来源:HHVM官网
发布日期:2021-02-25
阅读次数:7017
评论:0
更新详情
A security update has been released for all supported HHVM versions. Please
update to one of the following versions to make sure you’re secure: 4.56.3
4.80.2
4.93.2
4.94.1
4.95.1
4.96.1
4.97.1
4.98.1This security update addresses the following vulnerabilities: CVE-2020-1917:
out-of-bounds write (1 byte) in exif_read_data()
CVE-2020-1918:
memory disclosure vulnerability using “data:” URLs
CVE-2020-1919:
out-of-bounds heap read in substr_compare()
CVE-2020-1921:
out-of-bounds write (1 byte) in crypt()
CVE-2021-24025:
integer overflow causing out-of-bounds heap write in preg_quote()
out-of-bounds heap read (2 bytes) in exif_read_data()
软件描述
HHVM (HipHop Virtual Machine)会将PHP代码转换成高级别的字节码(通常称为中间语言)。然后在运行时通过即时(JIT)编译器将这些字节码转换为x64的机器码
评论