Fedora 25: 2016-d6b82fc729 Critical: PHP Buffer Overflow and More

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

13 Oct 2016 - **PHP version 7.0.12** **Core:** * Fixed bug php#73025 (Heap Buffer Overflow in virtual_popen of zend_virtual_cwd.c). (cmb) * Fixed bug php#72703 (Out of bounds global memory read in BF_crypt triggered by password_verify). (Anatol) * Fixed bug php#73058 (crypt broken when salt is 'too' long). (Anatol) * Fixed bug php#69579 (Invalid free in extension trait). (John Boehr) * Fixed bug php#73156 (segfault on undefined function). (Dmitry) * Fixed bug php#73163 (PHP hangs if error handler throws while accessing undef const in default value). (Nikita) * Fixed bug php#73172 (parse error: Invalid numeric literal). (Nikita, Anatol) * Fixed for php#73240 (Write out of bounds at number_format). (Stas) * Fixed bug php#73147 (Use After Free in PHP7 unserialize()). (Stas) * Fixed bug php#73189 (Memcpy negative size parameter php_resolve_path). (Stas) **BCmath:** * Fix bug php#73190 (memcpy negative parameter _bc_new_num_ex). (Stas) **Date:** * Fixed bug php#73091 (Unserializing...