Zend Server 9.1.13

PHP version 7.1.33.13.

Changes

• Adds TLS v1.2 support for mysqlnd.

Backported CVE fixes

• Fix #79971: special character is breaking the path in xml function CVE-2021-2170729
• Fix bug #81026 (PHP-FPM oob R/W in root process leading to priv escalation) CVE-2021-2170305
• Fix #81420: ZipArchive::extractTo extracts outside of destination CVE-2021-2170602
• Fix #81211: Symlinks are followed when creating PHAR archive
• Fix #76448: Stack buffer overflow in firebird_info_cb CVE-2021-21704
• Fix #76449: SIGSEGV in firebird_handle_doer
• Fix #76450: SIGSEGV in firebird_stmt_execute
• Fix #76452: Crash while parsing blob data in firebird_fetch_blob
• Fix #81122: SSRF bypass in FILTER_VALIDATE_URL CVE-2021-2170503
• Fix #80710: imap_mail_compose() header injection