Category Archives: Advisories

php-twig-1.44.7-1.fc36

Read Time:12 Second

FEDORA-2022-1695454935

Packages in this update:

php-twig-1.44.7-1.fc36

Update description:

Version 1.44.7 (2022-09-28)

Fix a security issue on filesystem loader (possibility to load a template outside a configured directory)

Read More

php-twig-1.44.7-1.fc37

Read Time:12 Second

FEDORA-2022-c6fe3ebd94

Packages in this update:

php-twig-1.44.7-1.fc37

Update description:

Version 1.44.7 (2022-09-28)

Fix a security issue on filesystem loader (possibility to load a template outside a configured directory)

Read More

php-8.0.24-1.fc35

Read Time:1 Minute, 17 Second

FEDORA-2022-afdea1c747

Packages in this update:

php-8.0.24-1.fc35

Update description:

PHP version 8.0.24 (29 Sep 2022)

Core:

Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
Fixed bug GH-9361 (Segmentation fault on script exit php#9379). (cmb, Christian Schneider)
Fixed bug GH-9407 (LSP error in eval’d code refers to wrong class for static type). (ilutov)
Fixed bug php#81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629). (Derick)

DOM:

Fixed bug php#79451 (DOMDocument->replaceChild on doctype causes double free). (Nathan Freeman)

FPM:

Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload). (Dmitry Menshikov)
Fixed bug php#77780 (“Headers already sent…” when previous connection was aborted). (Jakub Zelenka)

GMP

Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()). (Girgias)

Intl

Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter). (Girgias)

Phar:

Fixed bug php#81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628). (cmb)

PDO_PGSQL:

Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed). (Yurunsoft)

Reflection:

Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure). (cmb, Nicolas Grekas)
Fixed bug GH-9409 (Private method is incorrectly dumped as “overwrites”). (ilutov)

Streams:

Fixed bug GH-9316 ($http_response_header is wrong for long status line). (cmb, timwolla)

Read More