Bug 32213

Summary: PHP: new version 8.2.10
Product: Mageia Reporter: Marc Krämer <mageia>
Component: RPM PackagesAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: andrewsfarm, brtians1, davidwhodgins, sysadmin-bugs
Version: 9Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA9-64-OK
Source RPM: php CVE:
Status comment:

Description Marc Krämer 2023-08-30 22:39:09 CEST 
new release
https://www.php.net/ChangeLog-8.php#8.2.10
Comment 1 Marc Krämer 2023-08-30 22:45:35 CEST 
Updated php version brings some bug fixes:

- MySQLnd:
  . authentication to a sha256_password account fails over SSL
  . mysqlnd fails to authenticate with sha256_password     accounts using passwords longer than 19 characters
  . MySQL Statement has a empty query result when the response field has changed, also Segmentation fault
  . Fixed invalid error message "Malformed packet" when connection is dropped

- SPL:
  . SplFixedArray::setSize() causes use-after-free

- Standard:
  . Prevent int overflow on $decimals in number_format


References:
https://www.php.net/ChangeLog-8.php#8.2.10
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1234-5678
========================

Updated packages in core/updates_testing:
========================
php-openssl-debuginfo-8.2.10-1.mga9
php-phar-debuginfo-8.2.10-1.mga9
php-dom-debuginfo-8.2.10-1.mga9
php-intl-8.2.10-1.mga9
php-opcache-8.2.10-1.mga9
php-pgsql-debuginfo-8.2.10-1.mga9
php-mysqli-debuginfo-8.2.10-1.mga9
php-mysqlnd-debuginfo-8.2.10-1.mga9
php-mbstring-8.2.10-1.mga9
php-debuginfo-8.2.10-1.mga9
php-mbstring-debuginfo-8.2.10-1.mga9
php-soap-debuginfo-8.2.10-1.mga9
php-pdo-debuginfo-8.2.10-1.mga9
php-curl-debuginfo-8.2.10-1.mga9
php-soap-8.2.10-1.mga9
php-fileinfo-debuginfo-8.2.10-1.mga9
php-session-debuginfo-8.2.10-1.mga9
php-phar-8.2.10-1.mga9
php-sockets-debuginfo-8.2.10-1.mga9
php-mysqlnd-8.2.10-1.mga9
php-zip-debuginfo-8.2.10-1.mga9
php-gd-debuginfo-8.2.10-1.mga9
php-sodium-debuginfo-8.2.10-1.mga9
php-ini-8.2.10-1.mga9
php-imap-debuginfo-8.2.10-1.mga9
php-dba-debuginfo-8.2.10-1.mga9
php-openssl-8.2.10-1.mga9
php-ldap-debuginfo-8.2.10-1.mga9
php-tidy-debuginfo-8.2.10-1.mga9
php-gmp-debuginfo-8.2.10-1.mga9
php-dom-8.2.10-1.mga9
php-intl-debuginfo-8.2.10-1.mga9
php-snmp-debuginfo-8.2.10-1.mga9
php-mysqli-8.2.10-1.mga9
php-pgsql-8.2.10-1.mga9
php-exif-debuginfo-8.2.10-1.mga9
php-sqlite3-debuginfo-8.2.10-1.mga9
php-ftp-debuginfo-8.2.10-1.mga9
php-opcache-debuginfo-8.2.10-1.mga9
php-curl-8.2.10-1.mga9
php-filter-debuginfo-8.2.10-1.mga9
php-pdo-8.2.10-1.mga9
php-pcntl-debuginfo-8.2.10-1.mga9
php-gd-8.2.10-1.mga9
php-iconv-debuginfo-8.2.10-1.mga9
php-session-8.2.10-1.mga9
php-odbc-debuginfo-8.2.10-1.mga9
php-bcmath-debuginfo-8.2.10-1.mga9
php-xmlreader-debuginfo-8.2.10-1.mga9
php-sodium-8.2.10-1.mga9
php-posix-debuginfo-8.2.10-1.mga9
php-pdo_pgsql-debuginfo-8.2.10-1.mga9
Wrote: /home/iurt/rpmbuild/RPMS/noarch/php-doc-8.2.10-1.mga9.noarch.rpm
php-imap-8.2.10-1.mga9
php-zip-8.2.10-1.mga9
php-ldap-8.2.10-1.mga9
php-pdo_mysql-debuginfo-8.2.10-1.mga9
php-zlib-debuginfo-8.2.10-1.mga9
php-sockets-8.2.10-1.mga9
php-exif-8.2.10-1.mga9
php-pdo_sqlite-debuginfo-8.2.10-1.mga9
php-xmlwriter-debuginfo-8.2.10-1.mga9
php-gmp-8.2.10-1.mga9
php-ftp-8.2.10-1.mga9
php-tokenizer-debuginfo-8.2.10-1.mga9
php-pdo_firebird-debuginfo-8.2.10-1.mga9
php-readline-debuginfo-8.2.10-1.mga9
php-xsl-debuginfo-8.2.10-1.mga9
php-pdo_dblib-debuginfo-8.2.10-1.mga9
php-odbc-8.2.10-1.mga9
php-sqlite3-8.2.10-1.mga9
php-iconv-8.2.10-1.mga9
php-snmp-8.2.10-1.mga9
php-dba-8.2.10-1.mga9
php-tidy-8.2.10-1.mga9
php-zlib-8.2.10-1.mga9
php-bz2-debuginfo-8.2.10-1.mga9
php-pdo_odbc-debuginfo-8.2.10-1.mga9
php-calendar-debuginfo-8.2.10-1.mga9
php-xmlwriter-8.2.10-1.mga9
php-enchant-debuginfo-8.2.10-1.mga9
php-pdo_firebird-8.2.10-1.mga9
php-bcmath-8.2.10-1.mga9
php-pcntl-8.2.10-1.mga9
php-posix-8.2.10-1.mga9
php-xmlreader-8.2.10-1.mga9
php-pdo_pgsql-8.2.10-1.mga9
php-filter-8.2.10-1.mga9
php-gettext-debuginfo-8.2.10-1.mga9
php-pdo_sqlite-8.2.10-1.mga9
php-sysvmsg-debuginfo-8.2.10-1.mga9
php-bz2-8.2.10-1.mga9
php-tokenizer-8.2.10-1.mga9
php-calendar-8.2.10-1.mga9
php-xsl-8.2.10-1.mga9
php-pdo_dblib-8.2.10-1.mga9
php-readline-8.2.10-1.mga9
php-pdo_mysql-8.2.10-1.mga9
php-pdo_odbc-8.2.10-1.mga9
php-sysvsem-debuginfo-8.2.10-1.mga9
php-shmop-debuginfo-8.2.10-1.mga9
php-sysvshm-debuginfo-8.2.10-1.mga9
php-shmop-8.2.10-1.mga9
php-sysvsem-8.2.10-1.mga9
php-ctype-8.2.10-1.mga9
php-sysvmsg-8.2.10-1.mga9
php-enchant-8.2.10-1.mga9
php-sysvshm-8.2.10-1.mga9
php-gettext-8.2.10-1.mga9
php-ctype-debuginfo-8.2.10-1.mga9
php-fpm-nginx-8.2.10-1.mga9
php-fpm-apache-8.2.10-1.mga9
apache-mod_php-8.2.10-1.mga9
php-cgi-8.2.10-1.mga9
php-cli-8.2.10-1.mga9
phpdbg-8.2.10-1.mga9
php-fpm-8.2.10-1.mga9
php-fileinfo-8.2.10-1.mga9
php-cgi-debuginfo-8.2.10-1.mga9
apache-mod_php-debuginfo-8.2.10-1.mga9
php-fpm-debuginfo-8.2.10-1.mga9
php-cli-debuginfo-8.2.10-1.mga9
phpdbg-debuginfo-8.2.10-1.mga9
php-debugsource-8.2.10-1.mga9
php-devel-8.2.10-1.mga9

SRPM:
php-8.2.10-1.mga9.src.rpm

Assignee: mageia => qa-bugs

Comment 2 Marc Krämer 2023-08-30 22:45:56 CEST 
I guess a few bugs will receive a CVE
Comment 3 Brian Rockwell 2023-09-06 05:10:04 CEST 
MGA9-64

The following 26 packages are going to be installed:

- apache-mod_php-8.2.10-1.mga9.x86_64
- php-cgi-8.2.10-1.mga9.x86_64
- php-curl-8.2.10-1.mga9.x86_64
- php-dom-8.2.10-1.mga9.x86_64
- php-exif-8.2.10-1.mga9.x86_64
- php-fileinfo-8.2.10-1.mga9.x86_64
- php-filter-8.2.10-1.mga9.x86_64
- php-gd-8.2.10-1.mga9.x86_64
- php-iconv-8.2.10-1.mga9.x86_64
- php-ini-8.2.10-1.mga9.x86_64
- php-intl-8.2.10-1.mga9.x86_64
- php-ldap-8.2.10-1.mga9.x86_64
- php-mbstring-8.2.10-1.mga9.x86_64
- php-mysqlnd-8.2.10-1.mga9.x86_64
- php-openssl-8.2.10-1.mga9.x86_64
- php-pcntl-8.2.10-1.mga9.x86_64
- php-pdo-8.2.10-1.mga9.x86_64
- php-pdo_mysql-8.2.10-1.mga9.x86_64
- php-pdo_pgsql-8.2.10-1.mga9.x86_64
- php-session-8.2.10-1.mga9.x86_64
- php-sysvsem-8.2.10-1.mga9.x86_64
- php-sysvshm-8.2.10-1.mga9.x86_64
- php-xmlreader-8.2.10-1.mga9.x86_64
- php-xmlwriter-8.2.10-1.mga9.x86_64
- php-zip-8.2.10-1.mga9.x86_64
- php-zlib-8.2.10-1.mga9.x86_64

6.8KB of additional disk space will be used.

5.6MB of packages will be retrieved.

Upgrade for Nextcloud SErver

--- rebooted

Nextcloud working as expected

CC: (none) => brtians1

Brian Rockwell 2023-09-16 18:29:46 CEST

Whiteboard: (none) => MGA9-64-OK

Comment 4 Thomas Andrews 2023-09-17 03:10:30 CEST 
Validating. Advisory in comment 1.

CC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => validated_update

Dave Hodgins 2023-09-20 23:31:48 CEST

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 5 Mageia Robot 2023-09-25 00:18:25 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGAA-2023-0071.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED