CloudLinux OS Blog - Beta: HardenedPHP and ionCube loader updated
CloudLinux OS Blog

Beta: HardenedPHP and ionCube loader updated

Beta: HardenedPHP and ionCube loader updated

New updated HardenedPHP and alt-phpXY-ioncube-loader packages are available from our updates-testing channel.

Changelog:

alt-php55-5.5.38-3

  • CVE-2016-7411: Memory Corruption in During Deserialized-object Destruction;
  • CVE-2016-7412: Heap overflow in mysqlnd related to BIT fields;
  • CVE-2016-7413: wddx_deserialize use-after-free;
  • CVE-2016-7414: Out of bound when verify signature of zip phar in phar_parse_zipfile;
  • CVE-2016-7416: SEH buffer overflow msgfmt_format_message;
  • CVE-2016-7417: Missing type check when unserializing SplArray;
  • CVE-2016-7418: Out-Of-Bounds Read in php_wddx_push_element of wddx.c.

alt-php54-5.4.45-21

alt-php53-5.3.29-37

alt-php52-5.2.17-87

  • CVE-2016-7413: wddx_deserialize use-after-free;
  • CVE-2016-7414: Out of bound when verify signature of zip phar in phar_parse_zipfile;
  • CVE-2016-7416: SEH buffer overflow msgfmt_format_message;
  • CVE-2016-7418: Out-Of-Bounds Read in php_wddx_push_element of wddx.c.

alt-php51-5.1.6-60

  • CVE-2016-7418: Out-Of-Bounds Read in php_wddx_push_element of wddx.c.

alt-phpXY-ioncube-loader-6.0.3-1

  • updated to 6.0.3;
  • fix for issue with the PHP 7 Loader if, in the original 5.6 code, a function parameter had the form ($param) i.e. a variable with an extra pair of brackets around it.

To update run the command:

yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing

 

Beta: New CloudLinux 7 kernel released
CloudLinux CLN downtime Saturday September 24 2:00...
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Sunday, 17 November 2019

Captcha Image