Opened 8 years ago

Closed 8 years ago

#6990 closed enhancement (fixed)


Reported by: Fernando de Oliveira Owned by: Pierre Labastie
Priority: high Milestone: 7.9
Component: BOOK Version: SVN
Severity: normal Keywords:


md5: 96080ad8c5111446f58290cc6f18698c

Security Release

Security related bugs:

  •   ID#  OS                       Summary
  ◦ 70433 Linux   Uninitialized pointer in phar_make_dirstream when zip
    entry filename is "/"
  ◦ 69720   *     Null pointer dereference in phar_get_fp_offset()

01 Oct 2015

The PHP development team announces the immediate availability of PHP
5.6.14. This is a security release. Two security bugs were fixed in this
release. All PHP 5.6 users are encouraged to upgrade to this version.

Version 5.6.14
01 Oct 2015

  • Core:
      • Fixed bug #70370 (Bundled libtool.m4 doesn't handle FreeBSD 10
        when building extensions).
  • CLI server:
      • Fixed bug #68291 (404 on urls with '+').
  • DOM:
      • Fixed bug #70001 (Assigning to DOMNode::textContent does
        additional entity encoding).
  • Mysqlnd:
      • Fixed bug #70456 (mysqlnd doesn't activate TCP keep-alive when
        connecting to a server).
  • OpenSSL:
      • Fixed bug #55259 (openssl extension does not get the DH
        parameters from DH key resource).
      • Fixed bug #70395 (Missing ARG_INFO for openssl_seal()).
      • Fixed bug #60632 (openssl_seal fails with AES).
      • Fixed bug #68312 (Lookup for openssl.cnf causes a message box).
  • PDO:
      • Fixed bug #70389 (PDO constructor changes unrelated variables).
  • Phar:
      • Fixed bug #69720 (Null pointer dereference in
      • Fixed bug #70433 (Uninitialized pointer in phar_make_dirstream
        when zip entry filename is "/").
  • Phpdbg:
      • Fix phpdbg_break_next() sometimes not breaking.
  • Standard:
      • Fixed bug #67131 (setcookie() conditional for empty values not
  • Streams:
      • Fixed bug #70361 (HTTP stream wrapper doesn't close keep-alive
  • Zip:
      • Fixed bug #70322 (ZipArchive::close() doesn't indicate errors).

Change History (2)

comment:1 by Pierre Labastie, 8 years ago

Owner: changed from blfs-book@… to Pierre Labastie
Status: newassigned

comment:2 by Pierre Labastie, 8 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r16500

Note: See TracTickets for help on using tickets.