CloudLinux OS Blog - HardenedPHP updated
CloudLinux OS Blog

HardenedPHP updated

HardenedPHP updated

New updated HardenedPHP packages are available from our production repository.

Changelog:

alt-php55-5.3.29-41

  • security bug 73356: crash in bzcompress function;
  • CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf;
  • security bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • security bug 72696: imagefilltoborder stackoverflow on truecolor images;
  • security bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow;
  • security bug 73144: Use-after-free in ArrayObject Deserialization;
  • security bug 73192: parse_url return wrong hostname;
  • security bug 73331: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow.

alt-php54-5.4.45-25

  • security bug 73356: crash in bzcompress function;
  • CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf;
  • security bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • security bug 72696: imagefilltoborder stackoverflow on truecolor images;
  • security bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow;
  • security bug 73144: Use-after-free in ArrayObject Deserialization;
  • security bug 73192: parse_url return wrong hostname;
  • security bug 73331: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow.

alt-php53-5.3.29-41

  • security bug 73356: crash in bzcompress function;
  • CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf;
  • security bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • security bug 72696: imagefilltoborder stackoverflow on truecolor images;
  • security bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow;
  • security bug 73144: Use-after-free in ArrayObject Deserialization;
  • security bug 73192: parse_url return wrong hostname;
  • security bug 73331: NULL Pointer Dereference in WDDX Packet Deserialization with PDORow.

alt-php52-5.2.17-91

  • security bug 73356: crash in bzcompress function;
  • CVE-2016-8670: Stack Buffer Overflow in GD dynamicGetbuf;
  • security bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • security bug 72696: imagefilltoborder stackoverflow on truecolor images;
  • security bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow.

alt-php51-5.1.6-64

  • security bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • security bug 72696: imagefilltoborder stackoverflow on truecolor images;
  • security bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow.

alt-php44-4.4.9-56

  • security bug 72482: Illegal write/read access caused by gdImageAALine overflow;
  • security bug 72696: imagefilltoborder stackoverflow on truecolor images;
  • security bug 73418: Integer Overflow in "_php_imap_mail" leads Heap Overflow.

To install run the command:

yum groupinstall alt-php
EasyApache4 updated
Beta: alt-mod-passenger for EasyApache 4 updated
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Friday, 22 November 2019

Captcha Image