CloudLinux OS Blog - Alt-PHP updated
CloudLinux OS Blog

Alt-PHP updated

Alt-PHP updated

The new updated Alt-PHP packages are available for download from our production repository.

Changelog:

alt-php71-7.1.1-1

  • (core) 73792: invalid foreach loop hangs script;
  • (core) 73686: Adding settype()ed values to ArrayObject results in references;
  • (core) 73663: "Invalid opcode 65/16/8" occurs with a variable created with list();
  • (core) 73727: ZEND_MM_BITSET_LEN is "undefined symbol" in zend_bitset.h;
  • (core) 73753: unserialized array pointer not advancing;
  • (core) 73783: SIG_IGN doesn't work when Zend Signals is enabled;
  • (core) 73825: Heap out of bounds read on unserialize in finish_nested_data();
  • (core) 73831: NULL Pointer Dereference while unserialize php object;
  • (core) 73832: Use of uninitialized memory in unserialize();
  • (cli) 72555: CLI output(japanese) on Windows;
  • (com) 73679: DOTNET read access violation using invalid codepage;
  • (dom) 67474: getElementsByTagNameNS filter on default ns;
  • (exif) 73737: FPE when parsing a tag format;
  • (gd) 73869: Signed Integer Overflow gd_io.c;
  • (gd) 73868: DOS vulnerability in gdImageCreateFromGd2Ctx();
  • (mbstring) 73646: mb_ereg_search_init null pointer dereference;
  • (mysqli) 73462: Persistent connections don't set $connect_errno;
  • (mysqlnd): Optimized handling of BIT fields - less memory copies and lower memory usage;
  • (mysqlnd) 73800: sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE;
  • (opcache) 73789: Strange behavior of class constants in switch/case block;
  • (opcache) 73746: Method that returns string returns UNKNOWN:0 instead;
  • (opcache) 73654: Segmentation fault in zend_call_function;
  • (opcache) 73668: "SIGFPE Arithmetic exception" in opcache when divide by minus 1;
  • (opcache) 73847: Recursion when a variable is redefined as array;
  • (pdo firebird) 72931: PDO_FIREBIRD with Firebird 3.0 not work on returning statement;
  • (phpdbg) 73794: Crash (out of memory) when using run and # command separator;
  • (phpdbg) 73704: phpdbg shows the wrong line in files with shebang;
  • (sqlite3) 73530: Unsetting result set may reset other result set;
  • (standard) 73594: dns_get_record does not populate $additional out parameter;
  • (standard) 70213: Unserialize context shared on double class lookup;
  • (standard) 73154: serialize object with __sleep function crash;
  • (standard) 70490: get_browser function is very slow;
  • (standard) 73265: Loading browscap.ini at startup causes high memory usage;
  • (standard): add subject to mail log;
  • (standard) 31875: get_defined_functions additional param to exclude disabled functions;
  • (zlib) 73373: deflate_add does not verify that output was not truncated.

alt-php70-7.0.15-1

  • (core) 73792: invalid foreach loop hangs script;
  • (core) 73663: "Invalid opcode 65/16/8" occurs with a variable created with list();
  • (core) 73585: Logging of "Internal Zend error - Missing class information" missing class name;
  • (core) 73753: unserialized array pointer not advancing;
  • (core) 73825: Heap out of bounds read on unserialize in finish_nested_data();
  • (core) 73831: NULL Pointer Dereference while unserialize php object;
  • (core) 73832: Use of uninitialized memory in unserialize();
  • (core) 73092: Unserialize use-after-free when resizing object's properties hash table;
  • (core) 69425: Use After Free in unserialize();
  • (core) 72731: Type Confusion in Object Deserialization;
  • (com) 73679: DOTNET read access violation using invalid codepage;
  • (dom) 67474: getElementsByTagNameNS filter on default ns;
  • (exif) 73737: FPE when parsing a tag format;
  • (gd) 73869: Signed Integer Overflow gd_io.c;
  • (gd) 73868: DOS vulnerability in gdImageCreateFromGd2Ctx();
  • (gmp) 70513: GMP Deserialization Type Confusion Vulnerability;
  • (mysqli) 73462: Persistent connections don't set $connect_errno;
  • (mysqlnd): Fixed issue with decoding BIT columns when having more than one rows in the result set. 7.0+ problem;
  • (mysqlnd) 73800: sporadic segfault with MYSQLI_OPT_INT_AND_FLOAT_NATIVE;
  • (pcre) 73612: preg_*() may leak memory;
  • (pdo_firebird) 72931: PDO_FIREBIRD with Firebird 3.0 not work on returning statement;
  • (phar) 73773: Seg fault when loading hostile phar;
  • (phar) 73768: Memory corruption when loading hostile phar;
  • (phar) 73764: Crash while loading hostile phar archive;
  • (phpdbg) 73615: phpdbg without option never load .phpdbginit at startup;
  • (phpdbg): Fixed issue getting executable lines from custom wrappers;
  • (phpdbg) 73704: phpdbg shows the wrong line in files with shebang;
  • (reflection) 46103: ReflectionObject memory leak;
  • (streams) 73586: php_user_filter::$stream is not set to the stream the filter is working on;
  • (sqlite3) 73530: Unsetting result set may reset other result set;
  • (standard) 73594: dns_get_record does not populate $additional out parameter;
  • (standard) 70213: Unserialize context shared on double class lookup;
  • (standard) 73154: serialize object with __sleep function crash;
  • (standard) 70490: get_browser function is very slow;
  • (standard) 73265: Loading browscap.ini at startup causes high memory usage;
  • (standard) 31875: get_defined_functions additional param to exclude disabled functions;
  • (zlib) 73373: deflate_add does not verify that output was not truncated.

alt-php56-5.6.30-1

  • (exif) 73737: FPE when parsing a tag format;
  • (gd) 73549: Use after free when stream is passed to imagepng;
  • (gd) 73868: DOS vulnerability in gdImageCreateFromGd2Ctx();
  • (gd) 73869: Signed Integer Overflow gd_io.c;
  • (intl) 68447: grapheme_extract take an extra trailing character;
  • (phar) 73764: Crash while loading hostile phar archive;
  • (phar) 73768: Memory corruption when loading hostile phar;
  • (phar) 73773: Seg fault when loading hostile phar;
  • (sqlite3) 73530: Unsetting result set may reset other result set;
  • (standard) 70213: Unserialize context shared on double class lookup;
  • (standard) 73825: Heap out of bounds read on unserialize in finish_nested_data().

alt-php52-5.2.17-93

  • ALT-PHP-296: CVE-2012-2688: Integer Overflow issues in _php_stream_scandir().

alt-php51-5.1.6-66

  • ALT-PHP-296: CVE-2012-2688: Integer Overflow issues in _php_stream_scandir().

alt-php71-pecl-ext-1-5

  • yaml updated from 2.0.0RC8 to 2.0.0;
  • apcu updated from 5.1.5 to 5.1.7;
  • timezonedb updated from 2016.9 to 2016.10;
  • redis updated from 3.0.0 to 3.1.0;
  • uploadprogress 1.0.3.1 (dev) extension added;
  • rar 4.0.3 (dev) extension added;
  • oauth 2.0.2 extension added;
  • xdebug 2.5.0 extension added;
  • mailparse 3.0.2 extension added;
  • igbinary 2.0.1 extension added.

alt-php70-pecl-ext-1-19

  • xdebug updated from 2.4.1 to 2.5.0;
  • timezonedb updated from 2016.9 to 2016.10;
  • redis updated from 3.0.0 to 3.1.0;
  • mailparse updated from 3.0.1 to 3.0.2;
  • uploadprogress 1.0.3.1 (dev) extension added;
  • rar 4.0.3 (dev) extension added;
  • oauth 2.0.2 extension added;
  • igbinary 2.0.1 extension added.

alt-php56-pecl-ext-1-54

  • imagick updated from 3.1.2 to 3.4.3RC1;
  • timezonedb updated from 2016.9 to 2016.10.

alt-php55-pecl-ext-1-88

  • imagick updated from 3.1.2 to 3.4.3RC1;
  • timezonedb updated from 2016.9 to 2016.10.

alt-php54-pecl-ext-1-104

  • imagick updated from 3.1.2 to 3.4.3RC1;
  • timezonedb updated from 2016.9 to 2016.10.

alt-php53-pecl-ext-1-116

  • timezonedb updated from 2016.9 to 2016.10.

alt-php52-pecl-ext-1-95

  • timezonedb updated from 2016.9 to 2016.10.

alt-php51-pecl-ext-1-25

  • timezonedb updated from 2016.9 to 2016.10.

alt-ImageMagick-6.9.4.10-1

  • updated to 6.9.4.10;
  • ALTPHP-265: updated delegates.

alt-php44-sourceguardian-11.0.6-1

alt-php51-sourceguardian-11.0.6-1

alt-php52-sourceguardian-11.0.6-1

alt-php53-sourceguardian-11.0.6-1

alt-php54-sourceguardian-11.0.6-1

alt-php55-sourceguardian-11.0.6-1

alt-php56-sourceguardian-11.0.6-1

alt-php70-sourceguardian-11.0.6-1

  • ALTPHP-291: updated sourceguardian to 11.0.6.

alt-php44-ioncube-loader-6.0.8-1

alt-php51-ioncube-loader-6.0.8-1

alt-php52-ioncube-loader-6.0.8-1

alt-php53-ioncube-loader-6.0.8-1

alt-php54-ioncube-loader-6.0.8-1

alt-php55-ioncube-loader-6.0.8-1

alt-php56-ioncube-loader-6.0.8-1

alt-php70-ioncube-loader-6.0.8-1

  • updated to 6.0.8: fixed an issue where in PHP 7.0 a dynamic key on a method could erroneously lead to a call from that method to a private method being prevented.

To install run the commands:

yum groupinstall alt-php
yum update alt-ImageMagick*
Beta: LVE Manager, CageFS and liblve updated
Beta: New CloudLinux 7 kernel released
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 22 October 2019

Captcha Image