Bug 32151

Updated php to the latest version and fix security issue.

- CLI:
  . Fix interrupted CLI output causing the process to exit.

- Core:
  . Fixed oss-fuzz #60011 (Mis-compilation of by-reference nullsafe operator).
  . Fixed line number of JMP instruction over else block. 
  . Fixed use-of-uninitialized-value with ??= on assert. 
  . Fixed oss-fuzz #60411 (Fix double-compilation of arrow-functions).
  . Fixed build for FreeBSD before the 11.0 releases. 

- Curl:
  . Fix crash when an invalid callback function is passed to
    CURLMOPT_PUSHFUNCTION. 

- Date:
  . Fixed bug GH-11368 (Date modify returns invalid datetime). 
  . Fixed bug GH-11600 (Can't parse time strings which include 
    non-breaking space characters). 

- DOM:
  . Fixed bug GH-11625 (DOMElement::replaceWith() doesn't replace node with
    DOMDocumentFragment but just deletes node or causes wrapping <></>
    depending on libxml2 version). 

- Fileinfo:
  . Fixed bug GH-11298 (finfo returns wrong mime type for xz files). 

- FTP:
  . Fix context option check for "overwrite".
  . Fixed bug GH-10562 (Memory leak and invalid state with consecutive
    ftp_nb_fget). 

- GD:
  . Fix most of the external libgd test failures.

- Intl:
  . Fix memory leak in MessageFormatter::format() on failure.
  
- Libxml:
  . Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading
    in XML without enabling it). (CVE-2023-3823) 

- MBString:
  . Fix GH-11300 (license issue: restricted unicode license headers).


- Opcache:
  . Fixed bug GH-10914 (OPCache with Enum and Callback functions results in
    segmentation fault).
  . Prevent potential deadlock if accelerated globals cannot be allocated.

- PCNTL:
  . Fixed bug GH-11498 (SIGCHLD is not always returned from proc_open).

- PDO:
  . Fix	GH-11587 (After php8.1, when PDO::ATTR_EMULATE_PREPARES is true
    and PDO::ATTR_STRINGIFY_FETCHES is true, decimal zeros are no longer
    filled).

- Phar:
  . Add missing check on EVP_VerifyUpdate() in phar util. 
  . Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()).
    (CVE-2023-3824) 

- PHPDBG:
  . Fixed bug GH-9669 (phpdbg -h options doesn't list the -z option).
- Session:

  . Removed broken url support for transferring session ID. (ilutov)

- Standard:
  . Fix serialization of RC1 objects appearing in object graph twice.
  
- Streams:
  . Fixed bug GH-11735 (Use-after-free when unregistering user stream wrapper
    from itself). 

- SQLite3:
  . Fix replaced error handling in SQLite3Stmt::__construct. 

- XMLReader:
  . Fix GH-11548 (Argument corruption when calling XMLReader::open or
    XMLReader::XML non-statically with observer active). 


References:
https://www.php.net/ChangeLog-8.php#8.2.9
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823



updates in core/updates_testing:

php-cgi-8.2.9-1.mga9
phpdbg-8.2.9-1.mga9
php-fpm-8.2.9-1.mga9
php-cli-8.2.9-1.mga9
php-debuginfo-8.2.9-1.mga9
php-intl-debuginfo-8.2.9-1.mga9
php-opcache-debuginfo-8.2.9-1.mga9
php-mbstring-debuginfo-8.2.9-1.mga9
php-soap-debuginfo-8.2.9-1.mga9
php-mbstring-8.2.9-1.mga9
php-phar-debuginfo-8.2.9-1.mga9
php-opcache-8.2.9-1.mga9
php-openssl-debuginfo-8.2.9-1.mga9
php-intl-8.2.9-1.mga9
php-dom-debuginfo-8.2.9-1.mga9
php-pgsql-debuginfo-8.2.9-1.mga9
php-mysqli-debuginfo-8.2.9-1.mga9
php-mysqlnd-debuginfo-8.2.9-1.mga9
php-fileinfo-8.2.9-1.mga9
php-curl-debuginfo-8.2.9-1.mga9
apache-mod_php-8.2.9-1.mga9
php-pdo-debuginfo-8.2.9-1.mga9
php-soap-8.2.9-1.mga9
php-session-debuginfo-8.2.9-1.mga9
php-mysqlnd-8.2.9-1.mga9
php-phar-8.2.9-1.mga9
php-sockets-debuginfo-8.2.9-1.mga9
php-fileinfo-debuginfo-8.2.9-1.mga9
php-zip-debuginfo-8.2.9-1.mga9
php-sodium-debuginfo-8.2.9-1.mga9
php-gd-debuginfo-8.2.9-1.mga9
php-ini-8.2.9-1.mga9
php-imap-debuginfo-8.2.9-1.mga9
php-ldap-debuginfo-8.2.9-1.mga9
php-openssl-8.2.9-1.mga9
php-dom-8.2.9-1.mga9
php-gmp-debuginfo-8.2.9-1.mga9
php-dba-debuginfo-8.2.9-1.mga9
php-snmp-debuginfo-8.2.9-1.mga9
php-sqlite3-debuginfo-8.2.9-1.mga9
php-tidy-debuginfo-8.2.9-1.mga9
php-exif-debuginfo-8.2.9-1.mga9
php-pgsql-8.2.9-1.mga9
php-mysqli-8.2.9-1.mga9
php-ftp-debuginfo-8.2.9-1.mga9
php-filter-debuginfo-8.2.9-1.mga9
php-odbc-debuginfo-8.2.9-1.mga9
php-pdo-8.2.9-1.mga9
php-curl-8.2.9-1.mga9
php-bcmath-debuginfo-8.2.9-1.mga9
php-session-8.2.9-1.mga9
php-gd-8.2.9-1.mga9
php-pcntl-debuginfo-8.2.9-1.mga9
php-iconv-debuginfo-8.2.9-1.mga9
php-xmlreader-debuginfo-8.2.9-1.mga9
Wrote: /home/iurt/rpmbuild/RPMS/noarch/php-doc-8.2.9-1.mga9.noarch.rpm
php-imap-8.2.9-1.mga9
php-sodium-8.2.9-1.mga9
php-posix-debuginfo-8.2.9-1.mga9
php-pdo_pgsql-debuginfo-8.2.9-1.mga9
php-sockets-8.2.9-1.mga9
php-pdo_mysql-debuginfo-8.2.9-1.mga9
php-zlib-debuginfo-8.2.9-1.mga9
php-zip-8.2.9-1.mga9
php-ldap-8.2.9-1.mga9
php-exif-8.2.9-1.mga9
php-xsl-debuginfo-8.2.9-1.mga9
php-pdo_firebird-debuginfo-8.2.9-1.mga9
php-pdo_sqlite-debuginfo-8.2.9-1.mga9
php-readline-debuginfo-8.2.9-1.mga9
php-tokenizer-debuginfo-8.2.9-1.mga9
php-xmlwriter-debuginfo-8.2.9-1.mga9
php-gmp-8.2.9-1.mga9
php-odbc-8.2.9-1.mga9
php-ftp-8.2.9-1.mga9
php-pdo_dblib-debuginfo-8.2.9-1.mga9
php-sqlite3-8.2.9-1.mga9
php-dba-8.2.9-1.mga9
php-calendar-debuginfo-8.2.9-1.mga9
php-tidy-8.2.9-1.mga9
php-pdo_odbc-debuginfo-8.2.9-1.mga9
php-snmp-8.2.9-1.mga9
php-iconv-8.2.9-1.mga9
php-zlib-8.2.9-1.mga9
php-bz2-debuginfo-8.2.9-1.mga9
php-filter-8.2.9-1.mga9
php-enchant-debuginfo-8.2.9-1.mga9
php-xmlwriter-8.2.9-1.mga9
php-pdo_pgsql-8.2.9-1.mga9
php-xmlreader-8.2.9-1.mga9
php-pcntl-8.2.9-1.mga9
php-posix-8.2.9-1.mga9
php-pdo_firebird-8.2.9-1.mga9
php-bcmath-8.2.9-1.mga9
php-pdo_sqlite-8.2.9-1.mga9
php-sysvmsg-debuginfo-8.2.9-1.mga9
php-gettext-debuginfo-8.2.9-1.mga9
php-xsl-8.2.9-1.mga9
php-readline-8.2.9-1.mga9
php-pdo_odbc-8.2.9-1.mga9
php-calendar-8.2.9-1.mga9
php-pdo_mysql-8.2.9-1.mga9
php-tokenizer-8.2.9-1.mga9
php-sysvshm-debuginfo-8.2.9-1.mga9
php-pdo_dblib-8.2.9-1.mga9
php-bz2-8.2.9-1.mga9
php-fpm-debuginfo-8.2.9-1.mga9
php-sysvsem-debuginfo-8.2.9-1.mga9
php-cgi-debuginfo-8.2.9-1.mga9
php-shmop-debuginfo-8.2.9-1.mga9
php-ctype-debuginfo-8.2.9-1.mga9
php-sysvmsg-8.2.9-1.mga9
php-enchant-8.2.9-1.mga9
php-shmop-8.2.9-1.mga9
php-sysvshm-8.2.9-1.mga9
php-sysvsem-8.2.9-1.mga9
php-gettext-8.2.9-1.mga9
php-fpm-apache-8.2.9-1.mga9
php-fpm-nginx-8.2.9-1.mga9
php-ctype-8.2.9-1.mga9
apache-mod_php-debuginfo-8.2.9-1.mga9
php-cli-debuginfo-8.2.9-1.mga9
phpdbg-debuginfo-8.2.9-1.mga9
php-debugsource-8.2.9-1.mga9
php-devel-8.2.9-1.mga9


SRPM:
php-8.2.9-1.mga9.src.rpm

Assignee: mageia => qa-bugs
QA Contact: (none) => security
Component: RPM Packages => Security
CVE: (none) => CVE-2023-3823

MGA9-64

The following 35 packages are going to be installed:

- apache-mod_php-8.2.9-1.mga9.x86_64
- php-bcmath-8.2.9-1.mga9.x86_64
- php-bz2-8.2.9-1.mga9.x86_64
- php-cgi-8.2.9-1.mga9.x86_64
- php-cli-8.2.9-1.mga9.x86_64
- php-ctype-8.2.9-1.mga9.x86_64
- php-curl-8.2.9-1.mga9.x86_64
- php-dom-8.2.9-1.mga9.x86_64
- php-exif-8.2.9-1.mga9.x86_64
- php-fileinfo-8.2.9-1.mga9.x86_64
- php-filter-8.2.9-1.mga9.x86_64
- php-gd-8.2.9-1.mga9.x86_64
- php-gmp-8.2.9-1.mga9.x86_64
- php-iconv-8.2.9-1.mga9.x86_64
- php-ini-8.2.9-1.mga9.x86_64
- php-intl-8.2.9-1.mga9.x86_64
- php-ldap-8.2.9-1.mga9.x86_64
- php-mbstring-8.2.9-1.mga9.x86_64
- php-opcache-8.2.9-1.mga9.x86_64
- php-openssl-8.2.9-1.mga9.x86_64
- php-pcntl-8.2.9-1.mga9.x86_64
- php-pdo-8.2.9-1.mga9.x86_64
- php-pdo_pgsql-8.2.9-1.mga9.x86_64
- php-pgsql-8.2.9-1.mga9.x86_64
- php-posix-8.2.9-1.mga9.x86_64
- php-session-8.2.9-1.mga9.x86_64
- php-sodium-8.2.9-1.mga9.x86_64
- php-sysvsem-8.2.9-1.mga9.x86_64
- php-sysvshm-8.2.9-1.mga9.x86_64
- php-tokenizer-8.2.9-1.mga9.x86_64
- php-xmlreader-8.2.9-1.mga9.x86_64
- php-xmlwriter-8.2.9-1.mga9.x86_64
- php-zip-8.2.9-1.mga9.x86_64
- php-zlib-8.2.9-1.mga9.x86_64
- urpmi-8.131-2.mga9.noarch

2.2KB of additional disk space will be used.

8.7MB of packages will be retrieved.

Rebooted machine

testing nextcloud 27.  No issues

Whiteboard: (none) => MGA9-64-OK
CC: (none) => brtians1

moved to release as release tree is being rebuilt for second round of final isos

Status: NEW => RESOLVED
Resolution: (none) => FIXED