Remi's RPM repository - Packages

Blog | Forum | Repository

php - PHP scripting language for creating dynamic web sites

Website:
http://www.php.net/
Licence:
PHP and Zend and BSD
Vendor:
Remi Collet
Description:
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

Packages

php-5.4.45-10.el5.remi.x86_64 [3.3 MiB] Changelog by Remi Collet (2016-06-21):
- Fix #66387: Stack overflow with imagefilltoborder
- Fix #72340: Double Free Courruption in wddx_deserialize
  CVE-2016-5772
- Fix #72275: don't allow smart_str to overflow int
- Fix #72400: prevent signed int overflows for string lengths
- Fix #72403: prevent signed int overflows for string lengths
- Fix #72268: Integer Overflow in nl2br(). (Stas)
- Fix #72339: Integer Overflow in _gd2GetHeader() resulting in heap overflow
  CVE-2016-5766
- Fix #72298: pass2_no_dither out-of-bounds access
- Fix #72402: _php_mb_regex_ereg_replace_exec - double free
  CVE-2016-5768
- Fix #72433: SPL use After Free Vulnerability in PHP's GC
  CVE-2016-5771
- Fix #72434: ZipArchive class use After Free Vulnerability in PHP's GC
  CVE-2016-5773
- Fix #72455: Heap Overflow due to integer overflows
  CVE-2016-5769
- Fix #72446: Integer Overflow in gdImagePaletteToTrueColor()
  CVE-2016-5767
php-5.4.45-9.el5.remi.x86_64 [3.3 MiB] Changelog by Remi Collet (2016-05-29):
- Fix #71331: Uninitialized pointer in phar_make_dirstream
  CVE-2016-4343
- Fix #72114: int/size_t confusion in fread
  CVE-2016-5096
- Add check for string overflow to all string add operations
- Fix #72135: don't create strings with lengths outside int range
  CVE-2016-5094
- Fix #72241: get_icu_value_internal out-of-bounds read
  CVE-2016-5093