--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-cdaaf6ea12
2017-11-07 22:23:37.427373
--------------------------------------------------------------------------------Name        : php
Product     : Fedora 25
Version     : 7.0.25
Release     : 1.fc25
URL         : https://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

--------------------------------------------------------------------------------Update Information:

**PHP version 7.0.25** (26 Oct 2017)  **Core:**  * Fixed bug php#75241 (Null
pointer dereference in zend_mm_alloc_small()). (Laruence) * Fixed bug php#75236
(infinite loop when printing an error-message). (Andrea) * Fixed bug php#75252
(Incorrect token formatting on two parse errors in one request). (Nikita) *
Fixed bug php#75220 (Segfault when calling is_callable on parent).
(andrewnester) * Fixed bug php#75290 (debug info of Closures of internal
functions contain garbage argument names). (Andrea)  **Apache2Handler:**  *
Fixed bug php#75311 (error: 'zend_hash_key' has no member named 'arKey' in
apache2handler). (mcarbonneaux)  **Date:**  * Fixed bug php#75055 (Out-Of-Bounds
Read in timelib_meridian()). (Derick)  **Intl:**  * Fixed bug php#75318 (The
parameter of UConverter::getAliases() is not optional). (cmb)  **mcrypt:**  *
Fixed bug php#72535 (arcfour encryption stream filter crashes php). (Leigh)
**PCRE:**  * Fixed bug php#75207 (applied upstream patch for CVE-2016-1283).
(Anatol)  **litespeed:**  * Fixed bug php#75248 (Binary directory doesn't get
created when building  only litespeed SAPI). (petk) * Fixed bug php#75251
(Missing program prefix and suffix). (petk)  **SPL:**  * Fixed bug php#73629
(SplDoublyLinkedList::setIteratorMode masks intern flags). (J. Jeising, cmb)
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 25: php Security Update 2017-cdaaf6ea12

November 7, 2017
**PHP version 7.0.25** (26 Oct 2017) **Core:** * Fixed bug php#75241 (Null pointer dereference in zend_mm_alloc_small())

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

**PHP version 7.0.25** (26 Oct 2017) **Core:** * Fixed bug php#75241 (Null

pointer dereference in zend_mm_alloc_small()). (Laruence) * Fixed bug php#75236

(infinite loop when printing an error-message). (Andrea) * Fixed bug php#75252

(Incorrect token formatting on two parse errors in one request). (Nikita) *

Fixed bug php#75220 (Segfault when calling is_callable on parent).

(andrewnester) * Fixed bug php#75290 (debug info of Closures of internal

functions contain garbage argument names). (Andrea) **Apache2Handler:** *

Fixed bug php#75311 (error: 'zend_hash_key' has no member named 'arKey' in

apache2handler). (mcarbonneaux) **Date:** * Fixed bug php#75055 (Out-Of-Bounds

Read in timelib_meridian()). (Derick) **Intl:** * Fixed bug php#75318 (The

parameter of UConverter::getAliases() is not optional). (cmb) **mcrypt:** *

Fixed bug php#72535 (arcfour encryption stream filter crashes php). (Leigh)

**PCRE:** * Fixed bug php#75207 (applied upstream patch for CVE-2016-1283).

(Anatol) **litespeed:** * Fixed bug php#75248 (Binary directory doesn't get

created when building only litespeed SAPI). (petk) * Fixed bug php#75251

(Missing program prefix and suffix). (petk) **SPL:** * Fixed bug php#73629

(SplDoublyLinkedList::setIteratorMode masks intern flags). (J. Jeising, cmb)

su -c 'dnf upgrade php' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-cdaaf6ea12 2017-11-07 22:23:37.427373 Product : Fedora 25 Version : 7.0.25 Release : 1.fc25 URL : https://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. **PHP version 7.0.25** (26 Oct 2017) **Core:** * Fixed bug php#75241 (Null pointer dereference in zend_mm_alloc_small()). (Laruence) * Fixed bug php#75236 (infinite loop when printing an error-message). (Andrea) * Fixed bug php#75252 (Incorrect token formatting on two parse errors in one request). (Nikita) * Fixed bug php#75220 (Segfault when calling is_callable on parent). (andrewnester) * Fixed bug php#75290 (debug info of Closures of internal functions contain garbage argument names). (Andrea) **Apache2Handler:** * Fixed bug php#75311 (error: 'zend_hash_key' has no member named 'arKey' in apache2handler). (mcarbonneaux) **Date:** * Fixed bug php#75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick) **Intl:** * Fixed bug php#75318 (The parameter of UConverter::getAliases() is not optional). (cmb) **mcrypt:** * Fixed bug php#72535 (arcfour encryption stream filter crashes php). (Leigh) **PCRE:** * Fixed bug php#75207 (applied upstream patch for CVE-2016-1283). (Anatol) **litespeed:** * Fixed bug php#75248 (Binary directory doesn't get created when building only litespeed SAPI). (petk) * Fixed bug php#75251 (Missing program prefix and suffix). (petk) **SPL:** * Fixed bug php#73629 (SplDoublyLinkedList::setIteratorMode masks intern flags). (J. Jeising, cmb) su -c 'dnf upgrade php' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Change Log

References

Update Instructions

Severity
Product : Fedora 25
Version : 7.0.25
Release : 1.fc25
URL : https://www.php.net/
Summary : PHP scripting language for creating dynamic web sites

Related News

5.ShakingHands Esm H320
3 - 5 min read
There has been a promising shift in the tech industry, with major companies pledging to release products with built-in security features. This
18.WifiCutout Landscape Esm H320
2 - 3 min read
A novel attack called TunnelVision has been discovered. It compromises the security of virtually all VPN apps, rendering their purpose useless. The
21.Globe RadiatingCode Esm H320
2 - 3 min read
The recent discovery of a backdoor in XZ Utils , a widely used Linux tool, raises concerns about the security of the open-source ecosystem. While
13.Lock StylizedMotherboard Esm H320
1 - 2 min read
Spiral Linux is a Debian-based distribution that offers a range of desktop environments, making it stand out from other Linux distributions. In
32.Lock Code Circular Esm H320
2 - 3 min read
Two critical security vulnerabilities were found in pgAdmin, the open-source administration tool for PostgreSQL . The vulnerabilities assigned
1.Penguin Landscape Esm H320
2 - 3 min read
The recent release of AlmaLinux 9.4 , closely aligned with Red Hat Enterprise Linux (RHEL) 9.4 , presents Linux admins and infosec professionals
11.Locks IsometricPattern Esm H320
2 - 3 min read
The upcoming release of Linux Mint 22 will introduce significant changes, particularly in handling XApp , GNOME applications, and the Software
2.Motherboard Esm H320
2 - 3 min read
German software engineer Lennart Poettering recently presented run0 , a new tool in systemd v256 that aims to address the security concerns

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved