PHP 5.6.22 has been released either yesterday or today (May 26-27). It has not yet been announced. You can see the ChangeLog in git: http://git.php.net/?p=php-src.git;a=blob;f=NEWS;h=ede10a8827695d41640e32b4a7e3939ba7608de1;hb=6e5958e37d9e04271216aa945168ee5bbf87a3f6 Some of the fixes are security related. CVE request for them is here: http://openwall.com/lists/oss-security/2016/05/25/3 The GD issue was fixed upstream in libgd in 2013, so it doesn't affect us. Advisory: ======================== Updated php packages fix security vulnerabilities: The php package has been updated to version 5.6.22, which fixes several security issues and other bugs. See the upstream ChangeLog for more details. References: http://www.php.net/ChangeLog-5.php#5.6.22 ======================== Updated packages in core/updates_testing: ======================== php-ini-5.6.22-1.mga5 apache-mod_php-5.6.22-1.mga5 php-cli-5.6.22-1.mga5 php-cgi-5.6.22-1.mga5 libphp5_common5-5.6.22-1.mga5 php-devel-5.6.22-1.mga5 php-openssl-5.6.22-1.mga5 php-zlib-5.6.22-1.mga5 php-doc-5.6.22-1.mga5 php-bcmath-5.6.22-1.mga5 php-bz2-5.6.22-1.mga5 php-calendar-5.6.22-1.mga5 php-ctype-5.6.22-1.mga5 php-curl-5.6.22-1.mga5 php-dba-5.6.22-1.mga5 php-dom-5.6.22-1.mga5 php-enchant-5.6.22-1.mga5 php-exif-5.6.22-1.mga5 php-fileinfo-5.6.22-1.mga5 php-filter-5.6.22-1.mga5 php-ftp-5.6.22-1.mga5 php-gd-5.6.22-1.mga5 php-gettext-5.6.22-1.mga5 php-gmp-5.6.22-1.mga5 php-hash-5.6.22-1.mga5 php-iconv-5.6.22-1.mga5 php-imap-5.6.22-1.mga5 php-interbase-5.6.22-1.mga5 php-intl-5.6.22-1.mga5 php-json-5.6.22-1.mga5 php-ldap-5.6.22-1.mga5 php-mbstring-5.6.22-1.mga5 php-mcrypt-5.6.22-1.mga5 php-mssql-5.6.22-1.mga5 php-mysql-5.6.22-1.mga5 php-mysqli-5.6.22-1.mga5 php-mysqlnd-5.6.22-1.mga5 php-odbc-5.6.22-1.mga5 php-opcache-5.6.22-1.mga5 php-pcntl-5.6.22-1.mga5 php-pdo-5.6.22-1.mga5 php-pdo_dblib-5.6.22-1.mga5 php-pdo_firebird-5.6.22-1.mga5 php-pdo_mysql-5.6.22-1.mga5 php-pdo_odbc-5.6.22-1.mga5 php-pdo_pgsql-5.6.22-1.mga5 php-pdo_sqlite-5.6.22-1.mga5 php-pgsql-5.6.22-1.mga5 php-phar-5.6.22-1.mga5 php-posix-5.6.22-1.mga5 php-readline-5.6.22-1.mga5 php-recode-5.6.22-1.mga5 php-session-5.6.22-1.mga5 php-shmop-5.6.22-1.mga5 php-snmp-5.6.22-1.mga5 php-soap-5.6.22-1.mga5 php-sockets-5.6.22-1.mga5 php-sqlite3-5.6.22-1.mga5 php-sybase_ct-5.6.22-1.mga5 php-sysvmsg-5.6.22-1.mga5 php-sysvsem-5.6.22-1.mga5 php-sysvshm-5.6.22-1.mga5 php-tidy-5.6.22-1.mga5 php-tokenizer-5.6.22-1.mga5 php-xml-5.6.22-1.mga5 php-xmlreader-5.6.22-1.mga5 php-xmlrpc-5.6.22-1.mga5 php-xmlwriter-5.6.22-1.mga5 php-xsl-5.6.22-1.mga5 php-wddx-5.6.22-1.mga5 php-zip-5.6.22-1.mga5 php-fpm-5.6.22-1.mga5 phpdbg-5.6.22-1.mga5 from php-5.6.22-1.mga5.src.rpm
CVEs: http://www.openwall.com/lists/oss-security/2016/05/26/3 They're also listed on the upstream ChangeLog. Advisory: ======================== Updated php packages fix security vulnerabilities: In php-intl, get_icu_value_internal out-of-bounds read (CVE-2016-5093). Integer Overflow in php_html_entities (CVE-2016-5094). Integer underflow / arbitrary null write in fread/gzread (CVE-2016-5096). The php package has been updated to version 5.6.22, which fixes these security issues and other bugs. See the upstream ChangeLog for more details. References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5093 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5094 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5096 http://www.php.net/ChangeLog-5.php#5.6.22
mg5-64 Installed the following The following 78 packages are going to be installed: - apache-mod_php-5.6.22-1.mga5.x86_64 - lib64fbclient2-2.5.3.26778-4.mga5.x86_64 - lib64php5_common5-5.6.22-1.mga5.x86_64 - lib64t1lib5-5.1.2-18.mga5.x86_64 - lib64tidy0.99_0-20090904-9.mga5.x86_64 - lib64xmlrpc-epi0-0.54.2-5.mga5.x86_64 - net-snmp-mibs-5.7.2-23.mga5.x86_64 - php-bcmath-5.6.22-1.mga5.x86_64 - php-bz2-5.6.22-1.mga5.x86_64 - php-calendar-5.6.22-1.mga5.x86_64 - php-cgi-5.6.22-1.mga5.x86_64 - php-cli-5.6.22-1.mga5.x86_64 - php-ctype-5.6.22-1.mga5.x86_64 - php-curl-5.6.22-1.mga5.x86_64 - php-dba-5.6.22-1.mga5.x86_64 - php-devel-5.6.22-1.mga5.x86_64 - php-doc-5.6.22-1.mga5.noarch - php-dom-5.6.22-1.mga5.x86_64 - php-enchant-5.6.22-1.mga5.x86_64 - php-exif-5.6.22-1.mga5.x86_64 - php-fileinfo-5.6.22-1.mga5.x86_64 - php-filter-5.6.22-1.mga5.x86_64 - php-fpm-5.6.22-1.mga5.x86_64 - php-ftp-5.6.22-1.mga5.x86_64 - php-gd-5.6.22-1.mga5.x86_64 - php-gettext-5.6.22-1.mga5.x86_64 - php-gmp-5.6.22-1.mga5.x86_64 - php-hash-5.6.22-1.mga5.x86_64 - php-iconv-5.6.22-1.mga5.x86_64 - php-imap-5.6.22-1.mga5.x86_64 - php-ini-5.6.22-1.mga5.x86_64 - php-interbase-5.6.22-1.mga5.x86_64 - php-intl-5.6.22-1.mga5.x86_64 - php-json-5.6.22-1.mga5.x86_64 - php-ldap-5.6.22-1.mga5.x86_64 - php-mbstring-5.6.22-1.mga5.x86_64 - php-mcrypt-5.6.22-1.mga5.x86_64 - php-mssql-5.6.22-1.mga5.x86_64 - php-mysql-5.6.22-1.mga5.x86_64 - php-mysqli-5.6.22-1.mga5.x86_64 - php-mysqlnd-5.6.22-1.mga5.x86_64 - php-odbc-5.6.22-1.mga5.x86_64 - php-opcache-5.6.22-1.mga5.x86_64 - php-openssl-5.6.22-1.mga5.x86_64 - php-pcntl-5.6.22-1.mga5.x86_64 - php-pdo-5.6.22-1.mga5.x86_64 - php-pdo_dblib-5.6.22-1.mga5.x86_64 - php-pdo_firebird-5.6.22-1.mga5.x86_64 - php-pdo_mysql-5.6.22-1.mga5.x86_64 - php-pdo_odbc-5.6.22-1.mga5.x86_64 - php-pdo_pgsql-5.6.22-1.mga5.x86_64 - php-pdo_sqlite-5.6.22-1.mga5.x86_64 - php-pgsql-5.6.22-1.mga5.x86_64 - php-phar-5.6.22-1.mga5.x86_64 - php-posix-5.6.22-1.mga5.x86_64 - php-recode-5.6.22-1.mga5.x86_64 - php-session-5.6.22-1.mga5.x86_64 - php-shmop-5.6.22-1.mga5.x86_64 - php-snmp-5.6.22-1.mga5.x86_64 - php-soap-5.6.22-1.mga5.x86_64 - php-sockets-5.6.22-1.mga5.x86_64 - php-sqlite3-5.6.22-1.mga5.x86_64 - php-sybase_ct-5.6.22-1.mga5.x86_64 - php-sysvmsg-5.6.22-1.mga5.x86_64 - php-sysvsem-5.6.22-1.mga5.x86_64 - php-sysvshm-5.6.22-1.mga5.x86_64 - php-tidy-5.6.22-1.mga5.x86_64 - php-tokenizer-5.6.22-1.mga5.x86_64 - php-wddx-5.6.22-1.mga5.x86_64 - php-xml-5.6.22-1.mga5.x86_64 - php-xmlreader-5.6.22-1.mga5.x86_64 - php-xmlrpc-5.6.22-1.mga5.x86_64 - php-xmlwriter-5.6.22-1.mga5.x86_64 - php-xsl-5.6.22-1.mga5.x86_64 - php-zip-5.6.22-1.mga5.x86_64 - php-zlib-5.6.22-1.mga5.x86_64 - phpdbg-5.6.22-1.mga5.x86_64 - t1lib-config-5.1.2-18.mga5.x86_64 7.2MB of additional disk space will be used. 17MB of packages will be retrieved. ------------ From browser ran some of my old tests. //error class begin 5.6.22 Outer try Middle try Middle finally Inner try Inner finally Outer catch Outer finally //error test end ---that worked properly ------------------ next I reviewed https://bugs.php.net/bug.php?id=72114 and tried the test in there. It worked. [brian@localhost pp]$ php gzread.php PHP Warning: gzread(): Length parameter must be no more than 2147483647 in /home/brian/pp/gzread.php on line 7 [brian@localhost pp]$ ls -ltr total 8 -rw-rw-r-- 1 brian brian 809 May 28 06:25 fread.php -rw-rw-r-- 1 brian brian 128 May 28 06:31 gzread.php [brian@localhost pp]$
CC: (none) => brtians1Whiteboard: (none) => MGA5-64-OK
Created attachment 7872 [details] fread sub-program for test This file is called by the next I'll upload.
Created attachment 7873 [details] calling program to fread
Trying M5 x64, updated 45 installed PHP pkgs: apache-mod_php-5.6.22-1.mga5 lib64php5_common5-5.6.22-1.mga5 php-bcmath-5.6.22-1.mga5 php-bz2-5.6.22-1.mga5 php-cli-5.6.22-1.mga5 php-ctype-5.6.22-1.mga5 php-curl-5.6.22-1.mga5 php-dom-5.6.22-1.mga5 php-fileinfo-5.6.22-1.mga5 php-filter-5.6.22-1.mga5 php-ftp-5.6.22-1.mga5 php-gd-5.6.22-1.mga5 php-gettext-5.6.22-1.mga5 php-hash-5.6.22-1.mga5 php-iconv-5.6.22-1.mga5 php-ini-5.6.22-1.mga5 php-intl-5.6.22-1.mga5 php-json-5.6.22-1.mga5 php-ldap-5.6.22-1.mga5 php-mbstring-5.6.22-1.mga5 php-mcrypt-5.6.22-1.mga5 php-mysql-5.6.22-1.mga5 php-mysqli-5.6.22-1.mga5 php-mysqlnd-5.6.22-1.mga5 php-openssl-5.6.22-1.mga5 php-pdo-5.6.22-1.mga5 php-pdo_pgsql-5.6.22-1.mga5 php-pdo_sqlite-5.6.22-1.mga5 php-pgsql-5.6.22-1.mga5 php-posix-5.6.22-1.mga5 php-session-5.6.22-1.mga5 php-snmp-5.6.22-1.mga5 php-soap-5.6.22-1.mga5 php-sockets-5.6.22-1.mga5 php-sqlite3-5.6.22-1.mga5 php-sysvsem-5.6.22-1.mga5 php-sysvshm-5.6.22-1.mga5 php-tidy-5.6.22-1.mga5 php-tokenizer-5.6.22-1.mga5 php-xml-5.6.22-1.mga5 php-xmlreader-5.6.22-1.mga5 php-xmlrpc-5.6.22-1.mga5 php-xmlwriter-5.6.22-1.mga5 php-zip-5.6.22-1.mga5 php-zlib-5.6.22-1.mga5 Three small test scripts: https://bugs.mageia.org/show_bug.cgi?id=18562#c1 yielded errors that were also apparent *before* this PHP update: $ php foo.php PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/extensions/gd.so' - /usr/lib64/php/extensions/gd.so: undefined symbol: gdImageCreateFromWebp in Unknown on line 0 PHP Fatal error: Call to undefined function imagecreatetruecolor() in /home/lewis/tmp/foo.php on line 2 $ php gdtest.php PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/extensions/gd.so' - /usr/lib64/php/extensions/gd.so: undefined symbol: gdImageCreateFromWebp in Unknown on line 0 PHP Fatal error: Call to undefined function imagecreatetruecolor() in /home/lewis/tmp/gdtest.php on line 2 $ php phpfread.php PHP Warning: PHP Startup: Unable to load dynamic library '/usr/lib64/php/extensions/gd.so' - /usr/lib64/php/extensions/gd.so: undefined symbol: gdImageCreateFromWebp in Unknown on line 0 I will play with some PHP applications, but prefer to clear up this problem because it effects Bug 18562 also.
CC: (none) => lewyssmith
Sorry, should be fixed with libgd-2.2.1-1.1.mga5.
Re-trying M5 x64 with gd-utils-2.2.1-1.1.mga5 lib64gd3-2.2.1-1.1.mga5 Alas, without re-logging in or re-booting, same results as Comment 5.
Should be fixed for real with libgd-2.2.1-1.2.mga5.
Testing M5 x64, with: gd-utils-2.2.1-1.2.mga5 lib64gd3-2.2.1-1.2.mga5 Thanks David for fixing these so quickly. The two miniscripts shown in https://bugs.mageia.org/show_bug.cgi?id=18562#c1 now work correctly: $ php foo.php $ php gdtest.php and the test scripts from Brian (thanks for collecting same) in Comments 2,3,4 here give the expected result: $ php gzread.php PHP Warning: gzread(): Length parameter must be no more than 2147483647 in /home/lewis/tmp/gzread.php on line 7 In addition I have tested PHP with several major applications: Cacti, Drupal, MediaWiki, Moodle, PHPmyadmin, PHPpgadmin; no new problem noted. So I second Brian's x64 OK.
My usual php cgi test cases work fine, Mageia 5 i586.
Whiteboard: MGA5-64-OK => MGA5-32-OK MGA5-64-OK
(In reply to David Walser from comment #10) > My usual php cgi test cases work fine, Mageia 5 i586. Thanks for that, David. Validating this update.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
LWN reference for CVE-2016-5094: http://lwn.net/Vulnerabilities/689280/
URL: (none) => http://lwn.net/Vulnerabilities/689260/
Advisory added with.. - php-5.6.22-1.mga5 - libgd-2.2.1-1.2.mga5
Whiteboard: MGA5-32-OK MGA5-64-OK => advisory MGA5-32-OK MGA5-64-OK
(In reply to claire robinson from comment #13) > Advisory added with.. > > - php-5.6.22-1.mga5 > - libgd-2.2.1-1.2.mga5 libgd should be in the advisory for Bug 18562 actually, not this bug.
noticed just after i commented. Corrected now.
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0213.html
Status: NEW => RESOLVEDResolution: (none) => FIXED