-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2017-f4be0df5f9 2017-01-24 19:30:37.940341 --------------------------------------------------------------------------------
Name : php Product : Fedora 25 Version : 7.0.15 Release : 1.fc25 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. -------------------------------------------------------------------------------- Update Information: **PHP version 7.0.15** (19 Jan 2017) **Core:** * Fixed bug php#73792 (invalid foreach loop hangs script). (Dmitry) * Fixed bug php#73663 ("Invalid opcode 65/16/8" occurs with a variable created with list()). (Laruence) * Fixed bug php#73585 (Logging of "Internal Zend error - Missing class information" missing class name). (Laruence) * Fixed bug php#73753 (unserialized array pointer not advancing). (David Walker) * Fixed bug php#73825 (Heap out of bounds read on unserialize in finish_nested_data()). (Stas) * Fixed bug php#73831 (NULL Pointer Dereference while unserialize php object). (Stas) * Fixed bug php#73832 (Use of uninitialized memory in unserialize()). (Stas) * Fixed bug php#73092 (Unserialize use-after-free when resizing object's properties hash table). (Nikita) * Fixed bug php#69425 (Use After Free in unserialize()). (Nikita) * Fixed bug php#72731 (Type Confusion in Object Deserialization). (Nikita) **DOM:** * Fixed bug php#67474 (getElementsByTagNameNS filter on default ns). (aboks) **EXIF:** * Bug bug php#73737 (FPE when parsing a tag format). (Stas) **GD:** * Fixed bug php#73869 (Signed Integer Overflow gd_io.c). (cmb) * Fixed bug php#73868 (DOS vulnerability in gdImageCreateFromGd2Ctx()). (cmb) **GMP:** * Fixed bug php#70513 (GMP Deserialization Type Confusion Vulnerability). (Nikita) **Mysqli:** * Fixed bug php#73462 (Persistent connections don't set $connect_errno). (darkain) **Mysqlnd:** * Fixed issue with decoding BIT columns when having more than one rows in the result set. 7.0+ problem. (Andrey) * Fixed bug php#73800 (sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE). (vanviegen) **PCRE:** * Fixed bug php#73612 (preg_*() may leak memory). (cmb) **PDO_Firebird:** * Fixed bug php#72931 (PDO_FIREBIRD with Firebird 3.0 not work on returning statement). (Dorin Marcoci) **Phar:** * Fixed bug php#73773 (Seg fault when loading hostile phar). (Stas) * Fixed bug php#73768 (Memory corruption when loading hostile phar). (Stas) * Fixed bug php#73764 (Crash while loading hostile phar archive). (Stas) **Phpdbg:** * Fixed bug php#73615 (phpdbg without option never load .phpdbginit at startup). (Bob) * Fixed issue getting executable lines from custom wrappers. (Bob) * Fixed bug php#73704 (phpdbg shows the wrong line in files with shebang). (Bob) **Reflection:** * Fixed bug php#46103 (ReflectionObject memory leak). (Nikita) **Streams:** * Fixed bug php#73586 (php_user_filter::$stream is not set to the stream the filter is working on). (Dmitry) **SQLite3:** * Reverted fix for bug php#73530 (Unsetting result set may reset other result set). (cmb) **Standard:** * Fixed bug php#73594 (dns_get_record does not populate $additional out parameter). (Bruce Weirdan) * Fixed bug php#70213 (Unserialize context shared on double class lookup). (Taoguang Chen) * Fixed bug php#73154 (serialize object with __sleep function crash). (Nikita) * Fixed bug php#70490 (get_browser function is very slow). (Nikita) * Fixed bug php#73265 (Loading browscap.ini at startup causes high memory usage). (Nikita) * Fixed bug php#31875 (get_defined_functions additional param to exclude disabled functions). (willianveiga) **Zlib:** * Fixed bug php#73373 (deflate_add does not verify that output was not truncated). (Matt Bonneau) -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade php' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- [email protected] To unsubscribe send an email to [email protected]
