Alerts This Week
Warning Icon 1 640
Alerts This Week
Warning Icon 1 640

Fedora 32: FEDORA-2020-60f9a47657 Critical: PHP Memory Leak

fedora
Calendar Grey April 24, 2020
Dist Fedora Esm H88
PHP release 7.4.5 brings essential updates tackling memory overflow, daylight saving time anomalies, and various enhancements for Fedora users.
**PHP version 7.4.5** (16 Apr 2020) **Core:** * Fixed bug php#79364 (When copy empty array, next key is unspecified)

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

**PHP version 7.4.5** (16 Apr 2020) **Core:** * Fixed bug php#79364 (When copy

empty array, next key is unspecified). (cmb) * Fixed bug php#78210 (Invalid

pointer address). (cmb, Nikita) **CURL:** * Fixed bug php#79199

(curl_copy_handle() memory leak). (cmb) **Date:** * Fixed bug php#79396

(DateTime hour incorrect during DST jump forward). (Nate Brunette) * Fixed bug

php#74940 (DateTimeZone loose comparison always true). (cmb) **FPM:** *

Implement request php#77062 (Allow numeric [UG]ID in FPM listen.{owner,group})

(Andre Nathan) **Iconv:** * Fixed bug php#79200 (Some iconv functions cut

Windows-1258). (cmb) **OPcache:** * Fixed bug php#79412 (Opcache chokes and

uses 100% CPU on specific script). (Dmitry) **Session:** * Fixed bug php#79413

(session_create_id() fails for active sessions). (cmb) **Shmop:** * Fixed bug

php#79427 (Integer Overflow in shmop_open()). (cmb) **SimpleXML:** * Fixed bug

php#61597 (SXE properties may lack attributes and content). (cmb) **SOAP:** *

Fixed bug php#79357 (SOAP request segfaults when any request parameter is

missing). (Nikita) **Spl:** * Fixed bug php#75673 (SplStack::unserialize()

behavior). (cmb) * Fixed bug php#79393 (Null coalescing operator failing with

SplFixedArray). (cmb) **Standard:** * Fixed bug php#79330 (shell_exec()

silently truncates after a null byte). (stas) * Fixed bug php#79410 (system()

swallows last chunk if it is exactly 4095 bytes without newline). (Christian

Schneider) * Fixed bug php#79465 (OOB Read in urldecode()). (stas) **Zip:**

* Fixed Bug php#79296 (ZipArchive::open fails on empty file). (Remi) * Fixed bug

php#79424 (php_zip_glob uses gl_pathc after call to globfree). (Max Rees)

* Tue Apr 14 2020 Remi Collet - 7.4.5-1

- Update to 7.4.5 - https://www.php.net/releases/7_4_5.php

su -c 'dnf upgrade --advisory FEDORA-2020-60f9a47657' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 32
Version: 7.4.5
Release: 1.fc32
Summary: PHP scripting language for creating dynamic web sites

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here