New updated HardenedPHP packages are now available for download from our production repository.
Changelog
alt-php44-4.4.9-107
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79465: OOB Read in urldecode() (CVE-2020-7067)
alt-php51-5.1.6-134
- Fixed the bug #61597: SXE properties may lack attributes and content
- Fixed the bug #79200: Some iconv functions cut Windows-1258
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79364: When copy empty array, next key is unspecified
- Fixed the bug #79465: OOB Read in urldecode() (CVE-2020-7067)
- Fixed the bug #79410: system() swallows last chunk if it is exactly 4095 bytes without newline
alt-php52-5.2.17-166
- Fixed the bug #61597: SXE properties may lack attributes and content
- Fixed the bug #74940: DateTimeZone loose comparison always true
- Fixed the bug #79200: Some iconv functions cut Windows-1258
- Fixed the bug #79296: ZipArchive::open fails on empty file (libzip 1.6.0)
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79364: When copy empty array, next key is unspecified
- Fixed the bug #79396: setting Date/Time during a forward DST transition
- Fixed the bug #79410: system() swallows last chunk if it is exactly 4095 bytes without newline
- Fixed the bug #79465-CVE-2020-7067: OOB Read in urldecode()
alt-php53-5.3.29-128
- Fixed the bug #61597: SXE properties may lack attributes and content
- Fixed the bug #74940: DateTimeZone loose comparison always true
- Fixed the bug #79200: Some iconv functions cut Windows-1258
- Fixed the bug #79296: ZipArchive::open fails on empty file
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79364: When copy empty array, next key is unspecified
- Fixed the bug #79396: setting Date/Time during a forward DST transition
- Fixed the bug #79410: system() swallows last chunk if it is exactly 4095 bytes without newline
- Fixed the bug #79424: php_zip_glob uses gl_pathc after call to globfree
- Fixed the bug #79465-CVE-2020-7067: OOB Read in urldecode()
alt-php54-5.4.45-109
alt-php55-5.5.38-90
alt-php56-5.6.40-39
- Fixed the bug #61597: SXE properties may lack attributes and content
- Fixed the bug #74940: DateTimeZone loose comparison always true
- Fixed the bug #75673: SplStack::unserialize() behavior
- Fixed the bug #79200: Some iconv functions cut Windows-1258
- Fixed the bug #79296: ZipArchive::open fails on empty file
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79364: When copy empty array, next key is unspecified
- Fixed the bug #79396: setting Date/Time during a forward DST transition
- Fixed the bug #79410: system() swallows last chunk if it is exactly 4095 bytes without newline
- Fixed the bug #79424: php_zip_glob uses gl_pathc after call to globfree
- Fixed the bug #79465-CVE-2020-7067: OOB Read in urldecode()
alt-php70-7.0.33-40
- Fixed the bug #61597: SXE properties may lack attributes and content
- Fixed the bug #74940: DateTimeZone loose comparison always true
- Fixed the bug #75673: SplStack::unserialize() behavior
- Fixed the bug #79199: curl_copy_handle() memory leak
- Fixed the bug #79200: Some iconv functions cut Windows-1258
- Fixed the bug #79296: ZipArchive::open fails on empty file (libzip 1.6.0)
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79364: When copy empty array, next key is unspecified
- Fixed the bug #79393: Null coalescing operator failing with SplFixedArray
- Fixed the bug #79396: setting Date/Time during a forward DST transition
- Fixed the bug #79410: system() swallows last chunk if it is exactly 4095 bytes without newline
- Fixed the bug #79424: php_zip_glob uses gl_pathc after call to globfree
- Fixed the bug #79465: OOB Read in urldecode() (CVE-2020-7067)
- Fixed the bug #79468: SIGSEGV when closing stream handle with a stream filter appended
alt-php71-7.1.33-9
- Fixed the bug #61597: SXE properties may lack attributes and content
- Fixed the bug #74940: DateTimeZone loose comparison always true
- Fixed the bug #75673: SplStack::unserialize() behavior
- Fixed the bug #79199: curl_copy_handle() memory leak
- Fixed the bug #79200: Some iconv functions cut Windows-1258
- Fixed the bug #79296: ZipArchive::open fails on empty file (libzip 1.6.0)
- Fixed the bug #79330: shell_exec() silently truncates after a null byte
- Fixed the bug #79364: When copy empty array, next key is unspecified
- Fixed the bug #79393: Null coalescing operator failing with SplFixedArray
- Fixed the bug #79396: setting Date/Time during a forward DST transition
- Fixed the bug #79410: system() swallows last chunk if it is exactly 4095 bytes without newline
- Fixed the bug #79413: session_create_id() fails for active sessions
- Fixed the bug #79424: php_zip_glob uses gl_pathc after call to globfree
- Fixed the bug #79465: OOB Read in urldecode() (CVE-2020-7067)
- Fixed the bug #79468: SIGSEGV when closing stream handle with a stream filter appended
Update command
yum groupupdate alt-php
