Beta: HardenedPHP for EasyApache 4 updated

Mar 5, 2020 11:16:02 PM / by Inessa Atmachian

 

hardened_php1

New updated HardenedPHP packages for EasyApache4 are now available for download from our updates-testing repository.

ea-php51-php-5.1.6-24.cloudlinux.15

  • Fix a bug #79099: OOB read in php_strip_tags_ex (CVE-2020-7059)

ea-php52-php-5.2.17-27.cloudlinux.23
ea-php53-php-5.3.29-29.cloudlinux.17

  • Fix a bug #79099: OOB read in php_strip_tags_ex (CVE-2020-7059)
  • Fix a bug #79082: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)

ea-php54-php-5.4.45-66.cloudlinux.3
ea-php55-php-5.5.38-49.cloudlinux.3  
ea-php56-php-5.6.40-11.cloudlinux.3  
ea-php70-php-7.0.33-12.cloudlinux.2

  • Fix a bug #79099: OOB read in php_strip_tags_ex (CVE-2020-7059)
  • Fix a bug #79037: global buffer-overflow in `mbfl_filt_conv_big5_wchar` (CVE-2020-7060)
  • Fix a bug #79082: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)
  • Fix a bug #79221: Null Pointer Dereference in PHP Session Upload Progress (CVE-2020-7062)

ea-php71-php-7.1.33-4.cloudlinux.2

  • Fix a bug #79099: OOB read in php_strip_tags_ex (CVE-2020-7059)
  • Fix a bug #79037: global buffer-overflow in `mbfl_filt_conv_big5_wchar` (CVE-2020-7060)
  • Fix a bug #79082: Files added to tar with Phar::buildFromIterator have all-access permissions (CVE-2020-7063)
  • Fix a bug #79091: heap use-after-free in session_create_id()
  • Fix a bug #79221: Null Pointer Dereference in PHP Session Upload Progress (CVE-2020-7062)

Update command

yum update ea-php* --enablerepo=cl-ea4-testing

Topics: HardenedPHP, EasyApache 4, Technical Blog

Inessa Atmachian

Written by Inessa Atmachian

Inessa Atmachian is a Technical Writer. She is responsible for developing technical product documentation for CloudLinux OS, KernelCare, and Imunify360 products. She provides customers with release notes and information on product updates.

    Subscribe to Email Updates

    Recent Posts