Fedora 35: php 2021-0b840caea4 | LinuxSecurity.com

Advisories

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-0b840caea4
2021-09-24 20:04:10.606840
--------------------------------------------------------------------------------

Name        : php
Product     : Fedora 35
Version     : 8.0.10
Release     : 1.fc35
URL         : https://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

--------------------------------------------------------------------------------
Update Information:

**PHP version 8.0.10** (26 Aug 2021)  **Core:**  * Fixed bug php#72595
(php_output_handler_append illegal write access). (cmb) * Fixed bug php#66719
(Weird behaviour when using get_called_class() with call_user_func()). (Nikita)
* Fixed bug php#81305 (Built-in Webserver Drops Requests With "Upgrade" Header).
(cmb)  **BCMath:**  * Fixed bug php#78238 (BCMath returns "-0"). (cmb)  **CGI:**
* Fixed bug php#80849 (HTTP Status header truncation). (cmb)  **Date:**  * Fixed
bug php#64975 (Error parsing when AM/PM not at the end). (Derick) * Fixed bug
php#78984 (DateTimeZone accepting invalid UTC timezones). (Derick) * Fixed bug
php#79580 (date_create_from_format misses leap year). (Derick) * Fixed bug
php#80409 (DateTime::modify() loses time with 'weekday' parameter). (Derick)
**GD:**  * Fixed bug php#51498 (imagefilledellipse does not work for large
circles). (cmb)  **MySQLi:**  * Fixed bug php#74544 (Integer overflow in
mysqli_real_escape_string()). (cmb, johannes)  **Opcache:**  * Fixed bug
php#81225 (Wrong result with pow operator with JIT enabled). (Dmitry) * Fixed
bug php#81249 (Intermittent property assignment failure with JIT enabled).
(Dmitry) * Fixed bug php#81206 (Multiple PHP processes crash with JIT enabled).
(cmb, Nikita) * Fixed bug php#81272 (Segfault in var[] after array_slice with
JIT). (Nikita) * Fixed Bug php#81255 (Memory leak in PHPUnit with functional
JIT). (Dmitry) * Fixed Bug php#80959 (infinite loop in building cfg during JIT
compilation) (Nikita, Dmitry) * Fixed bug php#81226 (Integer overflow behavior
is different with JIT enabled). (Dmitry)  **OpenSSL:**  * Fixed bug php#81327
(Error build openssl extension on php 7.4.22). (cmb)  **PDO_ODBC:**  * Fixed bug
php#81252 (PDO_ODBC doesn't account for SQL_NO_TOTAL). (cmb)  **Phar:**  * Fixed
bug php#81211: Symlinks are followed when creating PHAR archive (cmb)
**Shmop:**  * Fixed bug php#81283 (shmop can't read beyond 2147483647 bytes).
(cmb, Nikita)  **SimpleXML:**  * Fixed bug php#81325 (Segfault in
zif_simplexml_import_dom). (remi)  **Standard:**  * Fixed bug php#72146 (Integer
overflow on substr_replace). (cmb) * Fixed bug php#81265 (getimagesize returns 0
for 256px ICO images). (George Dietrich) * Fixed bug php#74960 (Heap buffer
overflow via str_repeat). (cmb, Dmitry)  **Streams:**  * Fixed bug php#81294
(Segfault when removing a filter). (cmb)
--------------------------------------------------------------------------------
ChangeLog:

* Thu Aug 26 2021 Remi Collet  - 8.0.10-1
- Update to 8.0.10 - https://www.php.net/releases/8_0_10.php
* Wed Aug 11 2021 Remi Collet  - 8.0.10~RC1-3
- phar: switch to sha256 signature by default, backported from 8.1
- phar: implement openssl_256 and openssl_512 for signatures, backported from 8.1
* Wed Aug 11 2021 Remi Collet  - 8.0.10~RC1-2
- snmp: add sha256 / sha512 security protocol, backported from 8.1
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-0b840caea4' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Fedora 35: php 2021-0b840caea4

September 24, 2021
**PHP version 8.0.10** (26 Aug 2021) **Core:** * Fixed bug php#72595 (php_output_handler_append illegal write access)

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

Update Information:

**PHP version 8.0.10** (26 Aug 2021) **Core:** * Fixed bug php#72595 (php_output_handler_append illegal write access). (cmb) * Fixed bug php#66719 (Weird behaviour when using get_called_class() with call_user_func()). (Nikita) * Fixed bug php#81305 (Built-in Webserver Drops Requests With "Upgrade" Header). (cmb) **BCMath:** * Fixed bug php#78238 (BCMath returns "-0"). (cmb) **CGI:** * Fixed bug php#80849 (HTTP Status header truncation). (cmb) **Date:** * Fixed bug php#64975 (Error parsing when AM/PM not at the end). (Derick) * Fixed bug php#78984 (DateTimeZone accepting invalid UTC timezones). (Derick) * Fixed bug php#79580 (date_create_from_format misses leap year). (Derick) * Fixed bug php#80409 (DateTime::modify() loses time with 'weekday' parameter). (Derick) **GD:** * Fixed bug php#51498 (imagefilledellipse does not work for large circles). (cmb) **MySQLi:** * Fixed bug php#74544 (Integer overflow in mysqli_real_escape_string()). (cmb, johannes) **Opcache:** * Fixed bug php#81225 (Wrong result with pow operator with JIT enabled). (Dmitry) * Fixed bug php#81249 (Intermittent property assignment failure with JIT enabled). (Dmitry) * Fixed bug php#81206 (Multiple PHP processes crash with JIT enabled). (cmb, Nikita) * Fixed bug php#81272 (Segfault in var[] after array_slice with JIT). (Nikita) * Fixed Bug php#81255 (Memory leak in PHPUnit with functional JIT). (Dmitry) * Fixed Bug php#80959 (infinite loop in building cfg during JIT compilation) (Nikita, Dmitry) * Fixed bug php#81226 (Integer overflow behavior is different with JIT enabled). (Dmitry) **OpenSSL:** * Fixed bug php#81327 (Error build openssl extension on php 7.4.22). (cmb) **PDO_ODBC:** * Fixed bug php#81252 (PDO_ODBC doesn't account for SQL_NO_TOTAL). (cmb) **Phar:** * Fixed bug php#81211: Symlinks are followed when creating PHAR archive (cmb) **Shmop:** * Fixed bug php#81283 (shmop can't read beyond 2147483647 bytes). (cmb, Nikita) **SimpleXML:** * Fixed bug php#81325 (Segfault in zif_simplexml_import_dom). (remi) **Standard:** * Fixed bug php#72146 (Integer overflow on substr_replace). (cmb) * Fixed bug php#81265 (getimagesize returns 0 for 256px ICO images). (George Dietrich) * Fixed bug php#74960 (Heap buffer overflow via str_repeat). (cmb, Dmitry) **Streams:** * Fixed bug php#81294 (Segfault when removing a filter). (cmb)

Change Log

* Thu Aug 26 2021 Remi Collet - 8.0.10-1 - Update to 8.0.10 - https://www.php.net/releases/8_0_10.php * Wed Aug 11 2021 Remi Collet - 8.0.10~RC1-3 - phar: switch to sha256 signature by default, backported from 8.1 - phar: implement openssl_256 and openssl_512 for signatures, backported from 8.1 * Wed Aug 11 2021 Remi Collet - 8.0.10~RC1-2 - snmp: add sha256 / sha512 security protocol, backported from 8.1

References

Fedora Update Notification FEDORA-2021-0b840caea4 2021-09-24 20:04:10.606840 Name : php Product : Fedora 35 Version : 8.0.10 Release : 1.fc35 URL : https://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-0b840caea4' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : php
Product : Fedora 35
Version : 8.0.10
Release : 1.fc35
URL : https://www.php.net/
Summary : PHP scripting language for creating dynamic web sites

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.