development/languages

php - PHP scripting language for creating dynamic web sites

Website: http://www.php.net/
License: PHP
Vendor: Scientific Linux
Description:
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated webpages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module which adds support for the PHP
language to Apache HTTP Server.

Packages

php-5.3.3-50.el6_10.i686 [1.1 MiB] Changelog by Remi Collet (2019-10-29):
- fix underflow in env_path_info in fpm_main.c CVE-2019-11043
php-5.3.3-48.el6_8.i686 [1.1 MiB] Changelog by Remi Collet (2016-07-25):
- don't set environmental variable based on user supplied Proxy
  request header CVE-2016-5385
php-5.3.3-46.el6_6.i686 [1.1 MiB] Changelog by Remi Collet (2015-07-03):
- fix gzfile accept paths with NUL character #1213407
- fix patch for CVE-2015-4024
php-5.3.3-40.el6_6.i686 [1.1 MiB] Changelog by Jan Kaluza (2014-10-23):
- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710
php-5.3.3-27.el6_5.2.i686 [1.1 MiB] Changelog by Remi Collet (2014-09-10):
- spl: fix use-after-free in ArrayIterator due to object
  change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- gd: fix NULL pointer dereference in gdImageCreateFromXpm.
  CVE-2014-2497
- fileinfo: fix incomplete fix for CVE-2012-1571 in
  cdf_read_property_info. CVE-2014-3587
- core: fix incomplete fix for CVE-2014-4049 DNS TXT
  record parsing. CVE-2014-3597
php-5.3.3-27.el6_5.1.i686 [1.1 MiB] Changelog by Remi Collet (2014-07-15):
- core: type confusion issue in phpinfo(). CVE-2014-4721
- date: fix heap-based buffer over-read in DateInterval. CVE-2013-6712
- core: fix heap-based buffer overflow in DNS TXT record parsing.
  CVE-2014-4049
- core: unserialize() SPL ArrayObject / SPLObjectStorage type
  confusion flaw. CVE-2014-3515
- fileinfo: out-of-bounds memory access in fileinfo. CVE-2014-2270
- fileinfo: unrestricted recursion in handling of indirect type
  rules. CVE-2014-1943
- fileinfo: out of bounds read in CDF parser. CVE-2012-1571
- fileinfo: cdf_check_stream_offset boundary check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check. CVE-2014-3480
- fileinfo: cdf_unpack_summary_info() excessive looping
  DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite
  loop. CVE-2014-0238
php-5.3.3-27.el6_5.i686 [1.1 MiB] Changelog by Remi Collet (2013-12-05):
- add security fix for CVE-2013-6420
php-5.3.3-26.el6.i686 [1.1 MiB] Changelog by Remi Collet (2013-08-19):
- add security fix for CVE-2013-4248
php-5.3.3-23.el6_4.i686 [1.1 MiB] Changelog by Remi Collet (2013-07-12):
- add security fix for CVE-2013-4113
php-5.3.3-22.el6.i686 [1.1 MiB] Changelog by Remi Collet (2012-11-29):
- php-xml provides php-xmlreader and php-xmlwriter (#874987)
- fix possible NULL derefence and buffer overflow (#879179)
- fix zend garbage collector (#848186, #868375)
php-5.3.3-14.el6_3.i686 [1.1 MiB] Changelog by Joe Orton (2012-06-25):
- add security fix for CVE-2010-2950
php-5.3.3-3.el6_2.8.i686 [1.1 MiB] Changelog by Joe Orton (2012-05-03):
- correct detection of = in CVE-2012-1823 fix (#818607)
php-5.3.3-3.el6_2.6.i686 [1.1 MiB] Changelog by Joe Orton (2012-02-02):
- add security fix for CVE-2012-0830 (#786743)
php-5.3.3-3.el6_2.5.i686 [1.1 MiB] Changelog by Vojtech Vitek (V-Teq) (2012-01-04):
- remove extra php.ini-prod/devel files caused by %patch -b

Listing created by Repoview-0.6.6-4.el7