Fedora 19 Update: php-5.5.8-1.fc19

updates at fedoraproject.org updates at fedoraproject.org
Fri Jan 24 07:48:44 UTC 2014 

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-0581
2014-01-10 06:26:28
--------------------------------------------------------------------------------

Name        : php
Product     : Fedora 19
Version     : 5.5.8
Release     : 1.fc19
URL         : http://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

--------------------------------------------------------------------------------
Update Information:

9 Jan 2014, PHP 5.5.8

Core:
* Disallowed JMP into a finally block. (Laruence)
* Added validation of class names in the autoload process. (Dmitry)
* Fixed invalid C code in zend_strtod.c. (Lior Kaplan)
* Fixed bug #66041 (list() fails to unpack yielded ArrayAccess object). (Nikita)
* Fixed bug #65764 (generators/throw_rethrow FAIL with ZEND_COMPILE_EXTENDED_INFO). (Nikita)
* Fixed bug #61645 (fopen and O_NONBLOCK). (Mike)
* Fixed bug #66218 (zend_register_functions breaks reflection). (Remi)

Date:
* Fixed bug #66060 (Heap buffer over-read in DateInterval). (Remi)
* Fixed bug #65768 (DateTimeImmutable::diff does not work). (Nikita Nefedov)
  
DOM:
* Fixed bug #65196 (Passing DOMDocumentFragment to DOMDocument::saveHTML() Produces invalid Markup). (Mike)

Exif:
* Fixed bug #65873 (Integer overflow in exif_read_data()). (Stas)

Filter:
* Fixed bug #66229 (128.0.0.0/16 isn't reserved any longer). (Adam)

GD:
* Fixed bug #64405 (Use freetype-config for determining freetype2 dir(s)). (Adam)
    
PDO_odbc:
* Fixed bug #66311 (Stack smashing protection kills PDO/ODBC queries). (michael at orlitzky dot com)

MySQLi:
* Fixed bug #65486 (mysqli_poll() is broken on win x64). (Anatol)

OPCache:
* Fixed reavlidate_path=1 behavior to avoid caching of symlinks values. (Dmitry)
* Fixed Issue #140: "opcache.enable_file_override" doesn't respect "opcache.revalidate_freq". (Dmitry).

SNMP:
* Fixed SNMP_ERR_TOOBIG handling for bulk walk operations. (Boris Lytochkin)

SOAP
* Fixed bug #66112 (Use after free condition in SOAP extension). (martin dot koegler at brz dot gv dot at)

Sockets:
* Fixed bug #65923 (ext/socket assumes AI_V4MAPPED is defined). (Felipe)

XSL
* Fixed bug #49634 (Segfault throwing an exception in a XSL registered function). (Mike)

ZIP:
* Fixed Bug #66321 (ZipArchive::open() ze_obj->filename_len not real). (Remi)
--------------------------------------------------------------------------------
ChangeLog:

* Wed Jan  8 2014 Remi Collet <rcollet at redhat.com> 5.5.8-1
- update to 5.5.8
- drop conflicts with other opcode caches as both can
  be used only for user data cache
* Wed Dec 11 2013 Remi Collet <rcollet at redhat.com> 5.5.7-1
- update to 5.5.7, fix for CVE-2013-6420
- fix zend_register_functions breaks reflection, php bug 66218
- fix Heap buffer over-read in DateInterval, php bug 66060
- fix fix overflow handling bug in non-x86
* Wed Nov 13 2013 Remi Collet <remi at fedoraproject.org> 5.5.6-1
- update to 5.5.6
* Thu Oct 17 2013 Remi Collet <rcollet at redhat.com> - 5.5.5-1
- update to 5.5.5
* Thu Sep 19 2013 Remi Collet <rcollet at redhat.com> - 5.5.4-1
- update to 5.5.4
* Wed Aug 21 2013 Remi Collet <rcollet at redhat.com> - 5.5.3-1
- update to 5.5.3
* Mon Aug 19 2013 Remi Collet <rcollet at redhat.com> - 5.5.2-1
- update to 5.5.2, fixes for CVE-2011-4718 + CVE-2013-4248
- improve system libzip patch
* Mon Jul 22 2013 Remi Collet <rcollet at redhat.com> - 5.5.1-1
- update to 5.5.1
- add Provides: php(pdo-abi), for consistency with php(api)
  and php(zend-abi)
- improved description for mod_php
- fix opcache ZTS configuration (blacklists in /etc/php-zts.d)
- add missing man pages (phar, php-cgi)
* Fri Jul 12 2013 Remi Collet <rcollet at redhat.com> - 5.5.0-2
- add security fix for CVE-2013-4113
- add missing ASL 1.0 license
- 32k stack size seems ok for tests on both 32/64bits build
* Thu Jun 20 2013 Remi Collet <rcollet at redhat.com> 5.5.0-1
- update to 5.5.0 final
* Fri Jun 14 2013 Remi Collet <rcollet at redhat.com> 5.5.0-0.11.RC3
- also drop JSON from sources
- clean conditional for JSON (as removed from the sources)
- clean conditional for FPM (always build)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1048071 - php dies on chained assignment
        https://bugzilla.redhat.com/show_bug.cgi?id=1048071
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update php' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------

More information about the package-announce mailing list