https://www.php.net/ChangeLog-8.php#8.0.30
CVE: (none) => CVE-2023-3824, CVE-2023-3823
Summary: new version 8.0.30 => PHP version 8.0.30
Libxml: Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading in XML without enabling it). (CVE-2023-3823) Phar: Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()). (CVE-2023-3824)
CC: (none) => luigiwalser
Updated php fixes security issues: Libxml: - Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading in XML without enabling it). (CVE-2023-3823) Phar: - Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()). (CVE-2023-3824) References: https://www.php.net/ChangeLog-8.php#8.0.30 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824 ======================== Updated packages in core/updates_testing: ======================== php-dom-debuginfo-8.0.30-1.mga8 php-mbstring-8.0.30-1.mga8 php-phar-debuginfo-8.0.30-1.mga8 php-debuginfo-8.0.30-1.mga8 php-mysqlnd-debuginfo-8.0.30-1.mga8 php-openssl-debuginfo-8.0.30-1.mga8 php-mbstring-debuginfo-8.0.30-1.mga8 php-pgsql-debuginfo-8.0.30-1.mga8 php-opcache-8.0.30-1.mga8 php-intl-8.0.30-1.mga8 php-mysqli-debuginfo-8.0.30-1.mga8 php-fileinfo-debuginfo-8.0.30-1.mga8 php-ini-8.0.30-1.mga8 php-sockets-debuginfo-8.0.30-1.mga8 php-curl-debuginfo-8.0.30-1.mga8 php-intl-debuginfo-8.0.30-1.mga8 php-soap-debuginfo-8.0.30-1.mga8 php-pdo-debuginfo-8.0.30-1.mga8 php-soap-8.0.30-1.mga8 php-session-debuginfo-8.0.30-1.mga8 php-phar-8.0.30-1.mga8 php-mysqlnd-8.0.30-1.mga8 php-gmp-debuginfo-8.0.30-1.mga8 php-imap-debuginfo-8.0.30-1.mga8 php-gd-debuginfo-8.0.30-1.mga8 php-ldap-debuginfo-8.0.30-1.mga8 php-sodium-debuginfo-8.0.30-1.mga8 php-snmp-debuginfo-8.0.30-1.mga8 php-exif-debuginfo-8.0.30-1.mga8 php-ftp-debuginfo-8.0.30-1.mga8 php-zip-debuginfo-8.0.30-1.mga8 php-dba-debuginfo-8.0.30-1.mga8 php-doc-8.0.30-1.mga8.noarch.rpm php-openssl-8.0.30-1.mga8 php-dom-8.0.30-1.mga8 php-mysqli-8.0.30-1.mga8 php-iconv-debuginfo-8.0.30-1.mga8 php-tidy-debuginfo-8.0.30-1.mga8 php-bcmath-debuginfo-8.0.30-1.mga8 php-sqlite3-debuginfo-8.0.30-1.mga8 php-filter-debuginfo-8.0.30-1.mga8 php-odbc-debuginfo-8.0.30-1.mga8 php-pgsql-8.0.30-1.mga8 php-curl-8.0.30-1.mga8 php-posix-debuginfo-8.0.30-1.mga8 php-session-8.0.30-1.mga8 php-pdo-8.0.30-1.mga8 php-gd-8.0.30-1.mga8 php-pdo_mysql-debuginfo-8.0.30-1.mga8 php-pdo_pgsql-debuginfo-8.0.30-1.mga8 php-zlib-debuginfo-8.0.30-1.mga8 php-pdo_firebird-debuginfo-8.0.30-1.mga8 php-pdo_sqlite-debuginfo-8.0.30-1.mga8 php-xsl-debuginfo-8.0.30-1.mga8 php-calendar-debuginfo-8.0.30-1.mga8 php-xmlwriter-debuginfo-8.0.30-1.mga8 php-sockets-8.0.30-1.mga8 php-tokenizer-debuginfo-8.0.30-1.mga8 php-xmlreader-debuginfo-8.0.30-1.mga8 php-imap-8.0.30-1.mga8 php-sodium-8.0.30-1.mga8 php-exif-8.0.30-1.mga8 php-gmp-8.0.30-1.mga8 php-ldap-8.0.30-1.mga8 php-zip-8.0.30-1.mga8 php-pcntl-debuginfo-8.0.30-1.mga8 php-ftp-8.0.30-1.mga8 php-odbc-8.0.30-1.mga8 php-pdo_dblib-debuginfo-8.0.30-1.mga8 php-readline-debuginfo-8.0.30-1.mga8 php-iconv-8.0.30-1.mga8 php-zlib-8.0.30-1.mga8 php-dba-8.0.30-1.mga8 php-tidy-8.0.30-1.mga8 php-sqlite3-8.0.30-1.mga8 php-snmp-8.0.30-1.mga8 php-pdo_odbc-debuginfo-8.0.30-1.mga8 php-enchant-debuginfo-8.0.30-1.mga8 php-bz2-debuginfo-8.0.30-1.mga8 php-pdo_pgsql-8.0.30-1.mga8 php-bcmath-8.0.30-1.mga8 php-sysvmsg-debuginfo-8.0.30-1.mga8 php-posix-8.0.30-1.mga8 php-xmlreader-8.0.30-1.mga8 php-ctype-debuginfo-8.0.30-1.mga8 php-pcntl-8.0.30-1.mga8 php-filter-8.0.30-1.mga8 php-xmlwriter-8.0.30-1.mga8 php-gettext-debuginfo-8.0.30-1.mga8 php-pdo_firebird-8.0.30-1.mga8 php-readline-8.0.30-1.mga8 php-pdo_dblib-8.0.30-1.mga8 php-pdo_sqlite-8.0.30-1.mga8 php-tokenizer-8.0.30-1.mga8 php-pdo_mysql-8.0.30-1.mga8 php-calendar-8.0.30-1.mga8 php-bz2-8.0.30-1.mga8 php-xsl-8.0.30-1.mga8 php-shmop-debuginfo-8.0.30-1.mga8 php-cgi-8.0.30-1.mga8 php-sysvshm-debuginfo-8.0.30-1.mga8 php-enchant-8.0.30-1.mga8 php-shmop-8.0.30-1.mga8 php-sysvshm-8.0.30-1.mga8 php-cli-8.0.30-1.mga8 php-pdo_odbc-8.0.30-1.mga8 php-gettext-8.0.30-1.mga8 php-sysvsem-debuginfo-8.0.30-1.mga8 php-sysvsem-8.0.30-1.mga8 php-sysvmsg-8.0.30-1.mga8 php-fpm-apache-8.0.30-1.mga8 php-ctype-8.0.30-1.mga8 php-fpm-nginx-8.0.30-1.mga8 php-fpm-8.0.30-1.mga8 phpdbg-8.0.30-1.mga8 apache-mod_php-8.0.30-1.mga8 php-opcache-debuginfo-8.0.30-1.mga8 php-fileinfo-8.0.30-1.mga8 php-fpm-debuginfo-8.0.30-1.mga8 apache-mod_php-debuginfo-8.0.30-1.mga8 php-cli-debuginfo-8.0.30-1.mga8 phpdbg-debuginfo-8.0.30-1.mga8 php-cgi-debuginfo-8.0.30-1.mga8 php-debugsource-8.0.30-1.mga8 php-devel-8.0.30-1.mga8 SRPM: php-8.0.30-1.mga8.src.rpm
Assignee: mageia => qa-bugs
Using QARepo I get loads of this stuff when selecting packages: The following packages have to be removed for others to be upgraded: php-bcmath-8.0.29-1.mga8.x86_64 (due to unsatisfied php-common == 3:8.0) php-calendar-8.0.29-1.mga8.x86_64 (due to unsatisfied php-common == 3:8.0) etc..... and then clicking OK Sorry, the following package cannot be selected: - php-bz2-8.0.30-1.mga8.x86_64 (due to conflicts with php-bz2-8.1.18-1.mga8.x86_64) This is the story of the unselected backport repos again??
CC: (none) => herman.viaene
I guess it is
MGA8-64 MATE on Acer Aspire 5253 Updated using MCC - Update your system. Refer to bug 31180 for testing: $ php -S localhost:8000 -t php [Sat Aug 12 11:57:57 2023] PHP 8.0.30 Development Server (http://localhost:8000) started Then pointing firefox to http://localhost:8000/create-png.php and http://localhost:8000/sample.php displays correct image and text message. Works OK and get feedback at the CLI: [Sat Aug 12 11:58:07 2023] [::1]:49890 Accepted [Sat Aug 12 11:58:08 2023] [::1]:49890 [200]: GET /create-png.php [Sat Aug 12 11:58:08 2023] [::1]:49890 Closing [Sat Aug 12 11:58:10 2023] [::1]:49896 Accepted [Sat Aug 12 11:58:10 2023] [::1]:49896 [404]: GET /favicon.ico - No such file or directory [Sat Aug 12 11:58:10 2023] [::1]:49896 Closing [Sat Aug 12 11:58:15 2023] [::1]:34116 Accepted [Sat Aug 12 11:58:15 2023] [::1]:34116 [200]: GET /sample.php [Sat Aug 12 11:58:15 2023] [::1]:34116 Closing Make sure httpd and mysqld are running, then start phpmyadmin, login, delete old database testphp8029, create a new database testphp8030 and create a new table with PK and unique key and timestamp and insert some values. All works OK, good to go.
Whiteboard: (none) => MGA8-64-OK
Validating. Advisory information in comment 2.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
Keywords: (none) => advisoryCC: (none) => davidwhodgins
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0248.html
Resolution: (none) => FIXEDStatus: NEW => RESOLVED