--------------------------------------------------------------------------------Fedora Update Notification
FEDORA-2017-0af85ae851
2017-11-07 21:00:14.742741
--------------------------------------------------------------------------------Name        : php
Product     : Fedora 26
Version     : 7.1.11
Release     : 1.fc26
URL         : https://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

--------------------------------------------------------------------------------Update Information:

**PHP version 7.1.11** (26 Oct 2017)  **Core:**  * Fixed bug php#75241 (Null
pointer dereference in zend_mm_alloc_small()). (Laruence) * Fixed bug php#75236
(infinite loop when printing an error-message). (Andrea) * Fixed bug php#75252
(Incorrect token formatting on two parse errors in one request). (Nikita) *
Fixed bug php#75220 (Segfault when calling is_callable on parent).
(andrewnester) * Fixed bug php#75290 (debug info of Closures of internal
functions contain garbage argument names). (Andrea)  **Date:**  * Fixed bug
php#75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)
**Apache2Handler:**  * Fixed bug php#75311 (error: 'zend_hash_key' has no member
named 'arKey' in apache2handler). (mcarbonneaux)  **Hash:**  * Fixed bug
php#75303 (sha3 hangs on bigendian). (Remi)  **Intl:**  * Fixed bug php#75318
(The parameter of UConverter::getAliases() is not optional). (cmb)  **mcrypt:**
* Fixed bug php#72535 (arcfour encryption stream filter crashes php). (Leigh)
**MySQLi:**  * Fixed bug php#75018 (Data corruption when reading fields of bit
type). (Anatol)  **Opcache**  * Fixed bug php#75255 (Request hangs and not
finish). (Dmitry)  **PCRE:**  * Fixed bug php#75207 (applied upstream patch for
CVE-2016-1283). (Anatol)  **PDO_mysql:**  * Fixed bug php#75177 (Type 'bit' is
fetched as unexpected string). (Anatol)  **SPL:**  * Fixed bug php#73629
(SplDoublyLinkedList::setIteratorMode masks intern flags). (J. Jeising, cmb)
--------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php' at the command line.
For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora 26: php Security Update

November 7, 2017

**PHP version 7.1.11** (26 Oct 2017) **Core:** * Fixed bug php#75241 (Null pointer dereference in zend_mm_alloc_small())

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)

which adds support for the PHP language to Apache HTTP Server.

**PHP version 7.1.11** (26 Oct 2017) **Core:** * Fixed bug php#75241 (Null

pointer dereference in zend_mm_alloc_small()). (Laruence) * Fixed bug php#75236

(infinite loop when printing an error-message). (Andrea) * Fixed bug php#75252

(Incorrect token formatting on two parse errors in one request). (Nikita) *

Fixed bug php#75220 (Segfault when calling is_callable on parent).

(andrewnester) * Fixed bug php#75290 (debug info of Closures of internal

functions contain garbage argument names). (Andrea) **Date:** * Fixed bug

php#75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick)

**Apache2Handler:** * Fixed bug php#75311 (error: 'zend_hash_key' has no member

named 'arKey' in apache2handler). (mcarbonneaux) **Hash:** * Fixed bug

php#75303 (sha3 hangs on bigendian). (Remi) **Intl:** * Fixed bug php#75318

(The parameter of UConverter::getAliases() is not optional). (cmb) **mcrypt:**

* Fixed bug php#72535 (arcfour encryption stream filter crashes php). (Leigh)

**MySQLi:** * Fixed bug php#75018 (Data corruption when reading fields of bit

type). (Anatol) **Opcache** * Fixed bug php#75255 (Request hangs and not

finish). (Dmitry) **PCRE:** * Fixed bug php#75207 (applied upstream patch for

CVE-2016-1283). (Anatol) **PDO_mysql:** * Fixed bug php#75177 (Type 'bit' is

fetched as unexpected string). (Anatol) **SPL:** * Fixed bug php#73629

(SplDoublyLinkedList::setIteratorMode masks intern flags). (J. Jeising, cmb)

su -c 'dnf upgrade php' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

FEDORA-2017-0af85ae851 2017-11-07 21:00:14.742741 Product : Fedora 26 Version : 7.1.11 Release : 1.fc26 URL : https://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. **PHP version 7.1.11** (26 Oct 2017) **Core:** * Fixed bug php#75241 (Null pointer dereference in zend_mm_alloc_small()). (Laruence) * Fixed bug php#75236 (infinite loop when printing an error-message). (Andrea) * Fixed bug php#75252 (Incorrect token formatting on two parse errors in one request). (Nikita) * Fixed bug php#75220 (Segfault when calling is_callable on parent). (andrewnester) * Fixed bug php#75290 (debug info of Closures of internal functions contain garbage argument names). (Andrea) **Date:** * Fixed bug php#75055 (Out-Of-Bounds Read in timelib_meridian()). (Derick) **Apache2Handler:** * Fixed bug php#75311 (error: 'zend_hash_key' has no member named 'arKey' in apache2handler). (mcarbonneaux) **Hash:** * Fixed bug php#75303 (sha3 hangs on bigendian). (Remi) **Intl:** * Fixed bug php#75318 (The parameter of UConverter::getAliases() is not optional). (cmb) **mcrypt:** * Fixed bug php#72535 (arcfour encryption stream filter crashes php). (Leigh) **MySQLi:** * Fixed bug php#75018 (Data corruption when reading fields of bit type). (Anatol) **Opcache** * Fixed bug php#75255 (Request hangs and not finish). (Dmitry) **PCRE:** * Fixed bug php#75207 (applied upstream patch for CVE-2016-1283). (Anatol) **PDO_mysql:** * Fixed bug php#75177 (Type 'bit' is fetched as unexpected string). (Anatol) **SPL:** * Fixed bug php#73629 (SplDoublyLinkedList::setIteratorMode masks intern flags). (J. Jeising, cmb) su -c 'dnf upgrade php' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org