|
|
Subscribe / Log in / New account

Fedora alert FEDORA-2016-2460f713a1 (php-php-gettext)



From:
    	      updates@fedoraproject.org 


To:
    	      package-announce@lists.fedoraproject.org 


Subject:
    	      [SECURITY] Fedora 24 Update: php-php-gettext-1.0.12-1.fc24 


Date:
    	      Sat, 10 Dec 2016 00:29:17 +0000 (UTC)


Message-ID:
    	      <20161210002917.B412B6075007@bastion01.phx2.fedoraproject.org>


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2016-2460f713a1
2016-12-09 19:11:31.105211
--------------------------------------------------------------------------------

Name        : php-php-gettext
Product     : Fedora 24
Version     : 1.0.12
Release     : 1.fc24
URL         : https://launchpad.net/php-gettext
Summary     : Gettext emulation in PHP
Description :
This library provides PHP functions to read MO files even when gettext is
not compiled in or when appropriate locale is not present on the system.

--------------------------------------------------------------------------------
Update Information:

php-gettext 1.0.12 ==================    * Security fix for potential code
injection bug (LP#1515334)   * Do not assume mbstring functions are always
there, pass text through if they aren't (LP#734494)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1367462 - php-php-gettext: Arbitrary code execution in select_string, ngettext and
npgettext count parameter
        https://bugzilla.redhat.com/show_bug.cgi?id=1367462
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade php-php-gettext' at the command line.
For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgr...

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds