Fedora 31: php FEDORA-2019-a54a622670

    Date04 Jan 2020
    236
    Posted ByLinuxSecurity Advisories
    **PHP version 7.3.13** (18 Dec 2019) **Bcmath:** * Fixed bug php#78878 (Buffer underflow in bc_shift_addsub). (**CVE-2019-11046**). (cmb) **Core:** * Fixed bug php#78862 (link() silently truncates after a null byte on Windows). (**CVE-2019-11044**). (cmb) * Fixed bug php#78863 (DirectoryIterator class silently truncates after a null byte). (**CVE-2019-11045**). (cmb) * Fixed bug
    --------------------------------------------------------------------------------
    Fedora Update Notification
    FEDORA-2019-a54a622670
    2020-01-05 00:38:52.032021
    --------------------------------------------------------------------------------
    
    Name        : php
    Product     : Fedora 31
    Version     : 7.3.13
    Release     : 1.fc31
    URL         : http://www.php.net/
    Summary     : PHP scripting language for creating dynamic web sites
    Description :
    PHP is an HTML-embedded scripting language. PHP attempts to make it
    easy for developers to write dynamically generated web pages. PHP also
    offers built-in database integration for several commercial and
    non-commercial database management systems, so writing a
    database-enabled webpage with PHP is fairly simple. The most common
    use of PHP coding is probably as a replacement for CGI scripts.
    
    The php package contains the module (often referred to as mod_php)
    which adds support for the PHP language to Apache HTTP Server.
    
    --------------------------------------------------------------------------------
    Update Information:
    
    **PHP version 7.3.13** (18 Dec 2019)  **Bcmath:**  * Fixed bug php#78878 (Buffer
    underflow in bc_shift_addsub). (**CVE-2019-11046**). (cmb)  **Core:**  * Fixed
    bug php#78862 (link() silently truncates after a null byte on Windows).
    (**CVE-2019-11044**). (cmb) * Fixed bug php#78863 (DirectoryIterator class
    silently truncates after a null byte). (**CVE-2019-11045**). (cmb) * Fixed bug
    php#78943 (mail() may release string with refcount==1 twice).
    (**CVE-2019-11049**). (cmb) * Fixed bug php#78787 (Segfault with trait
    overriding inherited private shadow property). (Nikita) * Fixed bug php#78868
    (Calling __autoload() with incorrect EG(fake_scope) value). (Antony Dovgal,
    Dmitry) * Fixed bug php#78296 (is_file fails to detect file). (cmb)  **EXIF:**
    * Fixed bug php#78793 (Use-after-free in exif parsing under memory sanitizer).
    (**CVE-2019-11050**). (Nikita) * Fixed bug php#78910 (Heap-buffer-overflow READ
    in exif). (**CVE-2019-11047**). (Nikita)  **GD:**  * Fixed bug php#78849 (GD
    build broken with -D SIGNED_COMPARE_SLOW). (cmb)  **MBString:**  * Upgraded
    bundled Oniguruma to 6.9.4. (cmb)  **OPcache:**  * Fixed potential ASLR related
    invalid opline handler issues. (cmb) * Fixed $x = (bool)$x; with opcache (should
    emit undeclared variable notice). (Tyson Andre)  **PCRE:**  * Fixed bug
    php#78853 (preg_match() may return integer > 1). (cmb)  **Standard:**  * Fixed
    bug php#78759 (array_search in $GLOBALS). (Nikita) * Fixed bug php#77638
    (var_export'ing certain class instances segfaults). (cmb) * Fixed bug php#78840
    (imploding $GLOBALS crashes). (cmb) * Fixed bug php#78833 (Integer overflow in
    pack causes out-of-bound access). (cmb) * Fixed bug php#78814 (strip_tags allows
    / in tag name => whitelist bypass). (cmb)
    --------------------------------------------------------------------------------
    ChangeLog:
    
    * Tue Dec 17 2019 Remi Collet  - 7.3.13-1
    - Update to 7.3.13 - http://www.php.net/releases/7_3_13.php
    * Tue Dec  3 2019 Remi Collet  - 7.3.13~RC1-1
    - update to 7.3.13RC1
    * Tue Nov 19 2019 Remi Collet  - 7.3.12-1
    - Update to 7.3.12 - http://www.php.net/releases/7_3_12.php
    * Wed Nov  6 2019 Remi Collet  - 7.3.12~RC1-1
    - update to 7.3.12RC1
    * Tue Oct 22 2019 Remi Collet  - 7.3.11-1
    - Update to 7.3.11 - http://www.php.net/releases/7_3_11.php
    --------------------------------------------------------------------------------
    
    This update can be installed with the "dnf" update program. Use
    su -c 'dnf upgrade --advisory FEDORA-2019-a54a622670' at the command
    line. For more information, refer to the dnf documentation available at
    http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
    
    All packages are signed with the Fedora Project GPG key. More details on the
    GPG keys used by the Fedora Project can be found at
    https://fedoraproject.org/keys
    --------------------------------------------------------------------------------
    _______________________________________________
    package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it.%MINIFYHTML30223d57d5cedba8e573023bf961205b13%To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.%MINIFYHTML30223d57d5cedba8e573023bf961205b14%Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
    List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
    List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it.%MINIFYHTML30223d57d5cedba8e573023bf961205b15%
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the LinuxSecurity Privacy news articles?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/25-what-do-you-think-of-the-linuxsecurity-privacy-news-articles?task=poll.vote&format=json
    25
    radio
    [{"id":"90","title":"Love them!","votes":"35","type":"x","order":"1","pct":92.11,"resources":[]},{"id":"91","title":"I'm indifferent","votes":"2","type":"x","order":"2","pct":5.26,"resources":[]},{"id":"92","title":"Not interested in this topic","votes":"1","type":"x","order":"3","pct":2.63,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.