stable

php-8.1.16-1.fc36

FEDORA-2023-d12ff09d38 created by remi 7 months ago for Fedora 36

PHP version 8.1.16 (14 Feb 2023)

Core:

  • Fixed bug #81744 (Password_verify() always return true with some hash). (CVE-2023-0567). (Tim Düsterhus)
  • Fixed bug #81746 (1-byte array overrun in common path resolve code). (CVE-2023-0568). (Niels Dossche)
  • Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart request body). (CVE-2023-0662) (Jakub Zelenka)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2023-d12ff09d38

This update has been submitted for testing by remi.

7 months ago

This update's test gating status has been changed to 'ignored'.

7 months ago

This update has been pushed to testing.

7 months ago

remi edited this update.

7 months ago

remi edited this update.

7 months ago

This update has been submitted for stable by bodhi.

7 months ago

This update has been pushed to stable.

7 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Builds
1
php-8.1.16-1.fc36
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
7 months ago
in testing
7 months ago
in stable
7 months ago
modified
7 months ago
approved
7 months ago
BZ#2170761 CVE-2023-0662 php: DoS vulnerability when parsing multipart request body
0
0
BZ#2170770 CVE-2023-0568 php: 1-byte array overrun in common path resolve code
0
0
BZ#2170771 CVE-2023-0567 php: Password_verify() always return true with some hash
0
0
BZ#2170775 CVE-2023-0567 php: Password_verify() always return true with some hash [fedora-36]
0
0
BZ#2170777 CVE-2023-0662 php: DoS vulnerability when parsing multipart request body [fedora-36]
0
0
BZ#2170779 CVE-2023-0568 php: 1-byte array overrun in common path resolve code [fedora-36]
0
0
php-8.1.16-1.fc36

Automated Test Results

Copyright © 2007-2023 Red Hat, Inc. and others.

Running bodhi-server 7.2.1 on bodhi-web-86-nxdz4.

bodhi is Free Software. Please file issues if you have any problems. Read the documentation.

Composes Legal Privacy policy