Fedora 31: 2020-7487d9f14b Vital: Python Memory Leak Resolution

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

**PHP version 7.3.5** (02 May 2019) **Core:** * Fixed bug php#77903

(ArrayIterator stops iterating after offsetSet call). (Nikita) **CLI:** *

Fixed bug php#77794 (Incorrect Date header format in built-in server). (kelunik)

**EXIF** * Fixed bug php#77950 (Heap-buffer-overflow in _estrndup via

exif_process_IFD_TAG). (CVE-2019-11036) (Stas) **Interbase:** * Fixed bug

php#72175 (Impossibility of creating multiple connections to Interbase with php

7.x). (Nikita) **Intl:** * Fixed bug php#77895 (IntlDateFormatter::create

fails in strict mode if $locale = null). (Nikita) **LDAP:** * Fixed bug

php#77869 (Core dump when using server controls) (mcmic) **mbstring:** *

Implemented FR php#72777 (Implement regex stack limits for mbregex functions).

(Yasuo Ohgaki, Stas) **MySQLi:** * Fixed bug php#77773 (Unbuffered queries

leak memory - MySQLi / mysqlnd). (Nikita) **PCRE:** * Fixed bug php#77827

(preg_match does not ignore \r in regex flags). (requinix, cmb) **PDO:** *

Fixed bug php#77849 (Disable cloning of PDO handle/connection objects).

(camporter) **phpdbg:** * Fixed bug php#76801 (too many open files).

(alekitto) * Fixed bug php#77800 (phpdbg segfaults on listing some conditional

breakpoints). (krakjoe) * Fixed bug php#77805 (phpdbg build fails when readline

is shared). (krakjoe) **Reflection:** * Fixed bug php#77772

(ReflectionClass::getMethods(null) doesn't work). (Nikita) * Fixed bug php#77882

(Different behavior: always calls destructor). (Nikita) **Standard:** * Fixed

bug php#77793 (Segmentation fault in extract() when overwriting reference with

itself). (Nikita) * Fixed bug php#77844 (Crash due to null pointer in

parse_ini_string with INI_SCANNER_TYPED). (Nikita) * Fixed bug php#77853

(Inconsistent substr_compare behaviour with empty haystack). (Nikita)

* Wed May 1 2019 Remi Collet - 7.3.5-1

- Update to 7.3.5 - https://www.php.net/releases/7_3_5.php

[ 1 ] Bug #1707299 - CVE-2019-11036 php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure

https://bugzilla.redhat.com/show_bug.cgi?id=1707299

su -c 'dnf upgrade --advisory FEDORA-2019-6350c4e21a' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/