СloudLinux Blog

Beta: HardenedPHP for EasyApache 4 updated

Written by Inessa Atmachian | Mar 25, 2020 4:21:21 PM

 

New updated HardenedPHP packages for EasyApache4 are now available for download from our updates-testing repository.

Changelog

ea-php51-php-5.1.6-24.cloudlinux.16
ea-php52-php-5.2.17-27.cloudlinux.24

  • Fix bug #79282: Use-of-uninitialized-value in exif (CVE-2020-7064)
  • Fix bug #79329: get_headers silently truncates after a null byte (CVE-2020-7066)

ea-php53-php-5.3.29-29.cloudlinux.18
ea-php54-php-5.4.45-66.cloudlinux.4
ea-php55-php-5.5.38-49.cloudlinux.4
ea-php56-php-5.6.40-11.cloudlinux.4

  • Fix bug #79078: Hypothetical use-after-free in curl_multi_add_handle
  • Fix bug #79282: Use-of-uninitialized-value in exif (CVE-2020-7064)
  • Fix bug #79329: get_headers silently truncates after a null byte (CVE-2020-7066)

ea-php70-php-7.0.33-12.cloudlinux.3
ea-php71-php-7.1.33-4.cloudlinux.3

  • Fix bug #77569: Write Access Violation in DomImplementation
  • Fix bug #79078: Hypothetical use-after-free in curl_multi_add_handle
  • Fix bug #79282: Use-of-uninitialized-value in exif (CVE-2020-7064)
  • Fix bug #79329: get_headers silently truncates after a null byte (CVE-2020-7066)

Update command

yum update ea-php* --enablerepo=cl-ea4-testing