(Dec 17) **PHP version 7.2.13** (06 Dec 2018) **ftp:** * Fixed bug php#77151 (ftp_close(): SSL_read on shutdown). (Remi) **CLI:** * Fixed bug php#77111 (php-win.exe corrupts unicode symbols from cli parameters). (Anatol) **Fileinfo:** * Fixed bug php#77095 (slowness regression in 7.2/7.3 (compared to 7.1)). (Anatol) **iconv:** * Fixed bug php#77147 (Fixing 60494 ignored
Archive for Other
(Dec 20) Jacob Baines discovered a flaw in the handling of the DSI Opensession command in Netatalk, an implementation of the AppleTalk Protocol Suite, allowing an unauthenticated user to execute arbitrary code with root privileges.
(Dec 20) Several security issues were fixed in the Linux kernel.
(Dec 20) Several security issues were fixed in the kernel.
(Dec 18) An update for ansible is now available for Ansible Engine 2.7. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 18) An update for ansible is now available for Ansible Engine 2. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 17) **Version 2.8.49** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas)
(Dec 17) **Version 3.4.20** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas) * bug #29436 [Cache] Fixed
(Dec 19) Several local side channel attacks and a denial of service via large Diffie-Hellman parameters were discovered in OpenSSL, a Secure Sockets Layer toolkit.
(Dec 19) An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 19) An update for ntp is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System (CVSS) base score, which
(Dec 17) **Version 4.1.9** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas) * bug #29436 [Cache] Fixed
(Dec 19) Update to 2.7.5 bugfix release. Fix for CVE-2018-16876
(Dec 18) An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 18) An update for kernel is now available for Red Hat Enterprise Linux 7.5 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(Dec 17) – Update to 2.14.1 – CVE-2018-19608 (#1656784) Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2018-03 —- – Update to 2.14.0 Release notes:
(Dec 18) New version 2.6.5, contains fixes for CVE-2018-19622, CVE-2018-19623, CVE-2018-19624, CVE-2018-19625, CVE-2018-19626, CVE-2018-19627, CVE-2018-19628
(Dec 17) An update for ghostscript is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability
(Dec 17) An update for firefox is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from
(Dec 17) **Version 3.4.20** (2018-12-06) * security [CVE-2018-19790](https://symfony.com/cve-2018-19790) [Security\Http] detect bad redirect targets using backslashes (@xabbuh) * security [CVE-2018-19789](https://symfony.com/cve-2018-19789) [Form] Filter file uploads out of regular form types (@nicolas-grekas) * bug #29436 [Cache] Fixed
(Dec 17) – Update to 2.14.1 – CVE-2018-19608 (#1656784) Release notes: https://tls.mbed.org/tech- updates/releases/mbedtls-2.14.1-2.7.8-and-2.1.17-released Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security- advisory-2018-03 —- – Update to 2.14.0 Release notes:
(Dec 17) Updated packages are now available for Red Hat Gluster Storage 3.4 Web Administration on Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(Dec 16) Fixes CVE-2018-16855 (Crafted query can cause a denial of service) —- New upstream release with security fixes for CVE-2018-10851, CVE-2018-14626 and CVE-2018-14644
(Dec 16) New upstream version 1.8.2. Fix low priority security issue with TLS: https://www.redhat.com/archives/libguestfs/2018-December/msg00047.html —- New upstream version 1.8.1. —- Rebase to new stable version 1.8.0. —- nbdkit metapackage should depend on versioned -server subpackage etc. —- New upstream version 1.6.3.
(Dec 11) This stable update contains important fixes across the tree including an important fix for a bug that causes filesystem corruption in some cases.
(Dec 11) Security fix for CVE-2018-19044, CVE-2018-19045, CVE-2018-19046, CVE-2018-19115
(Dec 10) An update for rh-git218-git is now available for Red Hat Software Collections. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,
(Dec 12) Security fix for CVE-2018-18311, CVE-2018-18312, CVE-2018-18313 and CVE-2018-18314
(Dec 13) Update to released upstream 2.6.1
(Dec 11) USN-3837-1 introduced a regression in poppler.