Linux Security
    Linux Security
    Linux Security

    Fedora 30: php Security Update 2019-6350c4e21a

    Date
    72
    Posted By
    **PHP version 7.3.5** (02 May 2019) **Core:** * Fixed bug php#77903 (ArrayIterator stops iterating after offsetSet call). (Nikita) **CLI:** * Fixed bug php#77794 (Incorrect Date header format in built-in server). (kelunik) **EXIF** * Fixed bug php#77950 (Heap-buffer-overflow in _estrndup via exif_process_IFD_TAG). (CVE-2019-11036) (Stas) **Interbase:** * Fixed bug
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2019-6350c4e21a
    2019-05-11 01:56:51.127429
    --------------------------------------------------------------------------------
    
    Name        : php
    Product     : Fedora 30
    Version     : 7.3.5
    Release     : 1.fc30
    URL         : https://www.php.net/
    Summary     : PHP scripting language for creating dynamic web sites
    Description :
    PHP is an HTML-embedded scripting language. PHP attempts to make it
    easy for developers to write dynamically generated web pages. PHP also
    offers built-in database integration for several commercial and
    non-commercial database management systems, so writing a
    database-enabled webpage with PHP is fairly simple. The most common
    use of PHP coding is probably as a replacement for CGI scripts.
    
    The php package contains the module (often referred to as mod_php)
    which adds support for the PHP language to Apache HTTP Server.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    **PHP version 7.3.5** (02 May 2019)  **Core:**  * Fixed bug php#77903
    (ArrayIterator stops iterating after offsetSet call). (Nikita)  **CLI:**  *
    Fixed bug php#77794 (Incorrect Date header format in built-in server). (kelunik)
    **EXIF**  * Fixed bug php#77950 (Heap-buffer-overflow in _estrndup via
    exif_process_IFD_TAG).  (CVE-2019-11036) (Stas)  **Interbase:**  * Fixed bug
    php#72175 (Impossibility of creating multiple connections to Interbase with php
    7.x). (Nikita)  **Intl:**  * Fixed bug php#77895 (IntlDateFormatter::create
    fails in strict mode if $locale = null). (Nikita)  **LDAP:**  * Fixed bug
    php#77869 (Core dump when using server controls) (mcmic)  **mbstring:**  *
    Implemented FR php#72777 (Implement regex stack limits for mbregex functions).
    (Yasuo Ohgaki, Stas)  **MySQLi:**  * Fixed bug php#77773 (Unbuffered queries
    leak memory - MySQLi / mysqlnd). (Nikita)  **PCRE:**  * Fixed bug php#77827
    (preg_match does not ignore \r in regex flags). (requinix, cmb)  **PDO:**  *
    Fixed bug php#77849 (Disable cloning of PDO handle/connection objects).
    (camporter)  **phpdbg:**  * Fixed bug php#76801 (too many open files).
    (alekitto) * Fixed bug php#77800 (phpdbg segfaults on listing some conditional
    breakpoints). (krakjoe) * Fixed bug php#77805 (phpdbg build fails when readline
    is shared). (krakjoe)  **Reflection:**  * Fixed bug php#77772
    (ReflectionClass::getMethods(null) doesn't work). (Nikita) * Fixed bug php#77882
    (Different behavior: always calls destructor). (Nikita)  **Standard:**  * Fixed
    bug php#77793 (Segmentation fault in extract() when overwriting reference with
    itself). (Nikita) * Fixed bug php#77844 (Crash due to null pointer in
    parse_ini_string with INI_SCANNER_TYPED). (Nikita) * Fixed bug php#77853
    (Inconsistent substr_compare behaviour with empty haystack). (Nikita)
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Wed May  1 2019 Remi Collet  - 7.3.5-1
    - Update to 7.3.5 - https://www.php.net/releases/7_3_5.php
    --------------------------------------------------------------------------------
    References:
    
      [ 1 ] Bug #1707299 - CVE-2019-11036 php: buffer over-read in exif_process_IFD_TAG function leading to information disclosure
            https://bugzilla.redhat.com/show_bug.cgi?id=1707299
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2019-6350c4e21a' at the command
    line. For more information, refer to the dnf documentation available at
    https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.
    To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.
    Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.
    

    Advisories

    LinuxSecurity Poll

    How are you contributing to Open Source?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 4 answer(s).
    /main-polls/37-how-are-you-contributing-to-open-source?task=poll.vote&format=json
    37
    radio
    [{"id":"127","title":"I'm involved with the development of an open-source project(s).","votes":"1","type":"x","order":"1","pct":100,"resources":[]},{"id":"128","title":"I've reported vulnerabilities I've discovered in open-source code.","votes":"0","type":"x","order":"2","pct":0,"resources":[]},{"id":"129","title":"I've provided developers with feedback on their projects.","votes":"0","type":"x","order":"3","pct":0,"resources":[]},{"id":"130","title":"I've helped another community member get started contributing to Open Source.","votes":"0","type":"x","order":"4","pct":0,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350


    VIEW MORE POLLS

    bottom 200

    Please enable / Bitte aktiviere JavaScript!
    Veuillez activer / Por favor activa el Javascript![ ? ]

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.