Beta Branch backport bug & security fixes for PHP 7.0.33 EOL version

eva2000 · Mar 21, 2019

backport bug & security fixes for PHP 7.0.33 EOL version

Using Remi based patches from 7.0.33 Remi repo

Fix #77369 memcpy with negative length via crafted DNS response
Fix #77370 buffer overflow on mb regex functions - fetch_token
Fix #77371 heap buffer overflow in mb regex functions compile_string_node
Fix #77381 heap buffer overflow in multibyte match_at
Fix #77382 heap buffer overflow in expand_case_fold_string
Fix #77385 buffer overflow in fetch_token
Fix #77394 buffer overflow in multibyte case folding - unicode
Fix #77418 heap overflow in utf32be_mbc_to_code
Fix #77247 heap buffer overflow in phar_detect_phar_fname_ext
Fix #77242 heap out of bounds read in xmlrpc_decode
Fix #77380 global out of bounds read in xmlrpc base64 code
Fix #77509 Uninitialized read in exif_process_IFD_in_TIFF
Fix #77540 Invalid Read on exif_process_SOFn
Fix #77563 Uninitialized read in exif_process_IFD_in_MAKERNOTE
Fix #77659 Uninitialized read in exif_process_IFD_in_MAKERNOTE
Fix #77396 Null Pointer Dereference in phar_create_or_parse_filename
Fix #77431 openFile() silently truncates after a null byte
Fix #77630 rename() across the device may allow unwanted access during processing
Fix #76846 Segfault in shutdown function after memory limit error

Continue reading...

123.09beta01 branch

Branch: https://github.com/centminmod/centminmod/tree/123.09beta01

Commit History: https://github.com/centminmod/centminmod/commits/123.09beta01

eva2000 · Mar 21, 2019

PHP bug #77369 PHP :: Sec Bug #77369 :: memcpy with negative length via crafted DNS response
PHP bug #77370 PHP :: Sec Bug #77370 :: Buffer overflow on mb regex functions - fetch_token
PHP bug #77371 PHP :: Sec Bug #77371 :: heap buffer overflow in mb regex functions - compile_string_node
PHP bug #77381 PHP :: Sec Bug #77381 :: heap buffer overflow in multibyte match_at
PHP bug #77382 PHP :: Sec Bug #77382 :: heap buffer overflow due to incorrect length in expand_case_fold_string
PHP bug #77418 PHP :: Sec Bug #77418 :: Heap overflow in utf32be_mbc_to_code
PHP bug #77247 PHP :: Sec Bug #77247 :: heap buffer overflow in phar_detect_phar_fname_ext
PHP bug #77242 PHP :: Sec Bug #77242 :: heap out of bounds read in xmlrpc_decode()
PHP bug #77380 PHP :: Sec Bug #77380 :: Global out of bounds read in xmlrpc base64 code
PHP bug #77540 PHP :: Sec Bug #77540 :: Invalid Read on exif_process_SOFn
PHP bug #77563 PHP :: Sec Bug #77563 :: Uninitialized read in exif_process_IFD_in_MAKERNOTE
PHP bug #77396 PHP :: Sec Bug #77396 :: Null Pointer Dereference in phar_create_or_parse_filename
PHP bug #77431 PHP :: Sec Bug #77431 :: openFile() silently truncates after a null byte
PHP bug #77630 PHP :: Sec Bug #77630 :: rename() across the device may allow unwanted access during processing
PHP bug #76846 PHP :: Bug #76846 :: Segfault in shutdown function after memory limit error

example centmin.sh menu option 5, PHP 7.0.33 compile with backported patch fixes

Code (Text):

php -v
PHP 7.0.33 (cli) (built: Mar 20 2019 16:35:01) ( NTS )
Copyright (c) 1997-2017 The PHP Group
Zend Engine v3.0.0, Copyright (c) 1998-2017 Zend Technologies
    with Zend OPcache v7.0.33, Copyright (c) 1999-2017, by Zend Technologies

the logs

Code (Text):

ls -lahrt /root/centminlogs | grep php
-rw-r--r--  1 root root 3.7K Mar 20 16:31 patch_php_200319-163057.log
-rw-r--r--  1 root root  753 Mar 20 16:31 gcc_php_native.log
-rw-r--r--  1 root root  753 Mar 20 16:31 gcc_php_x86-64.log
-rw-r--r--  1 root root 1.1K Mar 20 16:31 gcc_php_diff_native-vs-x86-64.log
-rw-r--r--  1 root root 1.4M Mar 20 16:36 centminmod_123.09beta01.b114_200319-163057_php_upgrade.log

contents of patch_php log at /root/centminlogs/patch_php_200319-163057.log

Code (Text):

patching PHP 7.0.33+ for bug #77369
https://bugs.php.net/bug.php?id=77369

dos2unix: converting file php7033-77369.patch to Unix format ...
patching file ext/standard/dns.c

patching PHP 7.0.33+ for bug #77370
https://bugs.php.net/bug.php?id=77370

dos2unix: converting file php7033-77370.patch to Unix format ...
patching file ext/mbstring/oniguruma/regparse.c
patching file ext/mbstring/tests/bug77370.phpt

patching PHP 7.0.33+ for bug #77371
https://bugs.php.net/bug.php?id=77371

dos2unix: converting file php7033-77371.patch to Unix format ...
patching file ext/mbstring/oniguruma/regcomp.c
patching file ext/mbstring/tests/bug77371.phpt

patching PHP 7.0.33+ for bug #77381
https://bugs.php.net/bug.php?id=77381

dos2unix: converting file php7033-77381.patch to Unix format ...
patching file ext/mbstring/oniguruma/enc/unicode.c
patching file ext/mbstring/oniguruma/regcomp.c
patching file ext/mbstring/oniguruma/regparse.c
patching file ext/mbstring/oniguruma/regparse.h
patching file ext/mbstring/tests/bug77371.phpt
patching file ext/mbstring/tests/bug77381.phpt

patching PHP 7.0.33+ for bug #77418
https://bugs.php.net/bug.php?id=77418

dos2unix: converting file php7033-77418.patch to Unix format ...
patching file ext/mbstring/oniguruma/enc/utf16_be.c
patching file ext/mbstring/oniguruma/enc/utf16_le.c
patching file ext/mbstring/oniguruma/enc/utf32_be.c
patching file ext/mbstring/oniguruma/enc/utf32_le.c
patching file ext/mbstring/tests/bug77418.phpt

patching PHP 7.0.33+ for bug #77247
https://bugs.php.net/bug.php?id=77247

dos2unix: converting file php7033-77247.patch to Unix format ...
patching file ext/phar/phar.c
patching file ext/phar/tests/bug77247.phpt

patching PHP 7.0.33+ for bug #77242
https://bugs.php.net/bug.php?id=77242

dos2unix: converting file php7033-77242.patch to Unix format ...
patching file ext/xmlrpc/libxmlrpc/xml_element.c
patching file ext/xmlrpc/tests/bug77242.phpt

patching PHP 7.0.33+ for bug #77380
https://bugs.php.net/bug.php?id=77380

dos2unix: converting file php7033-77380.patch to Unix format ...
patching file ext/xmlrpc/libxmlrpc/base64.c
patching file ext/xmlrpc/tests/bug77380.phpt

patching PHP 7.0.33+ for bug #77540
https://bugs.php.net/bug.php?id=77540

dos2unix: converting file php7033-77540.patch to Unix format ...
patching file ext/exif/exif.c
patching file ext/exif/exif.c

patching PHP 7.0.33+ for bug #77563
https://bugs.php.net/bug.php?id=77563

dos2unix: converting file php7033-77563.patch to Unix format ...
patching file ext/exif/exif.c

patching PHP 7.0.33+ for bug #77396
https://bugs.php.net/bug.php?id=77396

dos2unix: converting file php7033-77396.patch to Unix format ...
patching file ext/phar/phar.c
patching file ext/phar/tests/bug77396.phpt

patching PHP 7.0.33+ for bug #77431
https://bugs.php.net/bug.php?id=77431

dos2unix: converting file php7033-77431.patch to Unix format ...
patching file ext/spl/spl_directory.c
patching file ext/spl/tests/bug77431.phpt

patching PHP 7.0.33+ for bug #77630
https://bugs.php.net/bug.php?id=77630

dos2unix: converting file php7033-77630.patch to Unix format ...
patching file main/streams/plain_wrapper.c

patching PHP 7.0.33+ for bug #76846
https://bugs.php.net/bug.php?id=76846

dos2unix: converting file php7033-76846.patch to Unix format ...
patching file Zend/tests/bug76846.phpt
patching file Zend/zend_objects_API.c
patching file Zend/tests/bug76846.phpt

patching PHP 7.0.33+ php-openssl-cert patch

dos2unix: converting file php7033-php-openssl-cert.patch to Unix format ...
patching file ext/openssl/tests/bug54992-ca.pem
patching file ext/openssl/tests/bug54992.pem
patching file ext/openssl/tests/bug54992.phpt
patching file ext/openssl/tests/openssl_peer_fingerprint_basic.phpt

Log in / Register

Forums

Learn about Centmin Mod LEMP Stack today

Beta Branch backport bug & security fixes for PHP 7.0.33 EOL version

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

.

Log in / Register

Useful Searches

Learn about Centmin Mod LEMP Stack today

Beta Branch backport bug & security fixes for PHP 7.0.33 EOL version

eva2000 Administrator Staff Member

eva2000 Administrator Staff Member

.