Fedora 32: FEDORA-2021-3f9e87aaa4 Critical: PHP Bug Fixes

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

**PHP version 7.4.19** (06 May 2021) **PDO_pgsql:** * Reverted bug fix for

php#80892 (PDO::PARAM_INT is treated the same as PDO::PARAM_STR). (Matteo)

---- **PHP version 7.4.18** (29 Apr 2021) **Core:** * Fixed bug php#80781

(Error handler that throws ErrorException infinite loop). (Nikita) * Fixed bug

php#75776 (Flushing streams with compression filter is broken). (cmb) **Dba:**

* Fixed bug php#80817 (dba_popen() may cause segfault during RSHUTDOWN). (cmb)

**DOM:** * Fixed bug php#66783 (UAF when appending DOMDocument to element).

(cmb) **FPM:** * Fixed bug php#80024 (Duplication of info about inherited

socket after pool removing). (Jakub Zelenka) **FTP:** * Fixed bug php#80880

(SSL_read on shutdown, ftp/proc_open). (cmb, Jakub Zelenka) **Imap:** * Fixed

bug php#80710 (imap_mail_compose() header injection). (cmb, Stas) **Intl:** *

Fixed bug php#80763 (msgfmt_format() does not accept DateTime references). (cmb)

**LibXML:** * Fixed bug php#51903 (simplexml_load_file() doesn't use HTTP

headers). (cmb) * Fixed bug php#73533 (Invalid memory access in

php_libxml_xmlCheckUTF8). (cmb) **MySQLnd:** * Fixed bug php#80713 (SegFault

when disabling ATTR_EMULATE_PREPARES and MySQL 8.0). (Nikita) * Fixed bug

php#80837 (Calling stmt_store_result after fetch doesn't throw an error). (Kamil

Tekiela) **Opcache:** * Fixed bug php#80805 (create simple class and get error

in opcache.so). (Nikita) * Fixed bug php#80950 (Variables become null in if

statements). (Nikita) **Pcntl:** * Fixed bug php#79812 (Potential integer

overflow in pcntl_exec()). (cmb) **PCRE:** * Fixed bug php#80866 (preg_split

ignores limit flag when pattern with \K has 0-width fullstring match). (Kamil

Tekiela) **PDO_ODBC:** * Fixed bug php#80783 (PDO ODBC truncates BLOB records

at every 256th byte). (cmb) **PDO_pgsql:** * Fixed bug php#80892

(PDO::PARAM_INT is treated the same as PDO::PARAM_STR). (Matteo) **phpdbg:** *

Fixed bug php#80757 (Exit code is 0 when could not open file). (Felipe)

**Session:** * Fixed bug php#80774 (session_name() problem with backslash).

(cmb) * Fixed bug php#80889 (Cannot set save handler when save_handler is

invalid). (cmb) **SOAP:** * Fixed bug php#69668 (SOAP special XML characters

in namespace URIs not encoded). (cmb) **Standard:** * Fixed bug php#78719

(http wrapper silently ignores long Location headers). (cmb) * Fixed bug

php#80771 (phpinfo(INFO_CREDITS) displays nothing in CLI). (cmb) * Fixed bug

php#80838 (HTTP wrapper waits for HTTP 1 response after HTTP 101). (manuelm) *

Fixed bug php#80915 (Taking a reference to $_SERVER hides its values from

phpinfo()). (Rowan Tommins)

* Tue May 4 2021 Remi Collet - 7.4.19-1

- Update to 7.4.19 - https://www.php.net/releases/7_4_19.php

* Tue Apr 27 2021 Remi Collet - 7.4.18-1

- Update to 7.4.18 - https://www.php.net/releases/7_4_18.php

su -c 'dnf upgrade --advisory FEDORA-2021-3f9e87aaa4' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure