LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Fedora alert FEDORA-2012-1262 (php)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 16 Update: php-5.3.10-1.fc16 


Date:
    	      Wed, 08 Feb 2012 22:56:30 +0000


Message-ID:
    	      <20120208225630.4930D21410@bastion01.phx2.fedoraproject.org>


Archive-link:
    	      Article, Thread
              


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2012-1262
2012-02-04 04:42:22
--------------------------------------------------------------------------------

Name        : php
Product     : Fedora 16
Version     : 5.3.10
Release     : 1.fc16
URL         : http://www.php.net/
Summary     : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module which adds support for the PHP
language to Apache HTTP Server.

--------------------------------------------------------------------------------
Update Information:

This update has the latest release of PHP, 5.3.10, which fixes a security issue.

A previous security fix introduced in PHP 5.3.9 allowed a remote user to crash the PHP interpreter,
or possibly execute arbitrary code.  (CVE-2012-0830)

--------------------------------------------------------------------------------
ChangeLog:

* Thu Feb  2 2012 Joe Orton <jorton@redhat.com> - 5.3.10-1
- update to 5.3.10
* Wed Jan 11 2012 Remi Collet <remi@fedoraproject.org> 5.3.9-1
- update to 5.3.9
  http://www.php.net/ChangeLog-5.php#5.3.9
- fix owner of /var/log/php-fpm (bug #773077)
- add max_input_vars, max_file_uploads, zend.enable_gc to php.ini
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #786686 - CVE-2012-0830 php: remote code exec flaw introduced in the CVE-2011-4885
hashdos fix
        https://bugzilla.redhat.com/show_bug.cgi?id=786686
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update php' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-...
(Log in to post comments)

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds