[packages/php/PHP_5_6] up to 5.6.23 - http://php.net/releases/5_6_23.php

glen glen at pld-linux.org
Mon Jun 27 00:22:39 CEST 2016 

commit 8114e5daaa74fa2213f61a47d8d48dcefd2ceae5
Author: Elan Ruusamäe <glen at delfi.ee>
Date:   Mon Jun 27 01:18:44 2016 +0300

    up to 5.6.23 - http://php.net/releases/5_6_23.php
    
    - Fixed bug #66387 (Stack overflow with imagefilltoborder).  (CVE-2015-8874)
    - Fixed bug #72339 (Integer Overflow in _gd2GetHeader() resulting in heap overflow). (CVE-2016-5766)
    - Fixed bug #72446 (Integer Overflow in gdImagePaletteToTrueColor() resulting in heap overflow). (CVE-2016-5767)
    - Fixed bug #72402 (_php_mb_regex_ereg_replace_exec - double free). (CVE-2016-5768)
    - Fixed bug #72455 (Heap Overflow due to integer overflows). (CVE-2016-5769)
    - Fixed bug #72262 (int/size_t confusion in SplFileObject::fread). (CVE-2016-5770)
    - Fixed bug #72433 (Use After Free Vulnerability in PHP's GC algorithm and unserialize). (CVE-2016-5771)
    - Fixed bug #72340 (Double Free Courruption in wddx_deserialize). (CVE-2016-5772)
    - Fixed bug #72434 (ZipArchive class Use After Free Vulnerability in PHP's GC algorithm and unserialize). (CVE-2016-5773)

 php.spec | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/php.spec b/php.spec
index 75fe266..4a34f11 100644
--- a/php.spec
+++ b/php.spec
@@ -161,7 +161,7 @@ Summary(pt_BR.UTF-8):	A linguagem de script PHP
 Summary(ru.UTF-8):	PHP Версии 5 - язык препроцессирования HTML-файлов, выполняемый на сервере
 Summary(uk.UTF-8):	PHP Версії 5 - мова препроцесування HTML-файлів, виконувана на сервері
 Name:		%{orgname}%{php_suffix}
-Version:	5.6.22
+Version:	5.6.23
 Release:	%{rel}
 Epoch:		4
 # All files licensed under PHP version 3.01, except
@@ -170,7 +170,7 @@ Epoch:		4
 License:	PHP 3.01 and Zend and BSD
 Group:		Libraries
 Source0:	http://www.php.net/distributions/%{orgname}-%{version}.tar.xz
-# Source0-md5:	19a5bcbddc105dfb29482ab779fcc795
+# Source0-md5:	c2d2155e50bcbaa0ee7a63845862c894
 Source2:	%{orgname}-mod_%{orgname}.conf
 Source3:	%{orgname}-cgi-fcgi.ini
 Source4:	%{orgname}-apache.ini
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/php.git/commitdiff/8114e5daaa74fa2213f61a47d8d48dcefd2ceae5

More information about the pld-cvs-commit mailing list