the latest release has arrived
Advisory will follow when release notes ready. RPMS in core/updates_testing: php-dom-debuginfo-8.0.24-1.mga8 php-openssl-debuginfo-8.0.24-1.mga8 php-mbstring-8.0.24-1.mga8 php-mysqlnd-debuginfo-8.0.24-1.mga8 php-phar-debuginfo-8.0.24-1.mga8 php-debuginfo-8.0.24-1.mga8 php-mbstring-debuginfo-8.0.24-1.mga8 php-pgsql-debuginfo-8.0.24-1.mga8 php-opcache-8.0.24-1.mga8 php-mysqli-debuginfo-8.0.24-1.mga8 php-fileinfo-debuginfo-8.0.24-1.mga8 php-intl-8.0.24-1.mga8 php-pdo-debuginfo-8.0.24-1.mga8 php-curl-debuginfo-8.0.24-1.mga8 php-ini-8.0.24-1.mga8 php-intl-debuginfo-8.0.24-1.mga8 php-sockets-debuginfo-8.0.24-1.mga8 php-phar-8.0.24-1.mga8 php-session-debuginfo-8.0.24-1.mga8 php-soap-debuginfo-8.0.24-1.mga8 php-soap-8.0.24-1.mga8 php-mysqlnd-8.0.24-1.mga8 php-gmp-debuginfo-8.0.24-1.mga8 php-imap-debuginfo-8.0.24-1.mga8 php-gd-debuginfo-8.0.24-1.mga8 php-ldap-debuginfo-8.0.24-1.mga8 php-dba-debuginfo-8.0.24-1.mga8 php-openssl-8.0.24-1.mga8 php-doc-8.0.24-1.mga8 php-ftp-debuginfo-8.0.24-1.mga8 php-exif-debuginfo-8.0.24-1.mga8 php-snmp-debuginfo-8.0.24-1.mga8 php-zip-debuginfo-8.0.24-1.mga8 php-sodium-debuginfo-8.0.24-1.mga8 php-tidy-debuginfo-8.0.24-1.mga8 php-dom-8.0.24-1.mga8 php-pgsql-8.0.24-1.mga8 php-odbc-debuginfo-8.0.24-1.mga8 php-mysqli-8.0.24-1.mga8 php-iconv-debuginfo-8.0.24-1.mga8 php-filter-debuginfo-8.0.24-1.mga8 php-posix-debuginfo-8.0.24-1.mga8 php-bcmath-debuginfo-8.0.24-1.mga8 php-sqlite3-debuginfo-8.0.24-1.mga8 php-pdo_pgsql-debuginfo-8.0.24-1.mga8 php-zlib-debuginfo-8.0.24-1.mga8 php-pdo-8.0.24-1.mga8 php-sockets-8.0.24-1.mga8 php-imap-8.0.24-1.mga8 php-curl-8.0.24-1.mga8 php-pdo_firebird-debuginfo-8.0.24-1.mga8 php-pdo_sqlite-debuginfo-8.0.24-1.mga8 php-xsl-debuginfo-8.0.24-1.mga8 php-gd-8.0.24-1.mga8 php-session-8.0.24-1.mga8 php-pdo_mysql-debuginfo-8.0.24-1.mga8 php-gmp-8.0.24-1.mga8 php-ldap-8.0.24-1.mga8 php-exif-8.0.24-1.mga8 php-tokenizer-debuginfo-8.0.24-1.mga8 php-readline-debuginfo-8.0.24-1.mga8 php-xmlwriter-debuginfo-8.0.24-1.mga8 php-pdo_dblib-debuginfo-8.0.24-1.mga8 php-sodium-8.0.24-1.mga8 php-xmlreader-debuginfo-8.0.24-1.mga8 php-calendar-debuginfo-8.0.24-1.mga8 php-sqlite3-8.0.24-1.mga8 php-ftp-8.0.24-1.mga8 php-odbc-8.0.24-1.mga8 php-pcntl-debuginfo-8.0.24-1.mga8 php-dba-8.0.24-1.mga8 php-zip-8.0.24-1.mga8 php-bz2-debuginfo-8.0.24-1.mga8 php-pdo_odbc-debuginfo-8.0.24-1.mga8 php-snmp-8.0.24-1.mga8 php-tidy-8.0.24-1.mga8 php-bcmath-8.0.24-1.mga8 php-iconv-8.0.24-1.mga8 php-ctype-debuginfo-8.0.24-1.mga8 php-filter-8.0.24-1.mga8 php-enchant-debuginfo-8.0.24-1.mga8 php-xmlwriter-8.0.24-1.mga8 php-zlib-8.0.24-1.mga8 php-pdo_pgsql-8.0.24-1.mga8 php-gettext-debuginfo-8.0.24-1.mga8 php-sysvmsg-debuginfo-8.0.24-1.mga8 php-pdo_firebird-8.0.24-1.mga8 php-pdo_mysql-8.0.24-1.mga8 php-pdo_sqlite-8.0.24-1.mga8 php-calendar-8.0.24-1.mga8 php-sysvshm-debuginfo-8.0.24-1.mga8 php-xsl-8.0.24-1.mga8 php-readline-8.0.24-1.mga8 php-xmlreader-8.0.24-1.mga8 php-pcntl-8.0.24-1.mga8 php-posix-8.0.24-1.mga8 php-sysvshm-8.0.24-1.mga8 php-pdo_dblib-8.0.24-1.mga8 php-bz2-8.0.24-1.mga8 php-pdo_odbc-8.0.24-1.mga8 php-enchant-8.0.24-1.mga8 php-sysvsem-debuginfo-8.0.24-1.mga8 php-shmop-debuginfo-8.0.24-1.mga8 php-tokenizer-8.0.24-1.mga8 php-shmop-8.0.24-1.mga8 php-sysvmsg-8.0.24-1.mga8 php-fpm-apache-8.0.24-1.mga8 php-fpm-nginx-8.0.24-1.mga8 php-sysvsem-8.0.24-1.mga8 php-gettext-8.0.24-1.mga8 php-ctype-8.0.24-1.mga8 php-cgi-8.0.24-1.mga8 phpdbg-8.0.24-1.mga8 php-cli-8.0.24-1.mga8 php-fpm-8.0.24-1.mga8 apache-mod_php-8.0.24-1.mga8 php-opcache-debuginfo-8.0.24-1.mga8 php-fileinfo-8.0.24-1.mga8 php-cgi-debuginfo-8.0.24-1.mga8 apache-mod_php-debuginfo-8.0.24-1.mga8 php-fpm-debuginfo-8.0.24-1.mga8 phpdbg-debuginfo-8.0.24-1.mga8 php-cli-debuginfo-8.0.24-1.mga8 php-debugsource-8.0.24-1.mga8 php-devel-8.0.24-1.mga8 SRPM: php-8.0.24-1.mga8.src.rpm
Assignee: mageia => qa-bugs
please see also #30914
https://www.php.net/ChangeLog-8.php#8.0.24 (not posted yet)
Summary: PHP: update to version 8.0.20 => PHP: update to version 8.0.24
Updated php package to 8.0.24 for security and error correction: Core: - Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function) (Tim Starling) - Fixed bug GH-9361 (Segmentation fault on script exit #9379). - Fixed bug GH-9407 (LSP error in eval'd code refers to wrong class for static type). - Fixed bug #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629) DOM: - Fixed bug #79451 (DOMDocument->replaceChild on doctype causes double free). FPM: - Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to error_log after daemon reload). - Fixed bug #77780 ("Headers already sent..." when previous connection was aborted). GMP: - Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is passed to gmp_init()). Intl: - Fixed bug GH-9421 (Incorrect argument number for ValueError in NumberFormatter). Phar: - Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628) PDO_PGSQL: - Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed). Reflection: - Fixed bug GH-8932 (ReflectionFunction provides no way to get the called class of a Closure). - Fixed bug GH-9409 (Private method is incorrectly dumped as "overwrites"). Streams: - Fixed bug GH-9316 ($http_response_header is wrong for long status line). References: [1] https://www.php.net/ChangeLog-8.php#8.0.24 [2] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31629
QA Contact: (none) => securityComponent: RPM Packages => SecurityCVE: (none) => CVE-2022-31629
MGA8-32bit, Nextcloud server The following 25 packages are going to be installed: - apache-mod_php-8.0.24-1.mga8.i586 - php-cgi-8.0.24-1.mga8.i586 - php-curl-8.0.24-1.mga8.i586 - php-dom-8.0.24-1.mga8.i586 - php-exif-8.0.24-1.mga8.i586 - php-fileinfo-8.0.24-1.mga8.i586 - php-filter-8.0.24-1.mga8.i586 - php-gd-8.0.24-1.mga8.i586 - php-iconv-8.0.24-1.mga8.i586 - php-ini-8.0.24-1.mga8.i586 - php-intl-8.0.24-1.mga8.i586 - php-ldap-8.0.24-1.mga8.i586 - php-mbstring-8.0.24-1.mga8.i586 - php-mysqlnd-8.0.24-1.mga8.i586 - php-openssl-8.0.24-1.mga8.i586 - php-pdo-8.0.24-1.mga8.i586 - php-pdo_mysql-8.0.24-1.mga8.i586 - php-pdo_sqlite-8.0.24-1.mga8.i586 - php-session-8.0.24-1.mga8.i586 - php-sysvsem-8.0.24-1.mga8.i586 - php-sysvshm-8.0.24-1.mga8.i586 - php-xmlreader-8.0.24-1.mga8.i586 - php-xmlwriter-8.0.24-1.mga8.i586 - php-zip-8.0.24-1.mga8.i586 - php-zlib-8.0.24-1.mga8.i586 ---rebooted to make sure memory was clear Ran nextcloud client and various utilities against the nextcloud server running on php. Working as expected.
Whiteboard: (none) => MGA8-32-OKCC: (none) => brtians1
I'd feel more comfortable if we had a 64-bit test as well, but I'm going to send this on anyway. Validating. Advisory in Comment 4.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2022-0362.html
Status: NEW => RESOLVEDResolution: (none) => FIXED