[SECURITY] Fedora 25 Update: php-7.0.10-1.fc25

-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2016-03518b366b 2016-09-05 17:51:00.339988 -------------------------------------------------------------------------------- Name : php Product : Fedora 25 Version : 7.0.10 Release : 1.fc25 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. The php package contains the module (often referred to as mod_php) which adds support for the PHP language to Apache HTTP Server. -------------------------------------------------------------------------------- Update Information: 18 Aug 2016 **PHP 7.0.10** **Core:** * Fixed bug php#72629 (Caught exception assignment to variables ignores references). (Laruence) * Fixed bug php#72594 (Calling an earlier instance of an included anonymous class fatals). (Laruence) * Fixed bug php#72581 (previous property undefined in Exception after deserialization). (Laruence) * Fixed bug php#72496 (Cannot declare public method with signature incompatible with parent private method). (Pedro Magalh��es) * Fixed bug php#72024 (microtime() leaks memory). (maroszek at gmx dot net) * Fixed bug php#71911 (Unable to set --enable-debug on building extensions by phpize on Windows). (Yuji Uchiyama) * Fixed bug causing ClosedGeneratorException being thrown into the calling code instead of the Generator yielding from. (Bob) * Implemented FR php#72614 (Support "nmake test" on building extensions by phpize). (Yuji Uchiyama) * Fixed bug php#72641 (phpize (on Windows) ignores PHP_PREFIX). (Yuji Uchiyama) * Fixed potential segfault in object storage freeing in shutdown sequence. (Bob) * Fixed bug php#72663 (Create an Unexpected Object and Don't Invoke __wakeup() in Deserialization). (Stas) * Fixed bug php#72681 (PHP Session Data Injection Vulnerability). (Stas) * Fixed bug php#72683 (getmxrr broken). (Anatol) * Fixed bug php#72742 (memory allocator fails to realloc small block to large one). (Stas) **Bz2:** * Fixed bug php#72837 (integer overflow in bzdecompress caused heap corruption). (Stas) **Calendar:** * Fixed bug php#67976 (cal_days_month() fails for final month of the French calendar). (cmb) * Fixed bug php#71894 (AddressSanitizer: global- buffer-overflow in zif_cal_from_jd). (cmb) **COM:** * Fixed bug php#72569 (DOTNET/COM array parameters broke in PHP7). (Anatol) **CURL:** * Fixed bug php#71709 (curl_setopt segfault with empty CURLOPT_HTTPHEADER). (Pierrick) * Fixed bug php#71929 (CURLINFO_CERTINFO data parsing error). (Pierrick) * Fixed bug php#72674 (Heap overflow in curl_escape). (Stas) **DOM:** * Fixed bug php#66502 (DOM document dangling reference). (Sean Heelan, cmb) **EXIF:** * Fixed bug php#72735 (Samsung picture thumb not read (zero size)). (Kalle, Remi) * Fixed bug php#72627 (Memory Leakage In exif_process_IFD_in_TIFF). (Stas) **Filter:** * Fixed bug php#71745 (FILTER_FLAG_NO_RES_RANGE does not cover whole 127.0.0.0/8 range). (bugs dot php dot net at majkl578 dot cz) **FPM:** * Fixed bug php#72575 (using --allow-to-run-as-root should ignore missing user). (gooh) **GD:** * Fixed bug php#72596 (imagetypes function won't advertise WEBP support). (cmb) * Fixed bug php#72604 (imagearc() ignores thickness for full arcs). (cmb) * Fixed bug php#70315 (500 Server Error but page is fully rendered). (cmb) * Fixed bug php#43828 (broken transparency of imagearc for truecolor in blendingmode). (cmb) * Fixed bug php#66555 (Always false condition in ext/gd/libgd/gdkanji.c). (cmb) * Fixed bug php#68712 (suspicious if-else statements). (cmb) * Fixed bug php#72697 (select_colors write out-of-bounds). (Stas) * Fixed bug php#72730 (imagegammacorrect allows arbitrary write access). (Stas) **Intl:** * Fixed bug php#72639 (Segfault when instantiating class that extends IntlCalendar and adds a property). (Laruence) * Partially fixed php#72506 (idn_to_ascii for UTS #46 incorrect for long domain names). (cmb) **mbstring:** * Fixed bug php#72691 (mb_ereg_search raises a warning if a match zero-width). (cmb) * Fixed bug php#72693 (mb_ereg_search increments search position when a match zero-width). (cmb) * Fixed bug php#72694 (mb_ereg_search_setpos does not accept a string's last position). (cmb) * Fixed bug php#72710 (`mb_ereg` causes buffer overflow on regexp compile error). (ju1ius) **Mcrypt:** * Fixed bug php#72782 (Heap Overflow due to integer overflows). (Stas) **Opcache:** * Fixed bug php#72590 (Opcache restart with kill_all_lockers does not work). (Keyur) **PCRE:** * Fixed bug php#72688 (preg_match missing group names in matches). (cmb) **PDO_pgsql:** * Fixed bug php#70313 (PDO statement fails to throw exception). (Matteo) **Reflection:** * Fixed bug php#72222 (ReflectionClass::export doesn't handle array constants). (Nikita Nefedov) **SimpleXML:** * Fixed bug php#72588 (Using global var doesn't work while accessing SimpleXML element). (Laruence) **SNMP:** * Fixed bug php#72708 (php_snmp_parse_oid integer overflow in memory allocation). (djodjo at gmail dot com) **SPL:** * Fixed bug php#55701 (GlobIterator throws LogicException). (Valentin V��LCIU) * Fixed bug php#72646 (SplFileObject::getCsvControl does not return the escape character). (cmb) * Fixed bug php#72684 (AppendIterator segfault with closed generator). (Pierrick) **SQLite3:** * Fixed bug php#72668 (Spurious warning when exception is thrown in user defined function). (Laruence) * Fixed bug php#72571 (SQLite3::bindValue, SQLite3::bindParam crash). (Laruence) * Implemented FR php#72653 (SQLite should allow opening with empty filename). (cmb) * Updated to SQLite3 3.13.0. (cmb) **Standard:** * Fixed bug php#72622 (array_walk + array_replace_recursive create references from nothing). (Laruence) * Fixed bug php#72152 (base64_decode $strict fails to detect null byte). (Lauri Kentt��) * Fixed bug php#72263 (base64_decode skips a character after padding in strict mode). (Lauri Kentt��) * Fixed bug php#72264 (base64_decode $strict fails with whitespace between padding). (Lauri Kentt��) * Fixed bug php#72330 (CSV fields incorrectly split if escape char followed by UTF chars). (cmb) **Streams:** * Fixed bug php#41021 (Problems with the ftps wrapper). (vhuk) * Fixed bug php#54431 (opendir() does not work with ftps:// wrapper). (vhuk) * Fixed bug php#72667 (opendir() with ftp:// attempts to open data stream for non-existent directories). (vhuk) * Fixed bug php#72771 (ftps:// wrapper is vulnerable to protocol downgrade attack). (Stas) **XMLRPC:** * Fixed bug php#72647 (xmlrpc_encode() unexpected output after referencing array elements). (Laruence) **Wddx:** * Fixed bug php#72564 (boolean always deserialized as "true") (Remi) * Fixed bug php#72142 (WDDX Packet Injection Vulnerability in wddx_serialize_value()). (Taoguang Chen) * Fixed bug php#72749 (wddx_deserialize allows illegal memory access) (Stas) * Fixed bug php#72750 (wddx_deserialize null dereference). (Stas) * Fixed bug php#72790 (wddx_deserialize null dereference with invalid xml). (Stas) * Fixed bug php#72771 (ftps:// wrapper is vulnerable to protocol downgrade attack). (Stas) **XMLRPC:** * Fixed bug php#72647 (xmlrpc_encode() unexpected output after referencing array elements). (Laruence) **Wddx:** * Fixed bug php#72564 (boolean always deserialized as "true") (Remi) * Fixed bug php#72142 (WDDX Packet Injection Vulnerability in wddx_serialize_value()). (Taoguang Chen) * Fixed bug php#72749 (wddx_deserialize allows illegal memory access) (Stas) * Fixed bug php#72750 (wddx_deserialize null dereference). (Stas) * Fixed bug php#72790 (wddx_deserialize null dereference with invalid xml). (Stas) * Fixed bug php#72799 (wddx_deserialize null dereference in php_wddx_pop_element). (Stas) **Zip:** * Fixed bug php#72660 (NULL Pointer dereference in zend_virtual_cwd). (Laruence) -------------------------------------------------------------------------------- This update can be installed with the "yum" update program. Use su -c 'yum update php' at the command line. For more information, refer to "Managing Software with yum", available at https://docs.fedoraproject.org/yum/. All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys --------------------------------------------------------------------------------