Opened 9 years ago

Closed 9 years ago

#6899 closed enhancement (fixed)

php-5.6.13

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.8
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

http://www.php.net/distributions/php-5.6.13.tar.xz

https://secure.php.net/downloads.php

md5: 64d9a82068e3b0bbb16c261261391172

http://www.php.net/distributions/php-5.6.13.tar.xz.asc

https://secure.php.net/archive/2015.php#id2015-08-06-4 

The PHP development team announces the immediate availability of PHP
5.6.13. 11 security-related issues were fixed in this release. All PHP
5.6 users are encouraged to upgrade to this version.

https://secure.php.net/ChangeLog-5.php#5.6.13

Some fixed vulnerabilities: bugs #70172, #70219, #70365, and #70366. 

Version 5.6.13
03 Sep 2015

 • Core:
   • Fixed bug #69900 (Too long timeout on pipes).
   • Fixed bug #69487 (SAPI may truncate POST data).
   • Fixed bug #70198 (Checking liveness does not work as expected).
   • Fixed bug #70172 (Use After Free Vulnerability in unserialize()).
   • Fixed bug #70219 (Use after free vulnerability in session
     deserializer).

 • CLI server:
   • Fixed bug #66606 (Sets HTTP_CONTENT_TYPE but not CONTENT_TYPE).
   • Fixed bug #70264 (CLI server directory traversal).

 • Date:
   • Fixed bug #70266 (DateInterval::__construct.interval_spec is not
     supposed to be optional).
   • Fixed bug #70277 (new DateTimeZone($foo) is ignoring text after
     null byte).

 • EXIF:
   • Fixed bug #70385 (Buffer over-read in exif_read_data with TIFF IFD
     tag byte value of 32 bytes).

 • hash:
   • Fixed bug #70312 (HAVAL gives wrong hashes in specific cases).

 • MCrypt:
   • Fixed bug #69833 (mcrypt fd caching not working).

 • Opcache:
   • Fixed bug #70237 (Empty while and do-while segmentation fault with
     opcode on CLI enabled).

 • PCRE:
   • Fixed bug #70232 (Incorrect bump-along behavior with \K and empty
     string match).
   • Fixed bug #70345 (Multiple vulnerabilities related to PCRE
     functions).

 • SOAP:
   • Fixed bug #70388 (SOAP serialize_function_call() type confusion /
     RCE).

 • SPL:
   • Fixed bug #70290 (Null pointer deref (segfault) in spl_autoload via
     ob_start).
   • Fixed bug #70303 (Incorrect constructor reflection for
     ArrayObject).
   • Fixed bug #70365 (Use-after-free vulnerability in unserialize()
     with SplObjectStorage).
   • Fixed bug #70366 (Use-after-free vulnerability in unserialize()
     with SplDoublyLinkedList).

 • Standard:
   • Fixed bug #70052 (getimagesize() fails for very large and very
     small WBMP).
   • Fixed bug #70157 (parse_ini_string() segmentation fault with
     INI_SCANNER_TYPED).

 • XSLT:
   • Fixed bug #69782 (NULL pointer dereference).

 • ZIP:
   • Fixed bug #70350 (ZipArchive::extractTo allows for directory
     traversal when creating directories).

Change History (2)

comment:1 by Fernando de Oliveira, 9 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:2 by Fernando de Oliveira, 9 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16376.

Note: See TracTickets for help on using tickets.