Edited at

CentOSのPHPセキュリティパッチ履歴

More than 1 year has passed since last update.


PHP 5.4.16 (RHEL/CentOS 7)

RHEL/CentOS 7.x の yum 標準リポジトリーでインストールされる PHP 5.4.16 へのバックポートの ChangeLog の一覧。

PHP本体の ChangeLog とは異なる。

リリース日
リリース
チェンジログ

2018/01/23
43.1
- gd: fix buffer over-read into uninitialized memory CVE-2017-7890

2017/10/04
43
- gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx() CVE-2016-10167
- gd: Signed Integer Overflow gd_io.c CVE-2016-10168

2016/08/05
42
- bz2: fix improper error handling in bzread() CVE-2016-5399

2016/08/01
41
- gd: fix integer overflow in _gd2GetHeader() resulting in heap overflow CVE-2016-5766
- gd: fix integer overflow in gdImagePaletteToTrueColor() resulting in heap overflow CVE-2016-5767
- mbstring: fix double free in _php_mb_regex_ereg_replace_exec CVE-2016-5768

2016/07/22
40
- don't set environmental variable based on user supplied Proxy request header CVE-2016-5385

2016/06/15
39
- fix segmentation fault in header_register_callback #1344578

2016/05/30
38
- curl: add options to enable TLS #1291667
- mysqli: fix segfault in mysqli_stmt::bind_result() when link is closed #1096800
- fpm: fix incorrectly defined SCRIPT_NAME variable when using Apache #1138563
- core: fix segfault when a zend_extension is loaded twice #1289457
- openssl: change default_md algo from MD5 to SHA1 #1073388
- wddx: fix segfault in php_wddx_serialize_var #1131979

2016/04/04
37
- session: fix segfault in session with rfc1867 #1297179

2015/06/10
36
- fix more functions accept paths with NUL character #1213407

2015/06/05
35
- core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024
- fix various functions accept paths with NUL character CVE-2015-4025, CVE-2015-4026, #1213407
- fileinfo: fix denial of service when processing a crafted file #1213442
- ftp: fix integer overflow leading to heap overflow when reading FTP file listing CVE-2015-4022
- phar: fix buffer over-read in metadata parsing CVE-2015-2783
- phar: invalid pointer free() in phar_tar_process_metadata() CVE-2015-3307
- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329
- phar: fix memory corruption in phar_parse_tarfile caused by empty entry file name CVE-2015-4021
- soap: fix type confusion through unserialize #1222538
- apache2handler: fix pipelined request executed in deinitialized interpreter under httpd 2.4 CVE-2015-3330

2015/04/16
34
- fix memory corruption in fileinfo module on big endian machines #1082624
- fix segfault in pdo_odbc on x86_64 #1159892
- fix segfault in gmp allocator #1154760

2015/04/10
33
- core: use after free vulnerability in unserialize() CVE-2014-8142 and CVE-2015-0231
- core: fix use-after-free in unserialize CVE-2015-2787
- core: fix NUL byte injection in file name argument of move_uploaded_file() CVE-2015-2348
- date: use after free vulnerability in unserialize CVE-2015-0273
- enchant: fix heap buffer overflow in enchant_broker_request_dict CVE-2014-9705
- exif: free called on unitialized pointer CVE-2015-0232
- fileinfo: fix out of bounds read in mconvert CVE-2014-9652
- gd: fix buffer read overflow in gd_gif_in.c CVE-2014-9709
- phar: use after free in phar_object.c CVE-2015-2301
- soap: fix type confusion through unserialize

2014/10/23
31
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710

2014/10/21
29
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
- core: fix integer overflow in unserialize() CVE-2014-3669
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670

2014/09/12
27
- gd: fix NULL pointer dereference in gdImageCreateFromXpm(). CVE-2014-2497
- gd: fix NUL byte injection in file names. CVE-2014-5120
- fileinfo: fix extensive backtracking in regular expression (incomplete fix for CVE-2013-7345). CVE-2014-3538
- fileinfo: fix mconvert incorrect handling of truncated pascal string size. CVE-2014-3478
- fileinfo: fix cdf_read_property_info (incomplete fix for CVE-2012-1571). CVE-2014-3587
- spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- network: fix segfault in dns_get_record (incomplete fix for CVE-2014-4049). CVE-2014-3597

2014/08/21
25
- fix segfault after startup on aarch64 (#1107567)
- compile php with -O3 on ppc64le (#1123499)

2014/06/13
23
- fileinfo: cdf_unpack_summary_info() excessive looping DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238
- fileinfo: cdf_check_stream_offset insufficient boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check CVE-2014-3480
- fileinfo: cdf_read_short_sector insufficient boundary check. CVE-2014-0207
- fileinfo: cdf_read_property_info insufficient boundary check. CVE-2014-3487
- fileinfo: fix extensive backtracking CVE-2013-7345
- core: type confusion issue in phpinfo(). CVE-2014-4721
- core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw. CVE-2014-3515

2014/03/07
21
- fix out-of-bounds memory access in fileinfo CVE-2014-2270

2014/02/21
19
- fix memory leak introduce in patch for CVE-2014-1943
- fix heap-based buffer over-read in DateInterval CVE-2013-6712

2014/02/19
17
- fix infinite recursion in fileinfo CVE-2014-1943

2014/01/24
15
- Mass rebuild 2014-01-24

2014/01/15
14
- Rebuild for mariadb-libs Related: #1045013

2014/01/10
13
- build with -O3 on ppc64 #1051073

2014/01/09
11
- use correct config.{guess,sub} for ppc64p7 #1048892

2013/12/27
10
- Mass rebuild 2013-12-27

2013/12/06
9
- add security fix for CVE-2013-6420

2013/11/04
7
- fix for non x86 build #1023796

2013/08/19
5
- fix enchant package summary and description
- add security fix for CVE-2013-4248

2013/07/18
4
- improve mod_php, pgsql and ldap description
- add provides php(pdo-abi) for consistency with php(api) and php(zend-abi)
- use %__isa_bits instead of %__isa in ABI suffix

2013/07/12
3
- add security fix for CVE-2013-4113
- add missing ASL 1.0 license
- rebuild for net-snmp

2013/07/02
2
- add missing man pages (phar, php-cgi) #948873

2013/06/06
1
- update to 5.4.16
- switch systemd unit to Type=notify
- patch for upstream Bug #64915 error_log ignored when daemonize=0
- patch for upstream Bug #64949 Buffer overflow in _pdo_pgsql_error
- patch for upstream bug #64960 Segfault in gc_zval_possible_root
- add version to "Obsoletes"
- own /usr/share/fpm


PHP 5.3.3 (RHEL/CentOS 6)

RHEL/CentOS 6.x の yum 標準リポジトリーでインストールされる PHP 5.3.3 へのバックポートの ChangeLog の一覧。

PHP本体の ChangeLog とは異なる。

リリース日
リリース
チェンジログ

2016/11/07
49
- fix php-soap fails to connect to HTTPS web service sporadically as stream_socket_enable_crypto() uses NONBLOCK #1283153

2016/07/25
48
- don't set environmental variable based on user supplied Proxy request header CVE-2016-5385

2015/12/09
47
- fix wrong warning in openssl_encrypt() for missing IV when IV is not required #1260315
- fix segfault's when you try and allocate an SplFixedArray with size >= 9999 #1071344
- segfault in php_pgsql_meta_data CVE-2015-4644 #1234434
- add options to enable TLS in curl #1255920
- fix segfault in gc_collect_cycles #1122681

2015/07/03
46
- fix gzfile accept paths with NUL character #1213407
- fix patch for CVE-2015-4024

2015/06/10
45
- fix more functions accept paths with NUL character #1213407

2015/06/08
44
- soap: missing fix for #1222538 and #1204868

2015/06/05
43
- core: fix multipart/form-data request can use excessive amount of CPU usage CVE-2015-4024
- fix various functions accept paths with NUL character CVE-2015-4026, #1213407
- ftp: fix integer overflow leading to heap overflow when reading FTP file listing CVE-2015-4022
- phar: fix buffer over-read in metadata parsing CVE-2015-2783
- phar: invalid pointer free() in phar_tar_process_metadata() CVE-2015-3307
- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329
- phar: fix memory corruption in phar_parse_tarfile caused by empty entry file name CVE-2015-4021
- soap: more fix type confusion through unserialize #1222538

2015/04/13
42
- soap: more fix type confusion through unserialize #1204868

2015/04/09
41
- core: fix double in zend_ts_hash_graceful_destroy CVE-2014-9425
- core: fix use-after-free in unserialize CVE-2015-2787
- exif: fix free on unitialized pointer CVE-2015-0232
- gd: fix buffer read overflow in gd_gif.c CVE-2014-9709
- date: fix use after free vulnerability in unserialize CVE-2015-0273
- enchant: fix heap buffer overflow in enchant_broker_request_dict CVE-2014-9705
- phar: use after free in phar_object.c CVE-2015-2301
- soap: fix type confusion through unserialize

2014/10/23
40
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710

2014/10/21
39
- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
- core: fix integer overflow in unserialize() CVE-2014-3669
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670

2014/09/10
38
- spl: fix use-after-free in ArrayIterator due to object change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670

2014/08/14
37
- gd: fix NULL pointer dereference in gdImageCreateFromXpm. CVE-2014-2497
- fileinfo: fix incomplete fix for CVE-2012-1571 in cdf_read_property_info. CVE-2014-3587
- core: fix incomplete fix for CVE-2014-4049 DNS TXT record parsing. CVE-2014-3597

2014/07/15
36
- core: type confusion issue in phpinfo(). CVE-2014-4721
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
- core: fix heap-based buffer overflow in DNS TXT record parsing. CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type confusion flaw. CVE-2014-3515

2014/07/01
35
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
- fileinfo: unrestricted recursion in handling of indirect type rules. CVE-2014-1943
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480

2014/06/13
34
- fileinfo: cdf_unpack_summary_info() excessive looping DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite loop. CVE-2014-0238

2014/06/04
33
- add php_get_module_initialized internal function (#1053301)

2014/05/27
31
- soap: fixRFC2616 transgression (#1045019)
- fix static calling in non-static method (#953786)
- fix autoload called from closing session (#954027)

2014/05/12
29
- drop unneeded part of CVE-2006-724.patch and fileinfo.patch extension not provided or git binary patches (#1064027)
- odbc: fix incompatible pointer type (#1053982)
- mysqli: fix possible segfault in mysqli_stmt::bind_result php bug 66762 (#1069167)
- mysql: fix php_mysql_fetch_hash writes long value into int php bug 52636 (#1054953)

2013/12/05
27
- add security fix for CVE-2013-6420

2013/08/19
26
- add security fix for CVE-2013-4248

2013/07/26
25
- rename patch to math CVE-2010-3709 name
- add security fixes for CVE-2006-7243, CVE-2013-1643

2013/07/22
24
- fix buffer overflow in _pdo_pgsql_error (#969110)
- fix double free when destroy_zend_class fails (#910466)
- fix segfault in error_handler with allow_call_time_pass_reference = Off (#892158)
- fix copy doesn't report failure on partial copy (#947428)
- add rpm macros for packagers: %php_inidir, %php_incldir and %__php (#953814)

2013/07/12
23
- add security fix for CVE-2013-4113

2012/11/29
22
- php-xml provides php-xmlreader and php-xmlwriter (#874987)
- fix possible NULL derefence and buffer overflow (#879179)
- fix zend garbage collector (#848186, #868375)

2012/10/23
21
- fix CVE reference in previous changelog entry

2012/10/19
20
- remove reproducer from security fix for CVE-2012-0781

2012/10/18
19
- add FastCGI Process Manager (php-fpm) SAPI (#806132, #824293)

2012/10/17
18
- php script hangs when it exceeds max_execution_time when inside an ODBC call (#864951)

2012/10/16
17
- add security fixes for CVE-2012-2688, CVE-2012-0831, CVE-2011-1398

2012/10/09
16
- fix stream support in fileinfo (#858653)
- fix imap_open DISABLE_AUTHENTICATOR param ignores array (#859371)

2012/10/04
15
- fix permission on source files (#676364)
- fix negative keys with var_export (#771738)
- fix setDate when DateTime created from timestamp (#812819)
- add php(language) and missing provides (#837042)
- use arch-specific requires (#833545)
- fix possible buffer overflow in pdo_odbc (#836264)
- fix possible segfault in pdo_mysql (#824199)

2012/06/25
14
- add security fix for CVE-2010-2950

2012/06/13
13
- fix tests for CVE-2012-2143, CVE-2012-0789

2012/06/12
12
- add fix for CVE-2012-2336

2012/06/11
11
- add security fixes for CVE-2012-0781, CVE-2011-4153, CVE-2012-0057, CVE-2012-0789, CVE-2012-1172, CVE-2012-2143, CVE-2012-2386

2012/05/03
9
- correct detection of = in CVE-2012-1823 fix (#818607)

2012/05/03
8
- add security fix for CVE-2012-1823 (#818607)

2012/02/02
7
- add security fix for CVE-2012-0830 (#786744)

2012/01/05
6
- merge Joe's changes:
- improve CVE-2011-1466 fix to cover CAL_GREGORIAN, CAL_JEWISH
- add security fixes for CVE-2011-2483, CVE-2011-0708, CVE-2011-1148, CVE-2011-1466, CVE-2011-1468, CVE-2011-1469, CVE-2011-1470, CVE-2011-1471, CVE-2011-1938, and CVE-2011-2202 (#740732)

2012/01/04
5
- remove extra php.ini-prod/devel files caused by %patch -b

2012/01/02
4
- add security fixes for CVE-2011-4885, CVE-2011-4566 (#769755)

2011/01/21
3
- add security fixes for CVE-2010-4645, CVE-2010-4156 (#670439)

2011/01/14
2
- fix transposed memset arguments in libzip

2011/01/12
1
- update to 5.3.3 (#645591)
- add security fixes for CVE-2010-3709, CVE-2010-3710, CVE-2010-3870, CVE-2009-5016 (#651953)
- prevent extract() cloberring $GLOBALS (#655118)
- ensure correct mysql_config is used in biarch builds


PHP 関連記事