HardenedPHP for EasyApache 4 has been scheduled for gradual rollout

Jun 16, 2020 6:38:37 PM / by Inessa Atmachian

 

hardenedPHP

New updated HardenedPHP packages for EasyApache 4 have been scheduled for gradual rollout from our production repository.

Rollout slot: 4

Rolled out to: 1%

ETA for 100% rollout: June, 23rd

Changelog

ea-php51-php-5.1.6-24.cloudlinux.19

  • Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes
  • Fix bug #78875: Long variables cause OOM and temp files are not cleaned. (CVE-2019-11048)
  • Fix bug #78876: Long variables in multipart/form-data cause OOM and temp files are not cleaned. (CVE-2019-11048)
  • Fix bug #79528: Different object of the same XML between 7.4.5 and 7.4.4

ea-php52-php-5.2.17-27.cloudlinux.27
ea-php53-php-5.3.29-29.cloudlinux.21
ea-php54-php-5.4.45-69.cloudlinux.2

  • Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes
  • Fix bug #78875: Long variables cause OOM and temp files are not cleaned (CVE-2019-11048)
  • Fix bug #78876: Long variables in multipart/form-data cause OOM and temp files are not cleaned (CVE-2019-11048)
  • Fix bug #79514: Memory leaks while including inexistent file
  • Fix bug #79528: Different object of the same XML between 7.4.5 and 7.4.4

ea-php55-php-5.5.38-52.cloudlinux.2
ea-php56-php-5.6.40-14.cloudlinux.2

  • Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes
  • Fix bug #78875: Long variables cause OOM and temp files are not cleaned (CVE-2019-11048)
  • Fix bug #78876: Long variables in multipart/form-data cause OOM and temp files are not cleaned (CVE-2019-11048)
  • Fix bug #79497: stream_socket_client() throws an unknown error sometimes with <1s timeout
  • Fix bug #79514: Memory leaks while including inexistent file
  • Fix bug #79528: Different object of the same XML between 7.4.5 and 7.4.4

ea-php70-php-7.0.33-15.cloudlinux.2
ea-php71-php-7.1.33-6.cloudlinux.2

  • Fix bug #78221: DOMNode::normalize() doesn't remove empty text nodes
  • Fix bug #78875: Long variables cause OOM and temp files are not cleaned (CVE-2019-11048)
  • Fix bug #78876: Long variables in multipart/form-data cause OOM and temp files are not cleaned (CVE-2019-11048)
  • Fix bug #79497: stream_socket_client() throws an unknown error sometimes with <1s timeout
  • Fix bug #79503: Memory leak on duplicate metadata
  • Fix bug #79514: Memory leaks while including inexistent file
  • Fix bug #79528: Different object of the same XML between 7.4.5 and 7.4.4

Update command

yum update ea-php*

Immediate update (via bypass)

yum update ea-php*--enablerepo=cloudlinux-ea4-rollout-4-bypass

Topics: HardenedPHP, EasyApache 4, Technical Blog, Gradual rollout

Inessa Atmachian

Written by Inessa Atmachian

Inessa Atmachian is a Technical Writer. She is responsible for developing technical product documentation for CloudLinux OS, KernelCare, and Imunify360 products. She provides customers with release notes and information on product updates.

    Subscribe to Email Updates

    Recent Posts