[ubuntu/zesty-proposed] hhvm 3.12.11+dfsg-1 (Accepted)
Jeremy Bicha
jeremy at bicha.net
Thu Dec 29 06:13:49 UTC 2016
hhvm (3.12.11+dfsg-1) unstable; urgency=medium
[ Moritz Muehlenhoff ]
* New upstream LTS releases, addressing multiple security issues.
(Closes: #835032)
From 3.12.2:
- CVE-2015-8865 - Buffer overwrite in finfo_open with malformed magic
- Integer overflow in iptcembed
- CVE-2016-3074 - Fix signedness issue in libgd
- CVE-2014-9709 - Fix a possible buffer read overflow in gd_gif_in.cpp
- Prevent a potential nullptr dereference in ext_xsl
- Don't segfault if you try to remove the last autoloader while
adding a new one
- CVE-2016-1903 - imagerotate information leak
- FILTER_FLAG_STRIP_BACKTICK` was being ignored unless other flags
are set
- CVE-2016-4539 - Fix a segfault in xml_parse_into_struct
- Fix a potential null dereference in ZipArchive::extractTo
- CVE-2016-4070 - Integer Overflow in php_raw_url_encode
From 3.12.3:
- CVE-2016-1000004 - Type safety in simplexml import routines
- CVE-2016-1000004 - Fix param types for mcrypt_get_block_size()
to match PHP
- CVE-2016-1000006 - Fix use-after-free in
serialize_memoize_param() and ResourceBundle::__construct()
- CVE-2016-6870 - Use req::strndup in php_mb_parse_encoding_list to
prevent oob memory write.
- HHVM-2016-11781481 - Fix nullptr dereference in
f_mysqli_stmt_bind{param,result}
- HHVM-2016-11791940 - Avoid invalid array access in JSON_decode()
- PHP-2016-0072337 - Fix a segfault with invalid dimensions and
imagescale out of bounds read in ext_gd
From 3.12.5:
- CVE-2016-1000109: Ignore Proxy HTTP header from fastcgi requests
From 3.12.6:
- CVE-2016-6871 - Fix buffer overrun due to integer overflow in bcmath
- CVE-2016-6872 - Fix integer overflow in StringUtil::implode
- CVE-2016-6873 - Fix self recursion in compact
- CVE-2016-6874 - Fix recursion checks in array_*_recursive
- CVE-2016-6875 - Fix infinite recursion in wddx
- PHP-2015-0070345 - [HHVM][Security] 0003 pcre preg bug 70345
From 3.12.8:
- ext_gd: exif_process_IFD_TAG: Use the right offset if reading from
stream
- Fix some color related crashes in libgd
- Don't allow smart_str to overflow int
- Integer overflow in _gd2GetHeader
- Fix objprof refcounting
- Fix buffer overruns in mb_send_mail
- Integer overflow in gdImagePaletteToTrueColor
- Null pointer dereference in _gdScaleVert
- pass2_no_dither out-of-bounds access
From 3.12.9:
- Fix off-by-one index check in ThreadSafeLocaleHandler::actuallySetLocale
- Prevent an integer overflow in _gdContributionsAlloc
- Fix a potential overflow in tsrm_virtual_file_ex
- Invalid transparent index can result in OOB read or write
- Do not treat negative return values from bz2 as size_t
- Fix OOB read in exif_process_IFD_in_MAKERNOTE
- Prevent an OOB access in locale_accept_from_http
- Avoid possible OOB using imagegif
- Disable bad zend test
- Add an option to explicitly disable NUMA support.
From 3.12.10:
- Fix a bug in StringUtil::Explode
- Fix a couple of bugs in libgd
From 3.12.11:
- Prevent integer overflow in gdImageWebpCtx
- Check depth values in json_decode
- Prevent negative gamma values being passed to imagegammacorrect
- Fix crypt with over-long salts
- Memory leak in exif_process_IFD_in_TIFF
- 9da Fix getimagesize returning FALSE on valid jpg
[ Faidon Liambotis ]
* Build against libmysqlclient, not libmysqlclient_r. Thanks to Robie Basak
for the bug report and patch. (Closes: #825077)
* Build-Depend on default-libmysqlclient-dev instead of libmysqlclient-dev.
(Closes: #845852)
* Add /bin/sh shebangs on maintainer scripts. (Closes: #843281)
* Remove update-alternatives --remove from postrm, already included in prerm
(and also causes a lintian warning).
* Remove David Martínez Moreno from the Uploaders, at the request of the MIA
team. (Closes: #843439)
* Fix FTBFS with GCC 6, by backporting an upstream fix. (Closes: #812023)
* Pass -fno-PIE/-no-pie to gcc to prevent a linking error with GCC 6's new
configuration (--enable-default-pie) in combination with HHVM's
hand-crafted assembly (translator-asm-helpers.S).
* Build-Depend on libssl1.0-dev, as HHVM is not ready for OpenSSL 1.1.0 yet.
(Closes: #828340)
* Remove Build-Depends on libc-client2007e-dev and thus disable the IMAP
extension. libc-client2007e-dev depends on libssl-dev 1.1.0, which
conflicts with libssl1.0-dev and is thus impossible to satisfy.
* Disable Folly's Fibers, as the current version is incompatible with Boost
1.61 and thus FTBFS. The incompatibility has been fixed upstream but is
too intrusive to backport, thus disable the functionality entirely.
(Closes: #839303)
* Temporarily disable the mcrouter extension as it requires Folly Fibers,
that were disabled in this version (see above).
* Backport an upstream fix to address an ICU Collation sort key
incompatibility with PHP.
* Backport an upstream fix to address a segfault when bzip2 and XMLReader
are being used together.
* Backport an upstream fix to address inconsistent regexp results when
running with a newer PCRE version (8.38 instead of 8.32).
* Disable test pcre_limit.php which now fails for unknown reasons;
upstream seemingly has disabled the test as well for a while with no ill
effects.
* Add a Documentation line to the systemd service file.
* Bump Standards-Version to 3.9.8, no changes needed.
Date: 2016-12-18 04:13:12.920394+00:00
Signed-By: Jeremy Bicha <jeremy at bicha.net>
https://launchpad.net/ubuntu/+source/hhvm/3.12.11+dfsg-1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Zesty-changes
mailing list