Repository 32bit  Forum
Repository 64bit  Wiki
Thu Feb 7 22:28:19 UTC 2019
patches/packages/php-5.6.40-i586-1_slack14.2.txz: Upgraded.
  Several security bugs have been fixed in this release:
  GD:
  Fixed bug #77269 (efree() on uninitialized Heap data in imagescale leads
  to use-after-free).
  Fixed bug #77270 (imagecolormatch Out Of Bounds Write on Heap).
  Mbstring:
  Fixed bug #77370 (Buffer overflow on mb regex functions - fetch_token).
  Fixed bug #77371 (heap buffer overflow in mb regex functions -
  compile_string_node).
  Fixed bug #77381 (heap buffer overflow in multibyte match_at).
  Fixed bug #77382 (heap buffer overflow due to incorrect length in
  expand_case_fold_string).
  Fixed bug #77385 (buffer overflow in fetch_token).
  Fixed bug #77394 (Buffer overflow in multibyte case folding - unicode).
  Fixed bug #77418 (Heap overflow in utf32be_mbc_to_code).
  Phar:
  Fixed bug #77247 (heap buffer overflow in phar_detect_phar_fname_ext).
  Xmlrpc:
  Fixed bug #77242 (heap out of bounds read in xmlrpc_decode()).
  Fixed bug #77380 (Global out of bounds read in xmlrpc base64 code).
  For more information, see:
  https://php.net/ChangeLog-5.php#5.6.40
  (* Security fix *)