FEDORA-2023-5732365005
Packages in this update:
php-8.1.14-1.fc37
Update description:
PHP version 8.1.14 (05 Jan 2023)
Core:
Fixed bug GH-9905 (constant() behaves inconsistent when class is undefined). (cmb)
Fixed bug GH-9918 (License information for xxHash is not included in README.REDIST.BINS file). (Akama Hitoshi)
Fixed bug GH-9650 (Can’t initialize heap: [0x000001e7]). (Michael Voříšek)
Fixed potentially undefined behavior in Windows ftok(3) emulation. (cmb)
Date:
Fixed bug GH-9699 (DateTimeImmutable::diff differences in 8.1.10 onwards – timezone related). (Derick)
Fixed bug GH-9700 (DateTime::createFromFormat: Parsing TZID string is too greedy). (Derick)
Fixed bug GH-9866 (Time zone bug with DateTimeInterface::diff()). (Derick)
Fixed bug GH-9880 (DateTime diff returns wrong sign on day count when using a timezone). (Derick)
FPM:
Fixed bug GH-9959 (Solaris port event mechanism is still broken after bug php#66694). (Petr Sumbera)
Fixed bug php#68207 (Setting fastcgi.error_header can result in a WARNING). (Jakub Zelenka)
Fixed bug GH-8517 (Random crash of FPM master process in fpm_stdio_child_said). (Jakub Zelenka)
MBString:
Fixed bug GH-9535 (The behavior of mb_strcut in mbstring has been changed in PHP8.1). (Nathan Freeman)
Opcache:
Fixed bug GH-9968 (Segmentation Fault during OPCache Preload). (Arnaud, michdingpayc)
OpenSSL:
Fixed bug GH-9064 (PHP fails to build if openssl was built with –no-ec). (Jakub Zelenka)
Fixed bug GH-10000 (OpenSSL test failures when OpenSSL compiled with no-dsa). (Jakub Zelenka)
Pcntl:
Fixed bug GH-9298 (Signal handler called after rshutdown leads to crash). (Erki Aring)
PDO_Firebird:
Fixed bug GH-9971 (Incorrect NUMERIC value returned from PDO_Firebird). (cmb)
PDO/SQLite:
Fixed bug php#81740 (PDO::quote() may return unquoted string). (CVE-2022-31631) (cmb)
Session:
Fixed GH-9932 (session name silently fails with . and [). (David Carlier)
SPL:
Fixed GH-9883 (SplFileObject::__toString() reads next line). (Girgias)
Fixed GH-10011 (Trampoline autoloader will get reregistered and cannot be unregistered). (Girgias)
SQLite3:
Fixed bug php#81742 (open_basedir bypass in SQLite3 by using file URI). (cmb)
More Stories
libxml2-2.12.9-1.fc40
FEDORA-2024-9f3765a04b Packages in this update: libxml2-2.12.9-1.fc40 Update description: Update to 2.12.9 Fixes CVE-2024-40896 Read More
libxml2-2.12.9-1.fc41
FEDORA-2024-867a14de12 Packages in this update: libxml2-2.12.9-1.fc41 Update description: Update to 2.12.9 Fixes CVE-2024-40896. Read More
iwd-3.3-1.fc40 libell-0.71-1.fc40
FEDORA-2024-0fa283c43a Packages in this update: iwd-3.3-1.fc40 libell-0.71-1.fc40 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
iwd-3.3-1.fc41 libell-0.71-1.fc41
FEDORA-2024-256818da09 Packages in this update: iwd-3.3-1.fc41 libell-0.71-1.fc41 Update description: iwd 3.3: Fix issue with handling External Authentication. iwd 3.2: Fix...
A Vulnerability in Apache Struts2 Could Allow for Remote Code Execution
A vulnerability has been discovered in Apache Struts2, which could allow for remote code execution. Apache Struts2 is an open-source...
CyberDanube Security Research 20241219-0 | Authenticated Remote Code Execution in Ewon Flexy 205
Posted by Thomas Weber | CyberDanube via Fulldisclosure on Dec 21 CyberDanube Security Research 20241219-0 ------------------------------------------------------------------------------- title| Authenticated Remote Code...