[ol7_latest] php-recode-5.4.16-42.el7.aarch64

Name:	php-recode
Version:	5.4.16
Release:	42.el7
Architecture:	aarch64
Group:	System Environment/Libraries
Size:	68917
License:	PHP
RPM:	php-recode-5.4.16-42.el7.aarch64.rpm
Source RPM:	php-5.4.16-42.el7.src.rpm
Build Date:	Thu May 03 2018
Build Host:	ca-buildarm01.us.oracle.com
Vendor:	Oracle America
URL:	http://www.php.net/
Summary:	A module for PHP applications for using the recode library
Description:	The php-recode package contains a dynamic shared object that will add support for using the recode library to PHP.

Changelog (Show File list) (Show related packages)

Fri Aug 05 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-42

- bz2: fix improper error handling in bzread() CVE-2016-5399

Mon Aug 01 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-41

- gd: fix integer overflow in _gd2GetHeader() resulting in
  heap overflow CVE-2016-5766
- gd: fix integer overflow in gdImagePaletteToTrueColor()
  resulting in heap overflow CVE-2016-5767
- mbstring: fix double free in _php_mb_regex_ereg_replace_exec
  CVE-2016-5768

Fri Jul 22 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-40

- don't set environmental variable based on user supplied Proxy
  request header CVE-2016-5385

Wed Jun 15 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-39

- fix segmentation fault in header_register_callback #1344578

Mon May 30 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-38

- curl: add options to enable TLS #1291667
- mysqli: fix segfault in mysqli_stmt::bind_result() when
  link is closed #1096800
- fpm: fix incorrectly defined SCRIPT_NAME variable when
  using Apache #1138563
- core: fix segfault when a zend_extension is loaded twice #1289457
- openssl: change default_md algo from MD5 to SHA1 #1073388
- wddx: fix segfault in php_wddx_serialize_var #1131979

Mon Apr 04 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-37
```
- session: fix segfault in session with rfc1867 #1297179
```

Wed Jun 10 2015 Remi Collet <rcollet@redhat.com> - 5.4.16-36

- fix more functions accept paths with NUL character #1213407

Fri Jun 05 2015 Remi Collet <rcollet@redhat.com> - 5.4.16-35

- core: fix multipart/form-data request can use excessive
  amount of CPU usage CVE-2015-4024
- fix various functions accept paths with NUL character
  CVE-2015-4025, CVE-2015-4026, #1213407
- fileinfo: fix denial of service when processing a crafted
  file #1213442
- ftp: fix integer overflow leading to heap overflow when
  reading FTP file listing CVE-2015-4022
- phar: fix buffer over-read in metadata parsing CVE-2015-2783
- phar: invalid pointer free() in phar_tar_process_metadata()
  CVE-2015-3307
- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329
- phar: fix memory corruption in phar_parse_tarfile caused by
  empty entry file name CVE-2015-4021
- soap: fix type confusion through unserialize #1222538
- apache2handler: fix pipelined request executed in deinitialized
  interpreter under httpd 2.4 CVE-2015-3330

Thu Apr 16 2015 Remi Collet <rcollet@redhat.com> - 5.4.16-34

- fix memory corruption in fileinfo module on big endian
  machines #1082624
- fix segfault in pdo_odbc on x86_64 #1159892
- fix segfault in gmp allocator #1154760

Fri Apr 10 2015 Remi Collet <rcollet@redhat.com> - 5.4.16-33

- core: use after free vulnerability in unserialize()
  CVE-2014-8142 and CVE-2015-0231
- core: fix use-after-free in unserialize CVE-2015-2787
- core: fix NUL byte injection in file name argument of
  move_uploaded_file() CVE-2015-2348
- date: use after free vulnerability in unserialize CVE-2015-0273
- enchant: fix heap buffer overflow in enchant_broker_request_dict
  CVE-2014-9705
- exif: free called on unitialized pointer CVE-2015-0232
- fileinfo: fix out of bounds read in mconvert CVE-2014-9652
- gd: fix buffer read overflow in gd_gif_in.c CVE-2014-9709
- phar: use after free in phar_object.c CVE-2015-2301
- soap: fix type confusion through unserialize