[SECURITY] Fedora 21 Update: php-5.6.2-1.fc21

Sat Nov 1 16:41:03 UTC 2014

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2014-12983
2014-10-16 16:56:56
--------------------------------------------------------------------------------

Name        : php
Product     : Fedora 21
Version     : 5.6.2
Release     : 1.fc21
URL         : http://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

--------------------------------------------------------------------------------
Update Information:

16 Oct 2014, PHP 5.6.2

Core:
* Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669) (Stas)

cURL:
* Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)

EXIF:
* Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670) (Stas)

XMLRPC:
* Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668) (Stas)

--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update php' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------