stable

php-8.2.24-1.fc39

FEDORA-2024-7c800c4df7 created by remi a week ago for Fedora 39

PHP version 8.2.24 (26 Sep 2024)

CGI:

  • Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926) (nielsdos)
  • Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927) (nielsdos)

Core:

  • Fixed bug GH-15408 (MSan false-positve on zend_max_execution_timer). (zeriyoshi)
  • Fixed bug GH-15515 (Configure error grep illegal option q). (Peter Kokot)
  • Fixed bug GH-15514 (Configure error: genif.sh: syntax error). (Peter Kokot)
  • Fixed bug GH-15565 (--disable-ipv6 during compilation produces error EAI_SYSTEM not found). (nielsdos)
  • Fixed bug GH-15587 (CRC32 API build error on arm 32-bit). (Bernd Kuhls, Thomas Petazzoni)
  • Fixed bug GH-15330 (Do not scan generator frames more than once). (Arnaud)
  • Fixed uninitialized lineno in constant AST of internal enums. (ilutov)

Curl:

  • FIxed bug GH-15547 (curl_multi_select overflow on timeout argument). (David Carlier)

DOM:

  • Fixed bug GH-15551 (Segmentation fault (access null pointer) in ext/dom/xml_common.h). (nielsdos)

Fileinfo:

  • Fixed bug GH-15752 (Incorrect error message for finfo_file with an empty filename argument). (DanielEScherzer)

FPM:

  • Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026) (Jakub Zelenka)

MySQLnd:

  • Fixed bug GH-15432 (Heap corruption when querying a vector). (cmb, Kamil Tekiela)

Opcache:

  • Fixed bug GH-15661 (Access null pointer in Zend/Optimizer/zend_inference.c). (nielsdos)
  • Fixed bug GH-15658 (Segmentation fault in Zend/zend_vm_execute.h). (nielsdos)

SAPI:

  • Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925) (Arnaud)

SOAP:

  • Fixed bug #73182 (PHP SOAPClient does not support stream context HTTP headers in array form). (nielsdos)

Standard:

  • Fixed bug GH-15552 (Signed integer overflow in ext/standard/scanf.c). (cmb)

Streams:

  • Fixed bug GH-15628 (php_stream_memory_get_buffer() not zero-terminated). (cmb)

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2024-7c800c4df7

This update has been submitted for testing by remi.

a week ago

This update's test gating status has been changed to 'ignored'.

a week ago

This update has been pushed to testing.

a week ago

This update has been submitted for stable by bodhi.

a day ago

This update has been pushed to stable.

20 hours ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
0
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
7 days
Dates
submitted
a week ago
in testing
a week ago
in stable
20 hours ago
approved
a day ago

Automated Test Results