[ol7_software_collections] php55-php-pdo-5.5.21-5.el7.x86_64

Name:	php55-php-pdo
Version:	5.5.21
Release:	5.el7
Architecture:	x86_64
Group:	Development/Languages
Size:	196979
License:	PHP
RPM:	php55-php-pdo-5.5.21-5.el7.x86_64.rpm
Source RPM:	php55-php-5.5.21-5.el7.src.rpm
Build Date:	Mon Sep 19 2016
Build Host:	x86-ol7-builder-01.us.oracle.com
Vendor:	Oracle America
URL:	http://www.php.net/
Summary:	A database access abstraction module for PHP applications
Description:	The php55-php-pdo package contains a dynamic shared object that will add a database access abstraction layer to PHP. This module provides a common interface for accessing MySQL, PostgreSQL or other databases.

Changelog (Show File list) (Show related packages)

Fri Jul 22 2016 Remi Collet <rcollet@redhat.com> - 5.5.21-5

- don't set environmental variable based on user supplied Proxy
  request header CVE-2016-5385

Wed Jun 10 2015 Remi Collet <rcollet@redhat.com> - 5.5.21-4

- fix more functions accept paths with NUL character #1213407

Tue Jun 09 2015 Remi Collet <rcollet@redhat.com> - 5.5.21-3

- core: fix multipart/form-data request can use excessive
  amount of CPU usage CVE-2015-4024
- fix various functions accept paths with NUL character
  CVE-2015-4025, CVE-2015-4026, #1213407
- fileinfo: fix denial of service when processing a crafted
  file #1213442
- ftp: fix integer overflow leading to heap overflow when
  reading FTP file listing CVE-2015-4022
- phar: fix buffer over-read in metadata parsing CVE-2015-2783
- phar: invalid pointer free() in phar_tar_process_metadata()
  CVE-2015-3307
- phar: fix buffer overflow in phar_set_inode() CVE-2015-3329
- phar: fix memory corruption in phar_parse_tarfile caused by
  empty entry file name CVE-2015-4021
- pgsql: fix NULL pointer dereference CVE-2015-1352
- soap: fix type confusion through unserialize #1222538
- apache2handler: fix pipelined request executed in deinitialized
  interpreter under httpd 2.4 CVE-2015-3330

Tue Apr 14 2015 Remi Collet <rcollet@redhat.com> - 5.5.21-2

- core: fix use-after-free vulnerability in the
  process_nested_data function (unserialize) CVE-2015-2787
- core: fix NUL byte injection in file name argument of
  move_uploaded_file() CVE-2015-2348
- date: fix use after free vulnerability in unserialize()
  with DateTimeZone CVE-2015-0273
- enchant: fix  heap buffer overflow in
  enchant_broker_request_dict() CVE-2014-9705
- ereg: fix heap overflow in regcomp() CVE-2015-2305
- opcache: fix use after free CVE-2015-1351
- phar: fix use after free in phar_object.c CVE-2015-2301
- pgsql: fix NULL pointer dereference CVE-2015-1352
- soap: fix type confusion through unserialize #1204868

Thu Jan 22 2015 Remi Collet <rcollet@redhat.com> - 5.5.21-1
```
- rebase to PHP 5.5.21
```

Tue Dec 23 2014 Remi Collet <rcollet@redhat.com> - 5.5.20-1

- rebase to PHP 5.5.20 #1057089
- fix package name in description
- php-fpm own session and wsdlcache dir
- php-common doesn't provide php-gmp

Thu Oct 23 2014 Jan Kaluza <jkaluza@redhat.com> - 5.5.6-13

- fileinfo: fix out-of-bounds read in elf note headers. CVE-2014-3710

Mon Oct 20 2014 Remi Collet <rcollet@redhat.com> - 5.5.6-12

- xmlrpc: fix out-of-bounds read flaw in mkgmtime() CVE-2014-3668
- core: fix integer overflow in unserialize() CVE-2014-3669
- exif: fix heap corruption issue in exif_thumbnail() CVE-2014-3670

Wed Oct 08 2014 Remi Collet <rcollet@redhat.com> - 5.5.6-11

- gd: fix NULL pointer dereference in gdImageCreateFromXpm().
  CVE-2014-2497
- gd: fix NUL byte injection in file names. CVE-2014-5120
- core: fix heap-based buffer overflow in DNS TXT record
  parsing. CVE-2014-4049
- network: fix segfault in dns_get_record
  (incomplete fix for CVE-2014-4049). CVE-2014-3597
- core: unserialize() SPL ArrayObject / SPLObjectStorage
  type confusion flaw. CVE-2014-3515
- core: type confusion issue in phpinfo(). CVE-2014-4721
- spl: fix use-after-free in ArrayIterator due to object
  change during sorting. CVE-2014-4698
- spl: fix use-after-free in SPL Iterators. CVE-2014-4670
- fileinfo: cdf_unpack_summary_info() excessive looping
  DoS. CVE-2014-0237
- fileinfo: CDF property info parsing nelements infinite
  loop. CVE-2014-0238
- fileinfo: cdf_read_short_sector insufficient boundary
  check. CVE-2014-0207
- fileinfo: fix extensive backtracking in regular expression
  (incomplete fix for CVE-2013-7345). CVE-2014-3538
- fileinfo: cdf_check_stream_offset insufficient boundary
  check. CVE-2014-3479
- fileinfo: cdf_count_chain insufficient boundary check
  CVE-2014-3480
- fileinfo: fix mconvert incorrect handling of truncated
  pascal string size. CVE-2014-3478
- fileinfo: cdf_read_property_info insufficient boundary
  check. CVE-2014-3487
- fileinfo: fix cdf_read_property_info
  (incomplete fix for CVE-2012-1571). CVE-2014-3587

Tue May 13 2014 Remi Collet <rcollet@redhat.com> - 5.5.6-10

- fileinfo: fix out-of-bounds memory access CVE-2014-2270
- fileinfo: fix extensive backtracking CVE-2013-7345