a new release 8.0.27: https://www.php.net/ChangeLog-8.php#8.0.27
advisory will follow, if release is official SRPM: php-8.0.27-1.mga8.src.rpm files in core/updates_testing: php-cgi-8.0.27-1.mga8 php-cli-8.0.27-1.mga8 php-fpm-8.0.27-1.mga8 phpdbg-8.0.27-1.mga8 php-opcache-debuginfo-8.0.27-1.mga8 php-soap-debuginfo-8.0.27-1.mga8 php-intl-debuginfo-8.0.27-1.mga8 php-opcache-8.0.27-1.mga8 php-mbstring-8.0.27-1.mga8 php-mbstring-debuginfo-8.0.27-1.mga8 php-debuginfo-8.0.27-1.mga8 php-phar-debuginfo-8.0.27-1.mga8 php-mysqlnd-debuginfo-8.0.27-1.mga8 php-openssl-debuginfo-8.0.27-1.mga8 php-dom-debuginfo-8.0.27-1.mga8 php-pgsql-debuginfo-8.0.27-1.mga8 php-intl-8.0.27-1.mga8 php-fileinfo-debuginfo-8.0.27-1.mga8 php-mysqli-debuginfo-8.0.27-1.mga8 apache-mod_php-8.0.27-1.mga8 php-curl-debuginfo-8.0.27-1.mga8 php-pdo-debuginfo-8.0.27-1.mga8 php-ini-8.0.27-1.mga8 php-soap-8.0.27-1.mga8 php-sockets-debuginfo-8.0.27-1.mga8 php-session-debuginfo-8.0.27-1.mga8 php-phar-8.0.27-1.mga8 php-mysqlnd-8.0.27-1.mga8 php-imap-debuginfo-8.0.27-1.mga8 php-gmp-debuginfo-8.0.27-1.mga8 php-gd-debuginfo-8.0.27-1.mga8 php-zip-debuginfo-8.0.27-1.mga8 php-ldap-debuginfo-8.0.27-1.mga8 php-exif-debuginfo-8.0.27-1.mga8 php-ftp-debuginfo-8.0.27-1.mga8 php-openssl-8.0.27-1.mga8 php-dba-debuginfo-8.0.27-1.mga8 php-snmp-debuginfo-8.0.27-1.mga8 php-sodium-debuginfo-8.0.27-1.mga8 php-doc-8.0.27-1.mga8 php-dom-8.0.27-1.mga8 php-tidy-debuginfo-8.0.27-1.mga8 php-bcmath-debuginfo-8.0.27-1.mga8 php-filter-debuginfo-8.0.27-1.mga8 php-sqlite3-debuginfo-8.0.27-1.mga8 php-iconv-debuginfo-8.0.27-1.mga8 php-mysqli-8.0.27-1.mga8 php-pgsql-8.0.27-1.mga8 php-posix-debuginfo-8.0.27-1.mga8 php-odbc-debuginfo-8.0.27-1.mga8 php-zlib-debuginfo-8.0.27-1.mga8 php-pdo-8.0.27-1.mga8 php-session-8.0.27-1.mga8 php-pdo_pgsql-debuginfo-8.0.27-1.mga8 php-pdo_mysql-debuginfo-8.0.27-1.mga8 php-curl-8.0.27-1.mga8 php-pdo_firebird-debuginfo-8.0.27-1.mga8 php-gd-8.0.27-1.mga8 php-sockets-8.0.27-1.mga8 php-imap-8.0.27-1.mga8 php-xsl-debuginfo-8.0.27-1.mga8 php-pdo_sqlite-debuginfo-8.0.27-1.mga8 php-xmlwriter-debuginfo-8.0.27-1.mga8 php-xmlreader-debuginfo-8.0.27-1.mga8 php-tokenizer-debuginfo-8.0.27-1.mga8 php-calendar-debuginfo-8.0.27-1.mga8 php-sodium-8.0.27-1.mga8 php-exif-8.0.27-1.mga8 php-ldap-8.0.27-1.mga8 php-readline-debuginfo-8.0.27-1.mga8 php-pdo_dblib-debuginfo-8.0.27-1.mga8 php-gmp-8.0.27-1.mga8 php-pcntl-debuginfo-8.0.27-1.mga8 php-zip-8.0.27-1.mga8 php-ftp-8.0.27-1.mga8 php-sqlite3-8.0.27-1.mga8 php-dba-8.0.27-1.mga8 php-pdo_odbc-debuginfo-8.0.27-1.mga8 php-odbc-8.0.27-1.mga8 php-bz2-debuginfo-8.0.27-1.mga8 php-tidy-8.0.27-1.mga8 php-snmp-8.0.27-1.mga8 php-enchant-debuginfo-8.0.27-1.mga8 php-zlib-8.0.27-1.mga8 php-iconv-8.0.27-1.mga8 php-filter-8.0.27-1.mga8 php-pdo_pgsql-8.0.27-1.mga8 php-fileinfo-8.0.27-1.mga8 php-xmlwriter-8.0.27-1.mga8 php-ctype-debuginfo-8.0.27-1.mga8 php-bcmath-8.0.27-1.mga8 php-gettext-debuginfo-8.0.27-1.mga8 php-sysvmsg-debuginfo-8.0.27-1.mga8 php-pdo_firebird-8.0.27-1.mga8 php-pcntl-8.0.27-1.mga8 php-posix-8.0.27-1.mga8 php-xmlreader-8.0.27-1.mga8 php-pdo_sqlite-8.0.27-1.mga8 php-readline-8.0.27-1.mga8 php-xsl-8.0.27-1.mga8 php-sysvshm-debuginfo-8.0.27-1.mga8 php-calendar-8.0.27-1.mga8 php-pdo_mysql-8.0.27-1.mga8 php-pdo_dblib-8.0.27-1.mga8 php-bz2-8.0.27-1.mga8 php-tokenizer-8.0.27-1.mga8 php-shmop-debuginfo-8.0.27-1.mga8 php-enchant-8.0.27-1.mga8 php-sysvshm-8.0.27-1.mga8 php-sysvsem-debuginfo-8.0.27-1.mga8 php-pdo_odbc-8.0.27-1.mga8 php-sysvmsg-8.0.27-1.mga8 php-shmop-8.0.27-1.mga8 php-fpm-nginx-8.0.27-1.mga8 php-sysvsem-8.0.27-1.mga8 php-ctype-8.0.27-1.mga8 php-gettext-8.0.27-1.mga8 php-fpm-apache-8.0.27-1.mga8 php-cli-debuginfo-8.0.27-1.mga8 php-fpm-debuginfo-8.0.27-1.mga8 phpdbg-debuginfo-8.0.27-1.mga8 apache-mod_php-debuginfo-8.0.27-1.mga8 php-cgi-debuginfo-8.0.27-1.mga8 php-debugsource-8.0.27-1.mga8 php-devel-8.0.27-1.mga8
Assignee: mageia => qa-bugs
Version 8.0.27 05 Jan 2023 PDO/SQLite: Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631) so this is a security update.
Component: RPM Packages => SecurityQA Contact: (none) => security
CVE: (none) => CVE-2022-31631
Updated php packages fix security vulnerabilities: new version [2] fixes the following bug: PDO/SQLite: - (PDO::quote() may return unquoted string). [1] References: [1] https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31631 [2] https://www.php.net/ChangeLog-8.php#8.0.27
MGA8-64 MATE on Acer Aspire 5253 No installation issues Refer to bug 31180 for testing: $ php -S localhost:8000 -t php [Mon Jan 16 15:27:53 2023] PHP 8.0.27 Development Server (http://localhost:8000) started Then pointing firefox to http://localhost:8000/create-png.php and http://localhost:8000/sample.php displays correct image and text message. Works OK. Make sure httpd and mysqld are running, then start phpmyadmin, login, delete the previous test database testphp8026, create a new database testphp8027 and create a new table with PK and unique key and timestamp and insert some values. All works OK, good to go.
CC: (none) => herman.viaeneWhiteboard: (none) => MGA8-64-OK
Validating. Advisory in comment 3.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
CC: (none) => davidwhodginsKeywords: (none) => advisory
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0013.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED