| php-devel-5.3.28-23.an2.x86_64
[680 KiB] |
Changelog
by JoungKyun.Kim (2018-07-08):
- security issues
. CVE-2018-10545 FPM: Dumpable FPM child processes allow bypassing opcache access controls (#75605)
. CVE-2018-10546 iconv: stream filter convert.iconv leads to infinite loop on invalid sequence (#76249)
. CVE-2018-10548 LDAP: Malicious LDAP-Server Response causes Crash (#76248)
. CVE-2018-10547 Phar: fix for CVE-2018-5712 may not be complete (#76129)
|
| php-devel-5.3.28-22.an2.x86_64
[680 KiB] |
Changelog
by JoungKyun.Kim (2018-03-17):
- security issues
. CVE-2017-7890 Buffer over-read from unitialized data in gdImageCreateFromGifCtx function
|
| php-devel-5.3.28-21.an2.x86_64
[680 KiB] |
Changelog
by JoungKyun.Kim (2017-09-02):
- security issues
. CVE-2017-9224 fixed mbstring Oniguruma
. CVE-2017-9226 fixed mbstring Oniguruma
. CVE-2017-9227 fixed mbstring Oniguruma
. CVE-2017-9228 fixed mbstring Oniguruma
. CVE-2017-9229 fixed mbstring Oniguruma
- fixed execdir bugs
. fixed #15 But when using "2>&1" in exec command
. fixed #16 error "NULL byte detected."
|
| php-devel-5.3.28-20.an2.x86_64
[679 KiB] |
Changelog
by JoungKyun.Kim (2017-05-30):
- security issues
. CVE-2016-9933 GD: imagefilltoborder stackoverflow on truecolor images (#72696)
. CVE-2016-10161 Standard: Heap out of bounds read on unserialize in finish_nested_data() (#73825)
. CVE-2016-10159 Phar: Crash while loading hostile phar archive (#73764)
. CVE-2016-10160 Phar: Memory corruption when loading hostile phar (#73768)
. CVE-2016-10167 GD: DOS vulnerability in gdImageCreateFromGd2Ctx() (#73868)
. CVE-2016-10168 GD: Signed Integer Overflow gd_io.c (#73869)
. CVE-2016-10158 EXIF: FPE when parsing a tag format (#73737)
|
| php-devel-5.3.28-19.an2.x86_64
[679 KiB] |
Changelog
by JoungKyun.Kim (2017-01-07):
- security issues
. nosafe_mode_exec_dir: backtics and $() syntax weakness after semi colon #8
https://github.com/OOPS-ORG-PHP/mod_execdir/issues/8
|
| php-devel-5.3.28-18.an2.x86_64
[678 KiB] |
Changelog
by JoungKyun.Kim (2016-11-14):
- security issues
. CVE-2016-5399 BZ2: do not treat negative returns from bz2 as size_t (#72613)
. CVE-2016-5766 GD: Integer Overflow in _gd2GetHeader() resulting in heap overflow (#72339)
. CVE-2016-5767 GD: Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow (#72446)
|
| php-devel-5.3.28-17.an2.x86_64
[678 KiB] |
Changelog
by JoungKyun.Kim (2016-08-16):
- security issues
. CVE-2016-5385 Core: don't set environmental variable based on user supplied Proxy request header
|
| php-devel-5.3.28-16.an2.x86_64
[678 KiB] |
Changelog
by JoungKyun.Kim (2016-06-20):
- fixed zend_mm_heap corrupted problems of exec_dir patch
- security issues
. CVE-2016-4070 Standard: Integer Overflow in php_raw_url_encode (#71798)
. CVE-2016-4072 Phar: Invalid memory write in phar on filename with \0 in name (#71860)
. CVE-2016-4073 Mbstring: AddressSanitizer: negative-size-param (-1) in mbfl_strcut (#71906)
. CVE-2015-8865 Fileinfo: Buffer over-write in finfo_open with malformed magic file (#71527)
. CVE-2016-3074 GD: libgd: signedness vulnerability (#71912)
. fixed bug #72099 XML: xml_parse_into_struct segmentation fault
. CVE-2016-4343 Phar: Uninitialized pointer in phar_make_dirstream() (#71331)
. fixed bug #72135 Core: Integer Overflow in php_html_entities
. fixed bug #72114 Core: Integer underflow / arbitrary null write in fread/gzread
. CVE-2015-8874 GD: Stack overflow with imagefilltoborder (#66387)
. CVE-2015-8383, CVE-2015-8386, CVE-2015-8387, CVE-2015-8389,
CVE-2015-8390, CVE-2015-8391, CVE-2015-8393, CVE-2015-8394
Upgraded pcrelib to 8.38
|
| php-devel-5.3.28-15.an2.x86_64
[675 KiB] |
Changelog
by JoungKyun.Kim (2016-02-16):
- security issues
. fixed bug #71039 Core: exec functions ignore length but look for NULL termination
. fixed bug #71323 Core: Output of stream_get_meta_data can be falsified by its input
. fixed bug #71459 Core: Integer overflow in iptcembed()
. fixed bug #71354 Phar: Heap corruption in tar/zip/phar parser
. fixed bug #71391 Phar: NULL Pointer Dereference in phar_tar_setupmetadata()
. fixed bug #71488 Phar: Stack overflow when decompressing tar archives
|
| php-devel-5.3.28-14.an2.x86_64
[675 KiB] |
Changelog
by JoungKyun.Kim (2016-01-12):
- security issues
. fixed bug #69720 Phar: Null pointer dereference in phar_get_fp_offset()
. fixed bug #70433 Phar: Uninitialized pointer in phar_make_dirstream when zip entry filename is "/"
. fixed bug #70728 XMLRPC: Type Confusion Vulnerability in PHP_to_XMLRPC_worker()
. fixed bug #70755 FPM: fpm_log.c memory leak and buffer overflow
. fixed bug #70661 WDDX: Use After Free Vulnerability in WDDX Packet Deserialization
. Fixed bug #70741 WDDX: Session WDDX Packet Deserialization Type Confusion Vulnerability
|
| php-devel-5.3.28-13.an2.x86_64
[674 KiB] |
Changelog
by JoungKyun.Kim (2015-09-22):
- security issues
. CVE-2015-6834 core: Use After Free Vulnerability in unserialize() (#70172, #70365)
. CVE-2015-6835 core: Use after free vulnerability in session deserializer (#70219)
. CVE-2015-6836 soap: serialize_function_call() type confusion / RCE (#70388)
. CVE-2015-6837 xslt: NULL pointer dereference (#69782)
. CVE-2015-6838 xslt: NULL pointer dereference (#69782)
. #70385 exif: Buffer over-read in exif_read_data with TIFF IFD tag byte value of 32 bytes
. #70312 hash: HAVAL gives wrong hashes in specific cases
. #70345 pcre: Multiple vulnerabilities related to PCRE functions
. #70350 zip: ZipArchive::extractTo allows for directory traversal when creating directories
|
| php-devel-5.3.28-12.an2.x86_64
[673 KiB] |
Changelog
by JoungKyun.Kim (2015-08-17):
- fixed php-pgsql obsolete
|
| php-devel-5.3.28-11.an2.x86_64
[795 KiB] |
Changelog
by JoungKyun.Kim (2015-07-24):
- security issues
. CVE-2014-9425
. CVE-2014-9709
. CVE-2014-9705
. CVE-2015-2301
. CVE-2015-2783
. CVE-2015-3329
. CVE-2015-4021
. CVE-2015-4022
. CVE-2015-4024
. CVE-2015-4026
- official bug fix
. #69353 Missing null byte checks for paths in various PHP extensions
. #69152 Type Confusion Infoleak Vulnerability in unserialize() with SoapFault
|
| php-devel-5.3.28-10.an2.x86_64
[795 KiB] |
Changelog
by JoungKyun.Kim (2015-04-30):
- security issues
. CVE-2015-2331 ZIP: Integer Overflow leads to writing past heap boundary (#69253)
. CVE-2015-2305 Ereg: heap overflow vulnerability in regcomp.c (#69248)
. CVE-2015-2787 Core: Use After Free Vulnerability in unserialize() (#68976)
. CVE-2015-1352 pgsql: Null pointer deference (#68741)
|
| php-devel-5.3.28-9.an2.x86_64
[672 KiB] |
Changelog
by JoungKyun.Kim (2015-02-24):
- security issues
. CVE-2015-0273 Use after free vulnerability in unserialize() (#68594)
|
| php-devel-5.3.28-8.an2.x86_64
[672 KiB] |
Changelog
by JoungKyun.Kim (2015-02-03):
- security issues
. CVE-2014-8142 Use after free vulnerability in unserialize() (#68594)
. CVE-2015-0232 Free called on unitialized pointer (#68799)
. CVE-2015-0231 Use After Free Vulnerability in PHP's unserialize() (#68710)
. CVE-2015-0235 Mitigation for glibc gethostbyname buffer overflow (#68925)
|
| php-devel-5.3.28-7.an2.x86_64
[672 KiB] |
Changelog
by JoungKyun.Kim (2014-10-24):
- security issues
. CVE-2014-3668 (#68027) Global buffer overflow in mkgmtime() function
. CVE-2014-3670 (#68113) Heap corruption in exif_thumbnail()
. CVE-2014-3669 (#68044) Integer overflow in unserialize() (32-bits only)
. CVE-2014-3710 (#68283) fileinfo: out-of-bounds read in elf note headers
|
| php-devel-5.3.28-6.an2.x86_64
[672 KiB] |
Changelog
by JoungKyun.Kim (2014-09-18):
- security issues
. CVE-2014-3597 (#67717) segfault in dns_get_record
. CVE-2014-5120 (#b67730) Null byte injection possible with imagexxx functions
. CVE-2014-2497 (#66901) php-gd 'c_color' NULL pointer dereference
. CVE-2014-3587 (#67716) Segfault in cdf.c
|
| php-devel-5.3.28-5.an2.x86_64
[671 KiB] |
Changelog
by JoungKyun.Kim (2014-08-06):
- Official bug fix
. #66127 Segmentation fault with ArrayObject unset
. #67247 spl_fixedarray_resize integer overflow
. #67249 printf out-of-bounds read
. #67250 iptcparse out-of-bounds read
. #67252 convert_uudecode out-of-bounds read
. #67359 Segfault in recursiveDirectoryIterator
. #67390 insecure temporary file use in the configure script (CVE-2014-3981)
. #67399 putenv with empty variable may lead to crash
. #67492 unserialize() SPL ArrayObject / SPLObjectStorage Type Confusion (CVE-2014-3515)
. #67498 phpinfo() Type Confusion Information Leak Vulnerability
. #67251 date_parse_from_format out-of-bounds read
. #67253 timelib_meridian_with_check out-of-bounds read
. #66307 Fileinfo crashes with powerpoint files
. #67326 fileinfo: cdf_read_short_sector insufficient boundary check (CVE-2014-0207)
. #67327 fileinfo: CDF infinite loop in nelements DoS (CVE-2014-0238)
. #67328 fileinfo: numerous file_printf calls resulting in performance degradation (CVE-2014-0237)
. #67410 fileinfo: mconvert incorrect handling of truncated pascal string size.
. #67411 fileinfo: cdf_check_stream_offset insufficient boundary check.
. #67412 fileinfo: cdf_count_chain insufficient boundary check.
. #67413 fileinfo: cdf_read_property_info insufficient boundary check.
. #67349 Locale::parseLocale Double Free
. #67397 Buffer overflow in locale_get_display_name and uloc_getDisplayName (libicu 4.8.1)
. #67432 Fix potential segfault in dns_check_record()). (CVE-2014-4049)
. Fix missing type checks in various functions
- security issues
. CVE-2014-3981
. CVE-2014-3515
. CVE-2014-0207
. CVE-2014-0238
. CVE-2014-0237
. CVE-2014-4049
|
| php-devel-5.3.28-4.an2.x86_64
[670 KiB] |
Changelog
by JoungKyun.Kim (2014-04-23):
- security issues
. CVE-2013-7345 #66946 extensive backtracking in awk rule regular expression
|
| php-devel-5.3.28-3.an2.x86_64
[669 KiB] |
Changelog
by JoungKyun.Kim (2014-03-12):
- security issue
. CVE-2014-2270 #66820 out-of-bounds memory access in fileinfo
. CVE-2014-1943 #66731 file: infinite recursion
- Official bug fix
. #66501 Add EC key support to php_openssl_is_private_key
. #60602 proc_open() changes environment array
. #66535 Don't add newline after X-PHP-Originating-Script
. #66762i Segfault in mysqli_stmt::bind_result() when link closed
|
| php-devel-5.3.28-2.an2.x86_64
[669 KiB] |
Changelog
by JoungKyun.Kim (2014-01-23):
- fixed segfault in mysqlnd when doing long prepare from patch of 5.3.7
news #72595 (http://news.php.net/php.cvs/72595)
http://git.php.net/?p=php-src.git;a=commitdiff;h=9fc38183b707341b6eddb8c196d0ea2b7c13d6a9
|
| php-devel-5.3.28-1.an2.x86_64
[669 KiB] |
Changelog
by JoungKyun.Kim (2013-12-20):
- update 5.3.28
- security issue
. CVE-2013-6420 Fixed memory corruption in openssl_x509_parse()
- Official bug fix
. #62672 Error on serialize of ArrayObject
. #60560 SplFixedArray un-/serialize, getSize(), count() return 0,
keys are strings
. #65328 Segfault when getting SplStack object Value
. #64802 openssl_x509_parse fails to parse subject properly in some cases
. #50308 session id not appended properly for empty anchor tags
. #65564 stack-buffer-overflow in DateTimeZone stuff caught
. #65554 createFromFormat broken when weekday name is followed
. #65458 curl memory leak
. #60598 cli/apache sapi segfault on objects manipulation
. #61759 class_alias() should accept classes with leading backslashes
. #62396 'make test' crashes starting with 5.3.14 (missing gzencode())
. #61548 content-type must appear at the end of headers for 201 Location
to work in htt
. #64441 FILTER_VALIDATE_URL rejects fully qualified domain names
. #65708 dba functions cast $key param to string in-place, bypassing copy
on write
. #64157 DateTime::createFromFormat() reports confusing error message
. #51936 Crash with clone XMLReader
. #64230 XMLReader does not suppress errors
. #64760 var_export() does not use full precision for floating-point numbers
. #66033 Segmentation Fault when constructor of PDO statement throws an exception
. #65946 sql_parser permanently converts values bound to strings on PDO
. #66124 mysqli under mysqlnd loses precision when bind_param with 'i'
. #66141 mysqlnd quote function is wrong with NO_BACKSLASH_ESCAPES after
failed query
. #66043 Segfault calling bind_param() on mysqli
. #64874 json_decode handles whitespace and case-sensitivity incorrectly
. #66094 unregister_tick_function tries to cast a Closure to a string
. #66321 ZipArchive::open() ze_obj->filename_len not real
. #66229 128.0.0.0/16 isn't reserved any longer
. #65873 Integer overflow in exif_read_data()
. #65196 Passing DOMDocumentFragment to DOMDocument::saveHTML() Produces
invalid Markup
. #63391 Incorrect/inconsistent day of week prior to the year 1600
. #61599 Wrong Day of Week
. #66060 Heap buffer over-read in DateInterval
. #61645 fopen and O_NONBLOCK
|
| php-devel-5.3.27-2.an2.x86_64
[666 KiB] |
Changelog
by JoungKyun.Kim (2013-08-26):
- security issues
. CVE-2013-4073 Fixed handling null bytes in subjectAltName
|
| php-devel-5.3.27-1.an2.x86_64
[666 KiB] |
Changelog
by JoungKyun.Kim (2013-07-12):
- update 5.3.27
- security issues
. #65236 heap corruption in xml parser
|
| php-devel-5.3.26-1.an2.x86_64
[666 KiB] |
Changelog
by JoungKyun.Kim (2013-06-21):
- update 5.3.26
- update pecl libevent extension 0.1.0
- update pecl ncurses extension 1.0.2
- Official bug fix
. #53437 Crash when using unserialized DatePeriod instance
. #64949 Buffer overflow in _pdo_pgsql_error.
. #64609 pg_convert enum type support.
. #64960 Segfault in gc_zval_possible_root.
. #64934 Apache2 TS crash with get_browser()
. #64966 segfault in zend_do_fcall_common_helper_SPEC
. #64997 Segfault while using RecursiveIteratorIterator on 64-bits systems
- security issues
. CVE 2013-2110 Heap based buffer overflow in quoted_printable_encode (#64879)
|
| php-devel-5.3.18-3.an2.x86_64
[783 KiB] |
Changelog
by JoungKyun.Kim (2013-01-01):
- add ldap pagenation patch from PHP 5.4
- build fpm sapi
|
| php-devel-5.3.18-2.an2.x86_64
[783 KiB] |
Changelog
by JoungKyun.Kim (2012-11-15):
- Fixed bug #62593 Emulate prepares behave strangely with PARAM_BOOL
- Fixed bug #63447 max_input_vars doesn't filter variables when
mbstring.encoding_translation = On
- set realpath_cache_force to enable, force enable realpath_cache_size
and realpath_cache_ttl although safe_mode or open_basedir set enabled.
|
| php-devel-5.3.5-9.an2.x86_64
[767 KiB] |
Changelog
by JoungKyun.Kim (2012-09-07):
- fixed CVE-2012-1823
- fixed CVE-2012-2143
- fixed CVE-2012-2688
- fixed CVE-2012-3365
- fixed bug 61948 CURLOPT_COOKIFILE '' raises open_basedir restriction
- fixed bug 62885 mysqli_poll - Segmentation fault
- fixed bug 61367 open_basedir bypass using libxml RSHUTDOWN
Add open_basedir checks to readline_write_history and readline_read_history
open_basedir check for linkinfo
|
| php-devel-5.3.5-8.an2.x86_64
[766 KiB] |
Changelog
by JoungKyun.Kim (2012-07-01):
- fixed CVE-2012-1172
- fixed CVE-2012-0831
|
| php-devel-5.3.5-7.an2.x86_64
[646 KiB] |
Changelog
by JoungKyun.Kim (2012-02-26):
- add record, snmp, ldap, xml extension
- rename php-binary to php-cli
|