33093 – PHP: Updated version 8.2.18

Bug 33093 - PHP: Updated version 8.2.18

Summary: PHP: Updated version 8.2.18

Status:	RESOLVED FIXED

Alias:	None

Product:	Mageia
Classification:	Unclassified
Component:	Security (show other bugs)
Version:	9
Hardware:	All Linux

Priority:	Normal Severity: normal
Target Milestone:	---
Assignee:	QA Team
QA Contact:	Sec team

URL:	https://www.php.net/ChangeLog-8.php#8...
Whiteboard:	MGA9-64-OK
Keywords:	advisory, validated_update

Depends on:
Blocks:

Reported:	2024-04-11 20:39 CEST by Marc Krämer
Modified:	2024-04-13 18:57 CEST (History)
CC List:	3 users (show)

See Also:
Source RPM:	php
CVE:	CVE-2024-1874, CVE-2024-3096, CVE-2024-2756
Status comment:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Marc Krämer 2024-04-11 20:39:14 CEST

New version released:
https://www.php.net/ChangeLog-8.php#8.2.18

Comment 1 Marc Krämer 2024-04-11 20:47:46 CEST Comment hidden (obsolete)

Update to 8.2.18

Core:
- Corrupted memory in destructor with weak references
- GC does not scale well with a lot of objects created in destructor

DOM:
- Add some missing ZPP checks.
- Fix potential memory leak in XPath evaluation results.

FPM:
- Fix incorrect check in fpm_shm_free().

Gettext:
- Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL.

MySQLnd:
- Fixed handshake response [mysqlnd]
- Fix incorrect charset length in check_mb_eucjpms().

Opcache:
- JITed QM_ASSIGN may be optimized out when op1 is null
- Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded

PDO:
- Fix various PDORow bugs.

Random:
- Pre-PHP 8.2 compatibility for mt_srand with unknown modes
- Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used

Session:
- Segfault with session_decode and compilation error

Sockets:
- socket_getsockname returns random characters in the end of the socket name

SPL:
- Unable to resize SplfixedArray after being unserialized in PHP 8.2.15
- Unexpected null pointer in zend_string.h

Standard:
- Added validation of `\n` in $additional_headers of mail()
- Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874)
Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756)
- password_verify can erroneously return true, opening ATO risk. (CVE-2024-3096)


References:
https://www.php.net/ChangeLog-8.php#8.2.18
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-1874 
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2756
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-3096
========================

Updated packages in core/updates_testing:
========================
php8.3-fpm-debuginfo-8.3.6-1.mga9
phpdbg8.3-debuginfo-8.3.6-1.mga9
php8.3-cli-debuginfo-8.3.6-1.mga9
php8.3-cgi-debuginfo-8.3.6-1.mga9
php8.3-fpm-8.3.6-1.mga9
phpdbg8.3-8.3.6-1.mga9
apache-mod_php8.3-debuginfo-8.3.6-1.mga9
php8.3-cli-8.3.6-1.mga9
php8.3-cgi-8.3.6-1.mga9
php-debugsource-8.3.6-1.mga9
php8.3-opcache-debuginfo-8.3.6-1.mga9
apache-mod_php8.3-8.3.6-1.mga9
php8.3-intl-debuginfo-8.3.6-1.mga9
php-debuginfo-8.3.6-1.mga9
php8.3-mbstring-debuginfo-8.3.6-1.mga9
php8.3-soap-debuginfo-8.3.6-1.mga9
php8.3-fileinfo-8.3.6-1.mga9
php8.3-mbstring-8.3.6-1.mga9
php8.3-intl-8.3.6-1.mga9
php8.3-dom-debuginfo-8.3.6-1.mga9
php8.3-opcache-8.3.6-1.mga9
php8.3-phar-debuginfo-8.3.6-1.mga9
php8.3-openssl-debuginfo-8.3.6-1.mga9
php8.3-mysqlnd-debuginfo-8.3.6-1.mga9
php8.3-soap-8.3.6-1.mga9
php8.3-mysqli-debuginfo-8.3.6-1.mga9
php8.3-phar-8.3.6-1.mga9
php8.3-pdo-debuginfo-8.3.6-1.mga9
php8.3-pgsql-debuginfo-8.3.6-1.mga9
php8.3-fileinfo-debuginfo-8.3.6-1.mga9
php8.3-session-debuginfo-8.3.6-1.mga9
php8.3-curl-debuginfo-8.3.6-1.mga9
php8.3-dom-8.3.6-1.mga9
php8.3-mysqlnd-8.3.6-1.mga9
php8.3-ini-8.3.6-1.mga9
php8.3-sockets-debuginfo-8.3.6-1.mga9
php8.3-openssl-8.3.6-1.mga9
php8.3-zip-debuginfo-8.3.6-1.mga9
php8.3-sodium-debuginfo-8.3.6-1.mga9
php8.3-gd-debuginfo-8.3.6-1.mga9
php8.3-dba-debuginfo-8.3.6-1.mga9
php8.3-ldap-debuginfo-8.3.6-1.mga9
php8.3-imap-debuginfo-8.3.6-1.mga9
php8.3-gmp-debuginfo-8.3.6-1.mga9
php8.3-snmp-debuginfo-8.3.6-1.mga9
php8.3-sqlite3-debuginfo-8.3.6-1.mga9
php8.3-mysqli-8.3.6-1.mga9
php8.3-devel-8.3.6-1.mga9
php8.3-tidy-debuginfo-8.3.6-1.mga9
php8.3-exif-debuginfo-8.3.6-1.mga9
php8.3-pdo-8.3.6-1.mga9
php8.3-pgsql-8.3.6-1.mga9
php8.3-session-8.3.6-1.mga9
php8.3-posix-debuginfo-8.3.6-1.mga9
php8.3-filter-debuginfo-8.3.6-1.mga9
php8.3-curl-8.3.6-1.mga9
php8.3-ftp-debuginfo-8.3.6-1.mga9
php8.3-odbc-debuginfo-8.3.6-1.mga9
php8.3-sodium-8.3.6-1.mga9
php8.3-bcmath-debuginfo-8.3.6-1.mga9
php8.3-gd-8.3.6-1.mga9
php8.3-sockets-8.3.6-1.mga9
php8.3-iconv-debuginfo-8.3.6-1.mga9
php8.3-imap-8.3.6-1.mga9
php8.3-pcntl-debuginfo-8.3.6-1.mga9
php8.3-zip-8.3.6-1.mga9
php8.3-xmlreader-debuginfo-8.3.6-1.mga9
php8.3-doc-8.3.6-1.mga9
php8.3-ldap-8.3.6-1.mga9
php8.3-pdo_pgsql-debuginfo-8.3.6-1.mga9
php8.3-zlib-debuginfo-8.3.6-1.mga9
php8.3-pdo_mysql-debuginfo-8.3.6-1.mga9
php8.3-pdo_firebird-debuginfo-8.3.6-1.mga9
php8.3-xsl-debuginfo-8.3.6-1.mga9
php8.3-gmp-8.3.6-1.mga9
php8.3-pdo_sqlite-debuginfo-8.3.6-1.mga9
php8.3-readline-debuginfo-8.3.6-1.mga9
php8.3-odbc-8.3.6-1.mga9
php8.3-xmlwriter-debuginfo-8.3.6-1.mga9
php8.3-exif-8.3.6-1.mga9
php8.3-ftp-8.3.6-1.mga9
php8.3-tokenizer-debuginfo-8.3.6-1.mga9
php8.3-pdo_dblib-debuginfo-8.3.6-1.mga9
php8.3-sqlite3-8.3.6-1.mga9
php8.3-dba-8.3.6-1.mga9
php8.3-tidy-8.3.6-1.mga9
php8.3-pdo_odbc-debuginfo-8.3.6-1.mga9
php8.3-snmp-8.3.6-1.mga9
php8.3-calendar-debuginfo-8.3.6-1.mga9
php8.3-filter-8.3.6-1.mga9
php8.3-zlib-8.3.6-1.mga9
php8.3-iconv-8.3.6-1.mga9
php8.3-pdo_pgsql-8.3.6-1.mga9
php8.3-enchant-debuginfo-8.3.6-1.mga9
php8.3-bz2-debuginfo-8.3.6-1.mga9
php8.3-posix-8.3.6-1.mga9
php8.3-xmlwriter-8.3.6-1.mga9
php8.3-bcmath-8.3.6-1.mga9
php8.3-pcntl-8.3.6-1.mga9
php8.3-pdo_firebird-8.3.6-1.mga9
php8.3-xmlreader-8.3.6-1.mga9
php8.3-sysvmsg-debuginfo-8.3.6-1.mga9
php8.3-ctype-debuginfo-8.3.6-1.mga9
php8.3-gettext-debuginfo-8.3.6-1.mga9
php8.3-pdo_sqlite-8.3.6-1.mga9
php8.3-pdo_dblib-8.3.6-1.mga9
php8.3-pdo_odbc-8.3.6-1.mga9
php8.3-readline-8.3.6-1.mga9
php8.3-tokenizer-8.3.6-1.mga9
php8.3-sysvshm-debuginfo-8.3.6-1.mga9
php8.3-pdo_mysql-8.3.6-1.mga9
php8.3-xsl-8.3.6-1.mga9
php8.3-calendar-8.3.6-1.mga9
php8.3-bz2-8.3.6-1.mga9
php8.3-enchant-8.3.6-1.mga9
php8.3-shmop-debuginfo-8.3.6-1.mga9
php8.3-sysvsem-debuginfo-8.3.6-1.mga9
php8.3-sysvmsg-8.3.6-1.mga9
php8.3-sysvshm-8.3.6-1.mga9
php8.3-gettext-8.3.6-1.mga9
php8.3-sysvsem-8.3.6-1.mga9
php8.3-shmop-8.3.6-1.mga9
php8.3-fpm-nginx-8.3.6-1.mga9
php8.3-ctype-8.3.6-1.mga9
php8.3-fpm-apache-8.3.6-1.mga9
php-latest-8.3.6-1.mga9
Source RPMs: 
php-8.3.6-1.mga9.src.rpm

QA Contact: (none) => security
Component: RPM Packages => Security
Assignee: mageia => qa-bugs
CVE: (none) => CVE-2024-1874, CVE-2024-3096, CVE-2024-2756

Comment 2 Marc Krämer 2024-04-11 20:51:17 CEST

wrong files :(

SRPM:
php-8.2.18-1.mga9.src.rpm

Files:
php-fpm-8.2.18-1.mga9
php-cgi-8.2.18-1.mga9
phpdbg-8.2.18-1.mga9
php-cli-8.2.18-1.mga9
php-debuginfo-8.2.18-1.mga9
php-intl-debuginfo-8.2.18-1.mga9
apache-mod_php-8.2.18-1.mga9
php-mbstring-debuginfo-8.2.18-1.mga9
php-soap-debuginfo-8.2.18-1.mga9
php-opcache-debuginfo-8.2.18-1.mga9
php-phar-debuginfo-8.2.18-1.mga9
php-opcache-8.2.18-1.mga9
php-mbstring-8.2.18-1.mga9
php-dom-debuginfo-8.2.18-1.mga9
php-intl-8.2.18-1.mga9
php-openssl-debuginfo-8.2.18-1.mga9
php-mysqlnd-debuginfo-8.2.18-1.mga9
php-pdo-debuginfo-8.2.18-1.mga9
php-fileinfo-8.2.18-1.mga9
php-mysqli-debuginfo-8.2.18-1.mga9
php-pgsql-debuginfo-8.2.18-1.mga9
php-soap-8.2.18-1.mga9
php-curl-debuginfo-8.2.18-1.mga9
php-session-debuginfo-8.2.18-1.mga9
php-phar-8.2.18-1.mga9
php-mysqlnd-8.2.18-1.mga9
php-fileinfo-debuginfo-8.2.18-1.mga9
php-sockets-debuginfo-8.2.18-1.mga9
php-ini-8.2.18-1.mga9
php-gd-debuginfo-8.2.18-1.mga9
php-sodium-debuginfo-8.2.18-1.mga9
php-zip-debuginfo-8.2.18-1.mga9
php-ldap-debuginfo-8.2.18-1.mga9
php-imap-debuginfo-8.2.18-1.mga9
php-dom-8.2.18-1.mga9
php-openssl-8.2.18-1.mga9
php-dba-debuginfo-8.2.18-1.mga9
php-gmp-debuginfo-8.2.18-1.mga9
php-snmp-debuginfo-8.2.18-1.mga9
php-exif-debuginfo-8.2.18-1.mga9
php-sqlite3-debuginfo-8.2.18-1.mga9
php-mysqli-8.2.18-1.mga9
php-tidy-debuginfo-8.2.18-1.mga9
php-pgsql-8.2.18-1.mga9
php-ftp-debuginfo-8.2.18-1.mga9
php-odbc-debuginfo-8.2.18-1.mga9
php-filter-debuginfo-8.2.18-1.mga9
php-doc-8.2.18-1.mga9
php-pdo-8.2.18-1.mga9
php-curl-8.2.18-1.mga9
php-bcmath-debuginfo-8.2.18-1.mga9
php-session-8.2.18-1.mga9
php-xmlreader-debuginfo-8.2.18-1.mga9
php-gd-8.2.18-1.mga9
php-pcntl-debuginfo-8.2.18-1.mga9
php-iconv-debuginfo-8.2.18-1.mga9
php-sodium-8.2.18-1.mga9
php-pdo_pgsql-debuginfo-8.2.18-1.mga9
php-posix-debuginfo-8.2.18-1.mga9
php-imap-8.2.18-1.mga9
php-sockets-8.2.18-1.mga9
php-zlib-debuginfo-8.2.18-1.mga9
apache-mod_php-debuginfo-8.2.18-1.mga9
php-exif-8.2.18-1.mga9
php-ldap-8.2.18-1.mga9
php-pdo_mysql-debuginfo-8.2.18-1.mga9
php-pdo_firebird-debuginfo-8.2.18-1.mga9
php-zip-8.2.18-1.mga9
php-xsl-debuginfo-8.2.18-1.mga9
php-readline-debuginfo-8.2.18-1.mga9
php-xmlwriter-debuginfo-8.2.18-1.mga9
php-odbc-8.2.18-1.mga9
php-pdo_sqlite-debuginfo-8.2.18-1.mga9
php-tokenizer-debuginfo-8.2.18-1.mga9
php-gmp-8.2.18-1.mga9
php-pdo_dblib-debuginfo-8.2.18-1.mga9
php-ftp-8.2.18-1.mga9
php-cli-debuginfo-8.2.18-1.mga9
php-calendar-debuginfo-8.2.18-1.mga9
php-dba-8.2.18-1.mga9
php-sqlite3-8.2.18-1.mga9
php-pdo_odbc-debuginfo-8.2.18-1.mga9
php-tidy-8.2.18-1.mga9
php-iconv-8.2.18-1.mga9
php-bz2-debuginfo-8.2.18-1.mga9
php-enchant-debuginfo-8.2.18-1.mga9
php-snmp-8.2.18-1.mga9
php-filter-8.2.18-1.mga9
php-zlib-8.2.18-1.mga9
php-pdo_pgsql-8.2.18-1.mga9
php-xmlreader-8.2.18-1.mga9
php-xmlwriter-8.2.18-1.mga9
php-pcntl-8.2.18-1.mga9
php-fpm-debuginfo-8.2.18-1.mga9
php-pdo_firebird-8.2.18-1.mga9
phpdbg-debuginfo-8.2.18-1.mga9
php-bcmath-8.2.18-1.mga9
php-sysvmsg-debuginfo-8.2.18-1.mga9
php-ctype-debuginfo-8.2.18-1.mga9
php-posix-8.2.18-1.mga9
php-pdo_odbc-8.2.18-1.mga9
php-pdo_sqlite-8.2.18-1.mga9
php-gettext-debuginfo-8.2.18-1.mga9
php-pdo_dblib-8.2.18-1.mga9
php-xsl-8.2.18-1.mga9
php-readline-8.2.18-1.mga9
php-pdo_mysql-8.2.18-1.mga9
php-calendar-8.2.18-1.mga9
php-cgi-debuginfo-8.2.18-1.mga9
php-enchant-8.2.18-1.mga9
php-tokenizer-8.2.18-1.mga9
php-sysvshm-debuginfo-8.2.18-1.mga9
php-sysvmsg-8.2.18-1.mga9
php-bz2-8.2.18-1.mga9
php-sysvshm-8.2.18-1.mga9
php-shmop-debuginfo-8.2.18-1.mga9
php-gettext-8.2.18-1.mga9
php-fpm-nginx-8.2.18-1.mga9
php-ctype-8.2.18-1.mga9
php-shmop-8.2.18-1.mga9
php-sysvsem-8.2.18-1.mga9
php-sysvsem-debuginfo-8.2.18-1.mga9
php-fpm-apache-8.2.18-1.mga9
php-debugsource-8.2.18-1.mga9
php-devel-8.2.18-1.mga9

katnatek 2024-04-12 00:44:29 CEST

Keywords: (none) => advisory

Comment 3 Herman Viaene 2024-04-12 11:27:24 CEST

M9-64 Plasma Wayland on HP Pavillion
No installation issues.
php -S localhost:8000 -t php
Then pointing firefox to http://localhost:8000/create-png.php and http://localhost:8000/sample.php displays correct image and text message.
Works OK and get feedback at the CLI:
[Fri Apr 12 11:15:39 2024] PHP 8.2.18 Development Server (http://localhost:8000) started
[Fri Apr 12 11:15:45 2024] [::1]:42306 Accepted
[Fri Apr 12 11:15:46 2024] [::1]:42306 [200]: GET /create-png.php
[Fri Apr 12 11:15:46 2024] [::1]:42306 Closing
[Fri Apr 12 11:15:57 2024] [::1]:36490 Accepted
[Fri Apr 12 11:15:58 2024] [::1]:36490 [200]: GET /sample.php
[Fri Apr 12 11:15:58 2024] [::1]:36490 Closing
Make sure httpd and mysqld are running, then start phpmyadmin, login,  create a new database testphp8217 and create a new table with PK and unique key and timestamp .
All works OK.

Whiteboard: (none) => MGA9-64-OK
CC: (none) => herman.viaene

Comment 4 katnatek 2024-04-13 04:08:45 CEST

LC_ALL=C urpmi --auto --auto-update 
medium "QA Testing (32-bit)" is up-to-date
medium "QA Testing (64-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date
medium "BDK-Free-x86_64" is up-to-date
medium "BDK-Free-noarch" is up-to-date
medium "BDK-NonFree-x86_64" is up-to-date


installing php-cli-8.2.18-1.mga9.x86_64.rpm php-ini-8.2.18-1.mga9.x86_64.rpm php-fpm-8.2.18-1.mga9.x86_64.rpm php-sysvshm-8.2.18-1.mga9.x86_64.rpm php-sysvsem-8.2.18-1.mga9.x86_64.rpm php-openssl-8.2.18-1.mga9.x86_64.rpm php-zlib-8.2.18-1.mga9.x86_64.rpm php-fpm-apache-8.2.18-1.mga9.x86_64.rpm php-session-8.2.18-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ######################################################################################
      1/9: php-sysvshm           ######################################################################################
      2/9: php-sysvsem           ######################################################################################
      3/9: php-openssl           ######################################################################################
      4/9: php-zlib              ######################################################################################
      5/9: php-ini               ######################################################################################
      6/9: php-cli               ######################################################################################
      7/9: php-session           ######################################################################################
      8/9: php-fpm-apache        ######################################################################################
      9/9: php-fpm               ######################################################################################
      1/9: removing php-fpm-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      2/9: removing php-session-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      3/9: removing php-cli-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      4/9: removing php-ini-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      5/9: removing php-fpm-apache-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      6/9: removing php-openssl-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      7/9: removing php-sysvsem-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################
      8/9: removing php-sysvshm-3:8.2.17-1.mga9.x86_64
                                 ###################################################################################
###
      9/9: removing php-zlib-3:8.2.17-1.mga9.x86_64
                                 ######################################################################################

Test a php page of my projects , test a php script both works as before

CC: (none) => andrewsfarm

Comment 5 Thomas Andrews 2024-04-13 17:30:10 CEST

Thank you, Gentlemen.

Validating.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

Comment 6 Mageia Robot 2024-04-13 18:57:39 CEST

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0132.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED

Note You need to log in before you can comment on or make changes to this bug.