New version released: https://www.php.net/ChangeLog-8.php#8.2.18
Update to 8.2.18 Core: - Corrupted memory in destructor with weak references - GC does not scale well with a lot of objects created in destructor DOM: - Add some missing ZPP checks. - Fix potential memory leak in XPath evaluation results. FPM: - Fix incorrect check in fpm_shm_free(). Gettext: - Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL. MySQLnd: - Fixed handshake response [mysqlnd] - Fix incorrect charset length in check_mb_eucjpms(). Opcache: - JITed QM_ASSIGN may be optimized out when op1 is null - Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded PDO: - Fix various PDORow bugs. Random: - Pre-PHP 8.2 compatibility for mt_srand with unknown modes - Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used Session: - Segfault with session_decode and compilation error Sockets: - socket_getsockname returns random characters in the end of the socket name SPL: - Unable to resize SplfixedArray after being unserialized in PHP 8.2.15 - Unexpected null pointer in zend_string.h Standard: - Added validation of `\n` in $additional_headers of mail() - Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874) Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756) - password_verify can erroneously return true, opening ATO risk. (CVE-2024-3096) References: https://www.php.net/ChangeLog-8.php#8.2.18 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1874 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096 ======================== Updated packages in core/updates_testing: ======================== php8.3-fpm-debuginfo-8.3.6-1.mga9 phpdbg8.3-debuginfo-8.3.6-1.mga9 php8.3-cli-debuginfo-8.3.6-1.mga9 php8.3-cgi-debuginfo-8.3.6-1.mga9 php8.3-fpm-8.3.6-1.mga9 phpdbg8.3-8.3.6-1.mga9 apache-mod_php8.3-debuginfo-8.3.6-1.mga9 php8.3-cli-8.3.6-1.mga9 php8.3-cgi-8.3.6-1.mga9 php-debugsource-8.3.6-1.mga9 php8.3-opcache-debuginfo-8.3.6-1.mga9 apache-mod_php8.3-8.3.6-1.mga9 php8.3-intl-debuginfo-8.3.6-1.mga9 php-debuginfo-8.3.6-1.mga9 php8.3-mbstring-debuginfo-8.3.6-1.mga9 php8.3-soap-debuginfo-8.3.6-1.mga9 php8.3-fileinfo-8.3.6-1.mga9 php8.3-mbstring-8.3.6-1.mga9 php8.3-intl-8.3.6-1.mga9 php8.3-dom-debuginfo-8.3.6-1.mga9 php8.3-opcache-8.3.6-1.mga9 php8.3-phar-debuginfo-8.3.6-1.mga9 php8.3-openssl-debuginfo-8.3.6-1.mga9 php8.3-mysqlnd-debuginfo-8.3.6-1.mga9 php8.3-soap-8.3.6-1.mga9 php8.3-mysqli-debuginfo-8.3.6-1.mga9 php8.3-phar-8.3.6-1.mga9 php8.3-pdo-debuginfo-8.3.6-1.mga9 php8.3-pgsql-debuginfo-8.3.6-1.mga9 php8.3-fileinfo-debuginfo-8.3.6-1.mga9 php8.3-session-debuginfo-8.3.6-1.mga9 php8.3-curl-debuginfo-8.3.6-1.mga9 php8.3-dom-8.3.6-1.mga9 php8.3-mysqlnd-8.3.6-1.mga9 php8.3-ini-8.3.6-1.mga9 php8.3-sockets-debuginfo-8.3.6-1.mga9 php8.3-openssl-8.3.6-1.mga9 php8.3-zip-debuginfo-8.3.6-1.mga9 php8.3-sodium-debuginfo-8.3.6-1.mga9 php8.3-gd-debuginfo-8.3.6-1.mga9 php8.3-dba-debuginfo-8.3.6-1.mga9 php8.3-ldap-debuginfo-8.3.6-1.mga9 php8.3-imap-debuginfo-8.3.6-1.mga9 php8.3-gmp-debuginfo-8.3.6-1.mga9 php8.3-snmp-debuginfo-8.3.6-1.mga9 php8.3-sqlite3-debuginfo-8.3.6-1.mga9 php8.3-mysqli-8.3.6-1.mga9 php8.3-devel-8.3.6-1.mga9 php8.3-tidy-debuginfo-8.3.6-1.mga9 php8.3-exif-debuginfo-8.3.6-1.mga9 php8.3-pdo-8.3.6-1.mga9 php8.3-pgsql-8.3.6-1.mga9 php8.3-session-8.3.6-1.mga9 php8.3-posix-debuginfo-8.3.6-1.mga9 php8.3-filter-debuginfo-8.3.6-1.mga9 php8.3-curl-8.3.6-1.mga9 php8.3-ftp-debuginfo-8.3.6-1.mga9 php8.3-odbc-debuginfo-8.3.6-1.mga9 php8.3-sodium-8.3.6-1.mga9 php8.3-bcmath-debuginfo-8.3.6-1.mga9 php8.3-gd-8.3.6-1.mga9 php8.3-sockets-8.3.6-1.mga9 php8.3-iconv-debuginfo-8.3.6-1.mga9 php8.3-imap-8.3.6-1.mga9 php8.3-pcntl-debuginfo-8.3.6-1.mga9 php8.3-zip-8.3.6-1.mga9 php8.3-xmlreader-debuginfo-8.3.6-1.mga9 php8.3-doc-8.3.6-1.mga9 php8.3-ldap-8.3.6-1.mga9 php8.3-pdo_pgsql-debuginfo-8.3.6-1.mga9 php8.3-zlib-debuginfo-8.3.6-1.mga9 php8.3-pdo_mysql-debuginfo-8.3.6-1.mga9 php8.3-pdo_firebird-debuginfo-8.3.6-1.mga9 php8.3-xsl-debuginfo-8.3.6-1.mga9 php8.3-gmp-8.3.6-1.mga9 php8.3-pdo_sqlite-debuginfo-8.3.6-1.mga9 php8.3-readline-debuginfo-8.3.6-1.mga9 php8.3-odbc-8.3.6-1.mga9 php8.3-xmlwriter-debuginfo-8.3.6-1.mga9 php8.3-exif-8.3.6-1.mga9 php8.3-ftp-8.3.6-1.mga9 php8.3-tokenizer-debuginfo-8.3.6-1.mga9 php8.3-pdo_dblib-debuginfo-8.3.6-1.mga9 php8.3-sqlite3-8.3.6-1.mga9 php8.3-dba-8.3.6-1.mga9 php8.3-tidy-8.3.6-1.mga9 php8.3-pdo_odbc-debuginfo-8.3.6-1.mga9 php8.3-snmp-8.3.6-1.mga9 php8.3-calendar-debuginfo-8.3.6-1.mga9 php8.3-filter-8.3.6-1.mga9 php8.3-zlib-8.3.6-1.mga9 php8.3-iconv-8.3.6-1.mga9 php8.3-pdo_pgsql-8.3.6-1.mga9 php8.3-enchant-debuginfo-8.3.6-1.mga9 php8.3-bz2-debuginfo-8.3.6-1.mga9 php8.3-posix-8.3.6-1.mga9 php8.3-xmlwriter-8.3.6-1.mga9 php8.3-bcmath-8.3.6-1.mga9 php8.3-pcntl-8.3.6-1.mga9 php8.3-pdo_firebird-8.3.6-1.mga9 php8.3-xmlreader-8.3.6-1.mga9 php8.3-sysvmsg-debuginfo-8.3.6-1.mga9 php8.3-ctype-debuginfo-8.3.6-1.mga9 php8.3-gettext-debuginfo-8.3.6-1.mga9 php8.3-pdo_sqlite-8.3.6-1.mga9 php8.3-pdo_dblib-8.3.6-1.mga9 php8.3-pdo_odbc-8.3.6-1.mga9 php8.3-readline-8.3.6-1.mga9 php8.3-tokenizer-8.3.6-1.mga9 php8.3-sysvshm-debuginfo-8.3.6-1.mga9 php8.3-pdo_mysql-8.3.6-1.mga9 php8.3-xsl-8.3.6-1.mga9 php8.3-calendar-8.3.6-1.mga9 php8.3-bz2-8.3.6-1.mga9 php8.3-enchant-8.3.6-1.mga9 php8.3-shmop-debuginfo-8.3.6-1.mga9 php8.3-sysvsem-debuginfo-8.3.6-1.mga9 php8.3-sysvmsg-8.3.6-1.mga9 php8.3-sysvshm-8.3.6-1.mga9 php8.3-gettext-8.3.6-1.mga9 php8.3-sysvsem-8.3.6-1.mga9 php8.3-shmop-8.3.6-1.mga9 php8.3-fpm-nginx-8.3.6-1.mga9 php8.3-ctype-8.3.6-1.mga9 php8.3-fpm-apache-8.3.6-1.mga9 php-latest-8.3.6-1.mga9 Source RPMs: php-8.3.6-1.mga9.src.rpm
QA Contact: (none) => securityComponent: RPM Packages => SecurityAssignee: mageia => qa-bugsCVE: (none) => CVE-2024-1874, CVE-2024-3096, CVE-2024-2756
wrong files :( SRPM: php-8.2.18-1.mga9.src.rpm Files: php-fpm-8.2.18-1.mga9 php-cgi-8.2.18-1.mga9 phpdbg-8.2.18-1.mga9 php-cli-8.2.18-1.mga9 php-debuginfo-8.2.18-1.mga9 php-intl-debuginfo-8.2.18-1.mga9 apache-mod_php-8.2.18-1.mga9 php-mbstring-debuginfo-8.2.18-1.mga9 php-soap-debuginfo-8.2.18-1.mga9 php-opcache-debuginfo-8.2.18-1.mga9 php-phar-debuginfo-8.2.18-1.mga9 php-opcache-8.2.18-1.mga9 php-mbstring-8.2.18-1.mga9 php-dom-debuginfo-8.2.18-1.mga9 php-intl-8.2.18-1.mga9 php-openssl-debuginfo-8.2.18-1.mga9 php-mysqlnd-debuginfo-8.2.18-1.mga9 php-pdo-debuginfo-8.2.18-1.mga9 php-fileinfo-8.2.18-1.mga9 php-mysqli-debuginfo-8.2.18-1.mga9 php-pgsql-debuginfo-8.2.18-1.mga9 php-soap-8.2.18-1.mga9 php-curl-debuginfo-8.2.18-1.mga9 php-session-debuginfo-8.2.18-1.mga9 php-phar-8.2.18-1.mga9 php-mysqlnd-8.2.18-1.mga9 php-fileinfo-debuginfo-8.2.18-1.mga9 php-sockets-debuginfo-8.2.18-1.mga9 php-ini-8.2.18-1.mga9 php-gd-debuginfo-8.2.18-1.mga9 php-sodium-debuginfo-8.2.18-1.mga9 php-zip-debuginfo-8.2.18-1.mga9 php-ldap-debuginfo-8.2.18-1.mga9 php-imap-debuginfo-8.2.18-1.mga9 php-dom-8.2.18-1.mga9 php-openssl-8.2.18-1.mga9 php-dba-debuginfo-8.2.18-1.mga9 php-gmp-debuginfo-8.2.18-1.mga9 php-snmp-debuginfo-8.2.18-1.mga9 php-exif-debuginfo-8.2.18-1.mga9 php-sqlite3-debuginfo-8.2.18-1.mga9 php-mysqli-8.2.18-1.mga9 php-tidy-debuginfo-8.2.18-1.mga9 php-pgsql-8.2.18-1.mga9 php-ftp-debuginfo-8.2.18-1.mga9 php-odbc-debuginfo-8.2.18-1.mga9 php-filter-debuginfo-8.2.18-1.mga9 php-doc-8.2.18-1.mga9 php-pdo-8.2.18-1.mga9 php-curl-8.2.18-1.mga9 php-bcmath-debuginfo-8.2.18-1.mga9 php-session-8.2.18-1.mga9 php-xmlreader-debuginfo-8.2.18-1.mga9 php-gd-8.2.18-1.mga9 php-pcntl-debuginfo-8.2.18-1.mga9 php-iconv-debuginfo-8.2.18-1.mga9 php-sodium-8.2.18-1.mga9 php-pdo_pgsql-debuginfo-8.2.18-1.mga9 php-posix-debuginfo-8.2.18-1.mga9 php-imap-8.2.18-1.mga9 php-sockets-8.2.18-1.mga9 php-zlib-debuginfo-8.2.18-1.mga9 apache-mod_php-debuginfo-8.2.18-1.mga9 php-exif-8.2.18-1.mga9 php-ldap-8.2.18-1.mga9 php-pdo_mysql-debuginfo-8.2.18-1.mga9 php-pdo_firebird-debuginfo-8.2.18-1.mga9 php-zip-8.2.18-1.mga9 php-xsl-debuginfo-8.2.18-1.mga9 php-readline-debuginfo-8.2.18-1.mga9 php-xmlwriter-debuginfo-8.2.18-1.mga9 php-odbc-8.2.18-1.mga9 php-pdo_sqlite-debuginfo-8.2.18-1.mga9 php-tokenizer-debuginfo-8.2.18-1.mga9 php-gmp-8.2.18-1.mga9 php-pdo_dblib-debuginfo-8.2.18-1.mga9 php-ftp-8.2.18-1.mga9 php-cli-debuginfo-8.2.18-1.mga9 php-calendar-debuginfo-8.2.18-1.mga9 php-dba-8.2.18-1.mga9 php-sqlite3-8.2.18-1.mga9 php-pdo_odbc-debuginfo-8.2.18-1.mga9 php-tidy-8.2.18-1.mga9 php-iconv-8.2.18-1.mga9 php-bz2-debuginfo-8.2.18-1.mga9 php-enchant-debuginfo-8.2.18-1.mga9 php-snmp-8.2.18-1.mga9 php-filter-8.2.18-1.mga9 php-zlib-8.2.18-1.mga9 php-pdo_pgsql-8.2.18-1.mga9 php-xmlreader-8.2.18-1.mga9 php-xmlwriter-8.2.18-1.mga9 php-pcntl-8.2.18-1.mga9 php-fpm-debuginfo-8.2.18-1.mga9 php-pdo_firebird-8.2.18-1.mga9 phpdbg-debuginfo-8.2.18-1.mga9 php-bcmath-8.2.18-1.mga9 php-sysvmsg-debuginfo-8.2.18-1.mga9 php-ctype-debuginfo-8.2.18-1.mga9 php-posix-8.2.18-1.mga9 php-pdo_odbc-8.2.18-1.mga9 php-pdo_sqlite-8.2.18-1.mga9 php-gettext-debuginfo-8.2.18-1.mga9 php-pdo_dblib-8.2.18-1.mga9 php-xsl-8.2.18-1.mga9 php-readline-8.2.18-1.mga9 php-pdo_mysql-8.2.18-1.mga9 php-calendar-8.2.18-1.mga9 php-cgi-debuginfo-8.2.18-1.mga9 php-enchant-8.2.18-1.mga9 php-tokenizer-8.2.18-1.mga9 php-sysvshm-debuginfo-8.2.18-1.mga9 php-sysvmsg-8.2.18-1.mga9 php-bz2-8.2.18-1.mga9 php-sysvshm-8.2.18-1.mga9 php-shmop-debuginfo-8.2.18-1.mga9 php-gettext-8.2.18-1.mga9 php-fpm-nginx-8.2.18-1.mga9 php-ctype-8.2.18-1.mga9 php-shmop-8.2.18-1.mga9 php-sysvsem-8.2.18-1.mga9 php-sysvsem-debuginfo-8.2.18-1.mga9 php-fpm-apache-8.2.18-1.mga9 php-debugsource-8.2.18-1.mga9 php-devel-8.2.18-1.mga9
Keywords: (none) => advisory
M9-64 Plasma Wayland on HP Pavillion No installation issues. php -S localhost:8000 -t php Then pointing firefox to http://localhost:8000/create-png.php and http://localhost:8000/sample.php displays correct image and text message. Works OK and get feedback at the CLI: [Fri Apr 12 11:15:39 2024] PHP 8.2.18 Development Server (http://localhost:8000) started [Fri Apr 12 11:15:45 2024] [::1]:42306 Accepted [Fri Apr 12 11:15:46 2024] [::1]:42306 [200]: GET /create-png.php [Fri Apr 12 11:15:46 2024] [::1]:42306 Closing [Fri Apr 12 11:15:57 2024] [::1]:36490 Accepted [Fri Apr 12 11:15:58 2024] [::1]:36490 [200]: GET /sample.php [Fri Apr 12 11:15:58 2024] [::1]:36490 Closing Make sure httpd and mysqld are running, then start phpmyadmin, login, create a new database testphp8217 and create a new table with PK and unique key and timestamp . All works OK.
Whiteboard: (none) => MGA9-64-OKCC: (none) => herman.viaene
LC_ALL=C urpmi --auto --auto-update medium "QA Testing (32-bit)" is up-to-date medium "QA Testing (64-bit)" is up-to-date medium "Core Release (distrib1)" is up-to-date medium "Core Updates (distrib3)" is up-to-date medium "Nonfree Release (distrib11)" is up-to-date medium "Nonfree Updates (distrib13)" is up-to-date medium "Tainted Release (distrib21)" is up-to-date medium "Tainted Updates (distrib23)" is up-to-date medium "Core 32bit Release (distrib31)" is up-to-date medium "Core 32bit Updates (distrib32)" is up-to-date medium "Nonfree 32bit Release (distrib36)" is up-to-date medium "Tainted 32bit Release (distrib41)" is up-to-date medium "Tainted 32bit Updates (distrib42)" is up-to-date medium "BDK-Free-x86_64" is up-to-date medium "BDK-Free-noarch" is up-to-date medium "BDK-NonFree-x86_64" is up-to-date installing php-cli-8.2.18-1.mga9.x86_64.rpm php-ini-8.2.18-1.mga9.x86_64.rpm php-fpm-8.2.18-1.mga9.x86_64.rpm php-sysvshm-8.2.18-1.mga9.x86_64.rpm php-sysvsem-8.2.18-1.mga9.x86_64.rpm php-openssl-8.2.18-1.mga9.x86_64.rpm php-zlib-8.2.18-1.mga9.x86_64.rpm php-fpm-apache-8.2.18-1.mga9.x86_64.rpm php-session-8.2.18-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ###################################################################################### 1/9: php-sysvshm ###################################################################################### 2/9: php-sysvsem ###################################################################################### 3/9: php-openssl ###################################################################################### 4/9: php-zlib ###################################################################################### 5/9: php-ini ###################################################################################### 6/9: php-cli ###################################################################################### 7/9: php-session ###################################################################################### 8/9: php-fpm-apache ###################################################################################### 9/9: php-fpm ###################################################################################### 1/9: removing php-fpm-3:8.2.17-1.mga9.x86_64 ###################################################################################### 2/9: removing php-session-3:8.2.17-1.mga9.x86_64 ###################################################################################### 3/9: removing php-cli-3:8.2.17-1.mga9.x86_64 ###################################################################################### 4/9: removing php-ini-3:8.2.17-1.mga9.x86_64 ###################################################################################### 5/9: removing php-fpm-apache-3:8.2.17-1.mga9.x86_64 ###################################################################################### 6/9: removing php-openssl-3:8.2.17-1.mga9.x86_64 ###################################################################################### 7/9: removing php-sysvsem-3:8.2.17-1.mga9.x86_64 ###################################################################################### 8/9: removing php-sysvshm-3:8.2.17-1.mga9.x86_64 ################################################################################### ### 9/9: removing php-zlib-3:8.2.17-1.mga9.x86_64 ###################################################################################### Test a php page of my projects , test a php script both works as before
CC: (none) => andrewsfarm
Thank you, Gentlemen. Validating.
Keywords: (none) => validated_updateCC: (none) => sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2024-0132.html
Status: NEW => RESOLVEDResolution: (none) => FIXED