search

Home  >  Q&A  >  body text

How to fix php vulnerability without upgrading PHP version

【1】PHP 'xml_utf8_encode' function integer overflow vulnerability (CVE-2016-4344)

【2】PHP 'php_filter_encode_url' function integer overflow vulnerability (CVE-2016-4345)

【3】PHP 'str_pad' function integer overflow vulnerability (CVE-2016-4346)

etc.

九夜九夜2633 days ago1459

reply all(1)I'll reply

  • ringa_lee

    ringa_lee2017-09-07 09:28:10

    In response to your problems, the official has released corresponding patches.
    It is recommended that you go to the official website of PHP to download the corresponding patch.


    http://php.net/ChangeLog-5.php
    https://bugs.php.net/72520
    http://php.net/ChangeLog-7.php
    http://git.php.net/?p=php-src.git;a=commit;h=81406c0c1d45f75fcc7972ed974d2597abb0b9e9



    reply
    0
    • 九夜

    How to use these patches after downloading them? I've never done this before, so I don't know where to start. Could you help me clarify my doubts?

    九夜 · 2017-09-08 14:33:32
  • Cancelreply