[ol7_latest] php-xml-5.4.16-48.el7.aarch64

Name:	php-xml
Version:	5.4.16
Release:	48.el7
Architecture:	aarch64
Group:	Development/Languages
Size:	484293
License:	PHP
RPM:	php-xml-5.4.16-48.el7.aarch64.rpm
Source RPM:	php-5.4.16-48.el7.src.rpm
Build Date:	Wed Apr 01 2020
Build Host:	ca-buildarm04.us.oracle.com
Vendor:	Oracle America
URL:	http://www.php.net/
Summary:	A module for PHP applications which use XML
Description:	The php-xml package contains dynamic shared objects which add support to PHP for manipulating XML documents using the DOM tree, and performing XSL transformations on XML documents.

Changelog (Show File list) (Show related packages)

Tue Oct 29 2019 Remi Collet <rcollet@redhat.com> - 5.4.16-48

- fix underflow in env_path_info in fpm_main.c CVE-2019-11043

Wed Aug 21 2019 Remi Collet <rcollet@redhat.com> - 5.4.16-47

- fix stack-buffer-overflow while parsing HTTP response CVE-2018-7584
- fix out-of-bounds read in base64_decode_xmlrpc CVE-2019-9024
- fix reflected XSS in phar 404 page CVE-2018-5712
- fix reflected XSS in phar 403 and 404 error pages CVE-2018-10547

Tue Jun 19 2018 Remi Collet <rcollet@redhat.com> - 5.4.16-46
```
- load openssl configuration file on startup #1408301
```

Tue Jan 23 2018 Remi Collet <rcollet@redhat.com> - 5.4.16-45

- gd: fix buffer over-read into uninitialized memory CVE-2017-7890

Thu Oct 12 2017 Remi Collet <rcollet@redhat.com> - 5.4.16-44

- fix php should provide php(httpd) #1215429
- fpm: backport PHP-FPM's clear_env option from 5.4.27 #1410010
  default value is "yes", preserving previous behaviour
- openssl: fix default_socket_timeout does not work with SSL #1378196

Wed Oct 04 2017 Remi Collet <rcollet@redhat.com> - 5.4.16-43

- gd: fix DoS vulnerability in gdImageCreateFromGd2Ctx() CVE-2016-10167
- gd: Signed Integer Overflow gd_io.c CVE-2016-10168

Fri Aug 05 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-42

- bz2: fix improper error handling in bzread() CVE-2016-5399

Mon Aug 01 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-41

- gd: fix integer overflow in _gd2GetHeader() resulting in
  heap overflow CVE-2016-5766
- gd: fix integer overflow in gdImagePaletteToTrueColor()
  resulting in heap overflow CVE-2016-5767
- mbstring: fix double free in _php_mb_regex_ereg_replace_exec
  CVE-2016-5768

Fri Jul 22 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-40

- don't set environmental variable based on user supplied Proxy
  request header CVE-2016-5385

Wed Jun 15 2016 Remi Collet <rcollet@redhat.com> - 5.4.16-39

- fix segmentation fault in header_register_callback #1344578