[blfs-book] [BLFS Trac] #6990: php-5.6.14

Fri, 02 Oct 2015 04:28:17 -0700 

#6990: php-5.6.14
-------------------------+-------------------------
 Reporter:  fo           |      Owner:  blfs-book@…
     Type:  enhancement  |     Status:  new
 Priority:  high         |  Milestone:  7.9
Component:  BOOK         |    Version:  SVN
 Severity:  normal       |   Keywords:
-------------------------+-------------------------
 [http://www.php.net/distributions/php-5.6.14.tar.xz]

 [https://secure.php.net/downloads.php]

 md5: 96080ad8c5111446f58290cc6f18698c

 [http://www.php.net/distributions/php-5.6.14.tar.xz.asc]

  == Security Release ==

 Security related bugs:

 
[https://bugs.php.net/search.php?cmd=display&project=PHP&bug_type=Security&direction=DESC&limit=30&status=Closed&reorder_by=ts2]

 {{{
   •   ID#  OS                       Summary
   ◦ 70433 Linux   Uninitialized pointer in phar_make_dirstream when zip
     entry filename is "/"
   ◦ 69720   *     Null pointer dereference in phar_get_fp_offset()
 }}}

 [https://secure.php.net/archive/2015.php#id2015-08-06-4]

 {{{
 01 Oct 2015

 The PHP development team announces the immediate availability of PHP
 5.6.14. This is a security release. Two security bugs were fixed in this
 release. All PHP 5.6 users are encouraged to upgrade to this version.
 }}}

 [https://secure.php.net/ChangeLog-5.php#5.6.14]

 {{{
 Version 5.6.14
 01 Oct 2015

   • Core:
       • Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10
         when building extensions).
   • CLI server:
       • Fixed bug #68291 (404 on urls with '+').
   • DOM:
       • Fixed bug #70001 (Assigning to DOMNode::textContent does
         additional entity encoding).
   • Mysqlnd:
       • Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when
         connecting to a server).
   • OpenSSL:
       • Fixed bug #55259 (openssl extension does not get the DH
         parameters from DH key resource).
       • Fixed bug #70395 (Missing ARG_INFO for openssl_seal()).
       • Fixed bug #60632 (openssl_seal fails with AES).
       • Fixed bug #68312 (Lookup for openssl.cnf causes a message box).
   • PDO:
       • Fixed bug #70389 (PDO constructor changes unrelated variables).
   • Phar:
       • Fixed bug #69720 (Null pointer dereference in
         phar_get_fp_offset()).
       • Fixed bug #70433 (Uninitialized pointer in phar_make_dirstream
         when zip entry filename is "/").
   • Phpdbg:
       • Fix phpdbg_break_next() sometimes not breaking.
   • Standard:
       • Fixed bug #67131 (setcookie() conditional for empty values not
         met).
   • Streams:
       • Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive
         connections).
   • Zip:
       • Fixed bug #70322 (ZipArchive::close() doesn't indicate errors).
 }}}

--
Ticket URL: <http://wiki.linuxfromscratch.org/blfs/ticket/6990>
BLFS Trac <http://wiki.linuxfromscratch.org/blfs>
Beyond Linux From Scratch
-- 
http://lists.linuxfromscratch.org/listinfo/blfs-book
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page

Reply via email to