Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 529
Alerts This Week
Warning Icon 1 529

Fedora 23 PHP 5.6.20 Critical: Segmentation Faults And Fixes

fedora
Calendar Grey April 9, 2016
Dist Fedora Esm H88
PHP 7.0.0 CLI Server release for Fedora 24 tackles multiple issues such as memory leaks and improper array handling.
31 Mar 2016, **PHP 5.6.20** **CLI Server:** * Fixed bug php#69953 (Support MKCALENDAR request method)

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

Update Information:

31 Mar 2016, **PHP 5.6.20** **CLI Server:** * Fixed bug php#69953 (Support MKCALENDAR request method). (Christoph) **Core:** * Fixed bug php#71596 (Segmentation fault on ZTS with date function (setlocale)). (Anatol) **Curl:** * Fixed bug php#71694 (Support constant CURLM_ADDED_ALREADY). (mpyw) **Date:** * Fixed bug php#71635 (DatePeriod::getEndDate segfault). (Thomas Punt) **Fileinfo:** * Fixed bug php#71527 (Buffer over-write in finfo_open with malformed magic file). (Anatol) **Mbstring:** * Fixed bug php#71906 (AddressSanitizer: negative-size-param (-1) in mbfl_strcut). (Stas) **ODBC:** * Fixed bug php#47803, php#69526 (Executing prepared statements is succesfull only for the first two statements). (einavitamar, Anatol) * Fixed bug php#71860 (Invalid memory write in phar on filename with \0 in name). (Stas) **PDO_DBlib:** * Fixed bug php#54648 (PDO::MSSQL forces format of datetime fields). (steven, Anatol) **Phar:** * Fixed bug php#71625 (Crash in php7.dll with bad ph...

Change Log

References


[ 1 ] Bug #1323114 - php: Integer overflow in php_raw_url_encode https://bugzilla.redhat.com/show_bug.cgi?id=1323114 [ 2 ] Bug #1323108 - php: Format string vulnerability in php_snmp_error() https://bugzilla.redhat.com/show_bug.cgi?id=1323108 [ 3 ] Bug #1323106 - php: Invalid memory write in phar on filename containing \0 inside name https://bugzilla.redhat.com/show_bug.cgi?id=1323106 [ 4 ] Bug #1323103 - php: Negative size parameter in memcpy https://bugzilla.redhat.com/show_bug.cgi?id=1323103 [ 5 ] Bug #1323118 - file: Buffer over-write in finfo_open with malformed magic file https://bugzilla.redhat.com/show_bug.cgi?id=1323118

Update Instructions

This update can be installed with the "yum" update program. Use su -c 'yum update php' at the command line. For more information, refer to "Managing Software with yum", available at .

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php
Product: Fedora 23
Version: 5.6.20
Release: 1.fc23
Summary: PHP scripting language for creating dynamic web sites

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.