[SECURITY] Fedora 21 Update: php-5.6.2-1.fc21

updates at fedoraproject.org updates at fedoraproject.org
Sat Nov 1 16:41:03 UTC 2014

Fedora Update Notification
2014-10-16 16:56:56

Name        : php
Product     : Fedora 21
Version     : 5.6.2
Release     : 1.fc21
URL         : http://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

Update Information:

16 Oct 2014, PHP 5.6.2

* Fixed bug #68044 (Integer overflow in unserialize() (32-bits only)). (CVE-2014-3669) (Stas)

* Fixed bug #68089 (NULL byte injection - cURL lib). (Stas)

* Fixed bug #68113 (Heap corruption in exif_thumbnail()). (CVE-2014-3670) (Stas)

* Fixed bug #68027 (Global buffer overflow in mkgmtime() function). (CVE-2014-3668) (Stas)


This update can be installed with the "yum" update program.  Use
su -c 'yum update php' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the package-announce mailing list