FEDORA-2022-afdea1c747
Packages in this update:
php-8.0.24-1.fc35
Update description:
PHP version 8.0.24 (29 Sep 2022)
Core:
Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling)
Fixed bug GH-9361 (Segmentation fault on script exit php#9379). (cmb, Christian Schneider)
Fixed bug GH-9407 (LSP error in eval’d code refers to wrong class for static type). (ilutov)
Fixed bug php#81727: Don’t mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629). (Derick)
DOM:
Fixed bug php#79451 (DOMDocument->replaceChild on doctype causes double free). (Nathan Freeman)
FPM:
Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload). (Dmitry Menshikov)
Fixed bug php#77780 (“Headers already sent…” when previous connection was aborted). (Jakub Zelenka)
GMP
Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()). (Girgias)
Intl
Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter). (Girgias)
Phar:
Fixed bug php#81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628). (cmb)
PDO_PGSQL:
Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed). (Yurunsoft)
Reflection:
Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure). (cmb, Nicolas Grekas)
Fixed bug GH-9409 (Private method is incorrectly dumped as “overwrites”). (ilutov)
Streams:
Fixed bug GH-9316 ($http_response_header is wrong for long status line). (cmb, timwolla)
More Stories
ZDI-CAN-25373: Microsoft
A CVSS score 7.0 AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'Peter Girnus - Trend Micro Zero Day Initiative' was reported to...
DSA-5774-1 ruby-saml – security update
It was discovered that ruby-saml, a SAML library implementing the client side of a SAML authorization, does not properly verify...
USN-6968-2: PostgreSQL vulnerability
USN-6968-1 fixed CVE-2024-7348 in PostgreSQL-12, PostgreSQL-14, and PostgreSQL-16 This update provides the corresponding updates for PostgreSQL-9.5 in Ubuntu 16.04 LTS....
USN-7015-2: Python vulnerabilities
USN-7015-1 fixed several vulnerabilities in Python. This update provides one of the corresponding updates for python2.7 for Ubuntu 16.04 LTS,...
USN-7027-1: Emacs vulnerabilities
It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands....
USN-7024-1: tgt vulnerability
It was discovered that tgt attempts to achieve entropy by calling rand without srand. The PRNG seed is always 1,...