Alerts This Week
Warning Icon 1 758
Alerts This Week
Warning Icon 1 758

Fedora 22: 2016-5207e0c1a1 Critical: PHP Memory Leak Fix

fedora
Calendar Grey January 16, 2016
Dist Fedora Esm H88
Explore Fedora's latest PHP security patch addressing multiple bugs and critical vulnerabilities, boosting reliability and efficiency.
07 Jan 2016, **PHP 5.6.17** **Core:** * Fixed bug php#66909 (configure fails utf8_to_mutf7 test)

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

Update Information:

07 Jan 2016, **PHP 5.6.17** **Core:** * Fixed bug php#66909 (configure fails utf8_to_mutf7 test). (Michael Orlitzky) * Fixed bug php#70958 (Invalid opcode while using ::class as trait method paramater default value). (Laruence) * Fixed bug php#70957 (self::class can not be resolved with reflection for abstract class). (Laruence) * Fixed bug php#70944 (try{ } finally{} can create infinite chains of exceptions). (Laruence) * Fixed bug php#61751 (SAPI build problem on AIX: Undefined symbol: php_register_internal_extensions). (Lior Kaplan) **FPM:** * Fixed bug php#70755 (fpm_log.c memory leak and buffer overflow). (Stas) **GD:** * Fixed bug php#70976 (Memory Read via gdImageRotateInterpolated Array Index Out of Bounds). (emmanuel dot law at gmail dot com). **Mysqlnd:** * Fixed bug php#68077 (LOAD DATA LOCAL INFILE / open_basedir restriction). (Laruence) **SOAP:** * Fixed bug php#70900 (SoapClient systematic out of memory error). (Dmitry) **Standard:** * Fixed bug php#70960 (R...

Change Log

References


[ 1 ] Bug #1297710 - php: Memory leak and out-of-bounds write in fpm_log.c https://bugzilla.redhat.com/show_bug.cgi?id=1297710 [ 2 ] Bug #1297720 - php: Use-after-free in WDDX Packet Deserialization https://bugzilla.redhat.com/show_bug.cgi?id=1297720 [ 3 ] Bug #1297726 - php: Session WDDX Packet Deserialization Type Confusion Vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=1297726 [ 4 ] Bug #1297730 - php: Type Confusion Vulnerability in PHP_to_XMLRPC_worker() https://bugzilla.redhat.com/show_bug.cgi?id=1297730

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php
Product: Fedora 22
Version: 5.6.17
Release: 1.fc22
Summary: PHP scripting language for creating dynamic web sites

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here