来源:HHVM官网
发布日期:2020-11-12
阅读次数:3090
评论:0
更新详情
A security update has been released for all supported HHVM versions. Please
update to one of the following versions to make sure you’re secure: 4.56.2
4.78.1
4.79.1
4.80.1
4.81.1
4.82.1
4.83.1This security update addresses the following vulnerabilities: dump-static-strings
(CVE-2019-3555)
and dump-pcre-cache
(CVE-2019-3556)
admin endpoints can write to any file the webserver has access to
out of bounds read in crypt()
light-process.cpp not dropping privileges correctly
integer overflow in gdImageCreate()
null pointer dereference in XMLReader::expand()
buffer overflow in ldap_escape()
(CVE-2020-1916)
软件描述
HHVM (HipHop Virtual Machine)会将PHP代码转换成高级别的字节码(通常称为中间语言)。然后在运行时通过即时(JIT)编译器将这些字节码转换为x64的机器码
评论