[ol7_software_collections] rh-php71-php-7.1.8-1.el7.aarch64

PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

This package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP 2.4 Server.

Changelog (Show File list) (Show related packages)

• Tue Aug 08 2017 Remi Collet <rcollet@redhat.com> - 7.1.8-1

  - rebase to 7.1.8 #1465319
  - drop upstream oniguruma patch

• Thu Jun 08 2017 Remi Collet <rcollet@redhat.com> - 7.1.6-1

  - rebase to 7.1.6

• Fri Jun 02 2017 Remi Collet <rcollet@redhat.com> - 7.1.5-2

  - fix License, timelib is MIT
  - add upstream security patches for oniguruma CVE-2017-9224,
    CVE-2017-9226, CVE-2017-9227, CVE-2017-9228, CVE-2017-9229

• Thu Jun 01 2017 Remi Collet <rcollet@redhat.com> - 7.1.5-1

  - update to 7.1.5 for rh-php71 in rhscl 3.0

• Wed Nov 02 2016 Remi Collet <rcollet@redhat.com> - 7.0.10-2

  - fix definition of php_* macros #1390885

• Tue Sep 06 2016 Remi Collet <rcollet@redhat.com> - 7.0.10-1

  - rebase to 7.0.10 #1365397
  - fix default include_path

• Thu Jul 21 2016 Remi Collet <rcollet@redhat.com> - 7.0.9-1

  - update to 7.0.9 for RHSCL 2.3

• Mon Feb 15 2016 Remi Collet <rcollet@redhat.com> - 5.6.5-8

  - Phar: fix segmentation fault in Phar::convertToData on
    invalid file CVE-2015-5589
  - Phar: fix buffer overflow and stack smashing error in
    phar_fix_filepath CVE-2015-5590
  - Phar: fix files from archive can be extracted outside of
    destination directory using phar CVE-2015-6833
  - Phar: NULL pointer dereference in phar_get_fp_offset()
    CVE-2015-7803
  - Phar: uninitialized pointer in phar_make_dirstream()
    CVE-2015-7804
  - Xslt: fix NULL pointer dereference in XSLTProcessor class
    CVE-2015-6837 CVE-2015-6838
  - Core: fix use-after-free vulnerability in session
    deserializer CVE-2015-6835
  - Core:  fix multiple unserialization use-after-free issues
    CVE-2015-6834
  - Spl: fix dangling pointer in the unserialization of
    ArrayObject items CVE-2015-6832
  - Spl: fix Use After Free Vulnerability in unserialize()
    CVE-2015-6831
  - Soap: fix type confusion in SOAP serialize_function_call()
    CVE-2015-6836

• Wed Jun 10 2015 Remi Collet <rcollet@redhat.com> - 5.6.5-7

  - fix more functions accept paths with NUL character #1213407

• Tue Jun 09 2015 Remi Collet <rcollet@redhat.com> - 5.6.5-6

  - core: fix multipart/form-data request can use excessive
    amount of CPU usage CVE-2015-4024
  - fix various functions accept paths with NUL character
    CVE-2015-4025, CVE-2015-4026, #1213407
  - fileinfo: fix denial of service when processing a crafted
    file #1213442
  - ftp: fix integer overflow leading to heap overflow when
    reading FTP file listing CVE-2015-4022
  - phar: fix buffer over-read in metadata parsing CVE-2015-2783
  - phar: invalid pointer free() in phar_tar_process_metadata()
    CVE-2015-3307
  - phar: fix buffer overflow in phar_set_inode() CVE-2015-3329
  - phar: fix memory corruption in phar_parse_tarfile caused by
    empty entry file name CVE-2015-4021
  - pgsql: fix NULL pointer dereference CVE-2015-1352
  - soap: fix type confusion through unserialize #1222538
  - apache2handler: fix pipelined request executed in deinitialized
    interpreter under httpd 2.4 CVE-2015-3330