AES-CCM encryption for a 12 bytes IV CVE-2020-7069 Fix bug #78079 openssl_encrypt_ccm.phpt fails with OpenSSL 1.1.1c