Learn about Centmin Mod LEMP Stack today
Become a Member

Master Branch backport bug & security fixes for PHP 7.0.33 EOL version

Discussion in 'Centmin Mod Github Commits' started by eva2000, Mar 25, 2019.

  1. eva2000

    eva2000 Administrator Staff Member

    40,620
    9,015
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +13,881
    Local Time:
    5:03 AM
    Nginx 1.15.x
    MariaDB 5.5/10.x
    backport bug & security fixes for PHP 7.0.33 EOL version

    Using Remi based patches from 7.0.33 Remi repo

    Fix #77369 memcpy with negative length via crafted DNS response
    Fix #77370 buffer overflow on mb regex functions - fetch_token
    Fix #77371 heap buffer overflow in mb regex functions compile_string_node
    Fix #77381 heap buffer overflow in multibyte match_at
    Fix #77382 heap buffer overflow in expand_case_fold_string
    Fix #77385 buffer overflow in fetch_token
    Fix #77394 buffer overflow in multibyte case folding - unicode
    Fix #77418 heap overflow in utf32be_mbc_to_code
    Fix #77247 heap buffer overflow in phar_detect_phar_fname_ext
    Fix #77242 heap out of bounds read in xmlrpc_decode
    Fix #77380 global out of bounds read in xmlrpc base64 code
    Fix #77509 Uninitialized read in exif_process_IFD_in_TIFF
    Fix #77540 Invalid Read on exif_process_SOFn
    Fix #77563 Uninitialized read in exif_process_IFD_in_MAKERNOTE
    Fix #77659 Uninitialized read in exif_process_IFD_in_MAKERNOTE
    Fix #77396 Null Pointer Dereference in phar_create_or_parse_filename
    Fix #77431 openFile() silently truncates after a null byte
    Fix #77630 rename() across the device may allow unwanted access during processing
    Fix #76846 Segfault in shutdown function after memory limit error

    Continue reading...

    Centmin Mod Github Master branch

    Master branch is where most recent commits are made as at May 24, 2015.