CloudLinux OS Blog - Beta: Alt-PHP updated
CloudLinux OS Blog

Beta: Alt-PHP updated

Beta: Alt-PHP updated

New updated Alt-PHP packages are available from our updates-testing repository.

Changelog:

alt-php55-5.5.36-1 

(find detailed release notes on the link http://www.php.net/ChangeLog-5.php#5.5.36)

  • CVE-2016-5096: (core) integer underflow / arbitrary null write in fread/gzread;
  • CVE-2016-5094: (core) integer overflow in php_html_entities;
  • CVE-2013-7456: (gd) imagescale out-of-bounds read;
  • CVE-2016-5093: (intl) get_icu_value_internal out-of-bounds read;
  • CVE-2016-4343: (phar) uninitialized pointer in phar_make_dirstream().

alt-php56-5.6.22-1

(find detailed release notes on the link: http://www.php.net/ChangeLog-5.php#5.6.22)

  • #72172: (core) zend_hex_strtod should not use strlen;
  • CVE-2016-5096: (core) integer underflow / arbitrary null write in fread/gzread;
  • CVE-2016-5094: (core) integer overflow in php_html_entities;
  • CVE-2013-7456: (gd) imagescale out-of-bounds read;
  • #64524: (intl) add intl.use_exceptions to php.ini-*;
  • CVE-2016-5093: (intl) get_icu_value_internal out-of-bounds read;
  • #72151: (postgres) mysqli_fetch_object changed behaviour.

alt-php70-7.0.7-1

(find detailed release notes on the link: http://www.php.net/ChangeLog-7.php#7.0.7)

  • #72162: (core) use-after-free - error_reporting;
  • (core) add compiler option to disable special case function calls;
  • #72101: (core) crash on complex code;
  • #72100: (core) implode() inserts garbage into resulting string when joins very big integer;
  • #72057: (core) PHP Hangs when using custom error handler and typehint;
  • #72038: (core) function calls with values to a by-ref parameter don't always throw a notice;
  • #71737: (core) memory leak in closure with parameter named $this;
  • #72059: (core) ?? is not allowed on constant expressions;
  • #72159: (core) imported Class overrides Local Class Name;
  • #68658: (curl) define CURLE_SSL_CACERT_BADFILE;
  • #72157: (dba) use-after-free caused by dba_open;
  • CVE-2013-7456: (gd) imagescale out-of-bounds read;
  • CVE-2016-5093: (intl) get_icu_value_internal out-of-bounds read;
  • #72069: (json) behavior \JsonSerializable different from json_encode;
  • #72164: (mbstring) null pointer dereference - mb_ereg_replace;
  • #71600: (oci8) oci_fetch_all segfaults when selecting more than eight columns;
  • #72014: (opcache) including a file with anonymous classes multiple times leads to fatal error;
  • #72165: (openssl) null pointer dereference - openssl_csr_new;
  • #72154: (pcntl) pcntl_wait/pcntl_waitpid array internal structure overwrite;
  • #72133: (posix) php_posix_group_to_array crashes if gr_passwd is NULL;
  • #72028: (postgres) pg_query_params(): NULL converts to empty string;
  • #71062: (postgres) pg_convert() doesn't accept ISO 8601 for datatype timestamp;
  • #72151: (postgres) mysqli_fetch_object changed behaviour;
  • #72174: (reflection) ReflectionProperty#getValue() causes __isset call;
  • #71972: (session) cyclic references causing session_start(): Failed to decode session object;
  • (sockets) added socket_export_stream() function for getting a stream compatible resource from a socket resource;
  • #72051: (spl) the reference in CallbackFilterIterator doesn't work as expected;
  • #68849: (sqlite3) bindValue is not using the right data type;
  • #72075: (standard) referencing socket resources breaks stream_select;
  • #72031: (standard) array_column() against an array of objects discards all values matching null.

 

To update run the command:


yum groupinstall alt-php --enablerepo=cloudlinux-updates-testing

CageFS, LVE Manager, lve-utils and Python-cllib up...
CloudLinux 6.8 released
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Tuesday, 12 November 2019

Captcha Image