Fedora Linux 8782 Published by

A php security update has been released for Fedora 34.



SECURITY: Fedora 34 Update: php-7.4.19-1.fc34


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-eab9e0e415
2021-05-12 05:41:31.252305
--------------------------------------------------------------------------------

Name : php
Product : Fedora 34
Version : 7.4.19
Release : 1.fc34
URL :   http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

--------------------------------------------------------------------------------
Update Information:

**PHP version 7.4.19** (06 May 2021) **PDO_pgsql:** * Reverted bug fix for
php#80892 (PDO::PARAM_INT is treated the same as PDO::PARAM_STR). (Matteo)
---- **PHP version 7.4.18** (29 Apr 2021) **Core:** * Fixed bug php#80781
(Error handler that throws ErrorException infinite loop). (Nikita) * Fixed bug
php#75776 (Flushing streams with compression filter is broken). (cmb) **Dba:**
* Fixed bug php#80817 (dba_popen() may cause segfault during RSHUTDOWN). (cmb)
**DOM:** * Fixed bug php#66783 (UAF when appending DOMDocument to element).
(cmb) **FPM:** * Fixed bug php#80024 (Duplication of info about inherited
socket after pool removing). (Jakub Zelenka) **FTP:** * Fixed bug php#80880
(SSL_read on shutdown, ftp/proc_open). (cmb, Jakub Zelenka) **Imap:** * Fixed
bug php#80710 (imap_mail_compose() header injection). (cmb, Stas) **Intl:** *
Fixed bug php#80763 (msgfmt_format() does not accept DateTime references). (cmb)
**LibXML:** * Fixed bug php#51903 (simplexml_load_file() doesn't use HTTP
headers). (cmb) * Fixed bug php#73533 (Invalid memory access in
php_libxml_xmlCheckUTF8). (cmb) **MySQLnd:** * Fixed bug php#80713 (SegFault
when disabling ATTR_EMULATE_PREPARES and MySQL 8.0). (Nikita) * Fixed bug
php#80837 (Calling stmt_store_result after fetch doesn't throw an error). (Kamil
Tekiela) **Opcache:** * Fixed bug php#80805 (create simple class and get error
in opcache.so). (Nikita) * Fixed bug php#80950 (Variables become null in if
statements). (Nikita) **Pcntl:** * Fixed bug php#79812 (Potential integer
overflow in pcntl_exec()). (cmb) **PCRE:** * Fixed bug php#80866 (preg_split
ignores limit flag when pattern with \K has 0-width fullstring match). (Kamil
Tekiela) **PDO_ODBC:** * Fixed bug php#80783 (PDO ODBC truncates BLOB records
at every 256th byte). (cmb) **PDO_pgsql:** * Fixed bug php#80892
(PDO::PARAM_INT is treated the same as PDO::PARAM_STR). (Matteo) **phpdbg:** *
Fixed bug php#80757 (Exit code is 0 when could not open file). (Felipe)
**Session:** * Fixed bug php#80774 (session_name() problem with backslash).
(cmb) * Fixed bug php#80889 (Cannot set save handler when save_handler is
invalid). (cmb) **SOAP:** * Fixed bug php#69668 (SOAP special XML characters
in namespace URIs not encoded). (cmb) **Standard:** * Fixed bug php#78719
(http wrapper silently ignores long Location headers). (cmb) * Fixed bug
php#80771 (phpinfo(INFO_CREDITS) displays nothing in CLI). (cmb) * Fixed bug
php#80838 (HTTP wrapper waits for HTTP 1 response after HTTP 101). (manuelm) *
Fixed bug php#80915 (Taking a reference to $_SERVER hides its values from
phpinfo()). (Rowan Tommins)
--------------------------------------------------------------------------------
ChangeLog:

* Tue May 4 2021 Remi Collet - 7.4.19-1
- Update to 7.4.19 -   http://www.php.net/releases/7_4_19.php
* Tue Apr 27 2021 Remi Collet - 7.4.18-1
- Update to 7.4.18 -   http://www.php.net/releases/7_4_18.php
* Tue Apr 13 2021 Remi Collet - 7.4.18~RC1-1
- update to 7.4.18RC1
* Tue Mar 16 2021 Remi Collet - 7.4.17~RC1-1
- update to 7.4.17RC1
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-eab9e0e415' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys