Fedora 36: php 2022-ec0491574d
Summary
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
**PHP version 8.1.8** (07 Jul 2022) **Core:** * Fixed bug
[GH-8338](https://github.com/php/php-src/issues/8338) (Intel CET is disabled
unintentionally). (Chen, Hu) * Fixed leak in Enum::from/tryFrom for internal
enums when using JIT (ilutov) * Fixed calling internal methods with a static
return type from extension code. (Sara) * Fixed bug
[GH-8655](https://github.com/php/php-src/issues/8655) (Casting an object to
array does not unwrap refcount=1 references). (Nicolas Grekas) * Fixed potential
use after free in php_binary_init(). (Heiko Weber) **CLI:** * Fixed
[GH-8827](https://github.com/php/php-src/issues/8827) (Intentionally closing std
handles no longer possible). (cmb) **Curl:** * Fixed CURLOPT_TLSAUTH_TYPE is
not treated as a string option. (Pierrick) **Date:** * Fixed bug php#72963
(Null-byte injection in CreateFromFormat and related functions). (Derick) *
Fixed bug php#74671 (DST timezone abbreviation has incorrect offset). (Derick) *
Fixed bug php#77243 (Weekdays are calculated incorrectly for negative years).
(Derick) * Fixed bug php#78139 (timezone_open accepts invalid timezone string
argument). (Derick) **Fileinfo:** * Fixed bug php#81723 (Heap buffer overflow
in finfo_buffer). (**CVE-2022-31627**) (cmb) **FPM:** * Fixed bug php#67764
(fpm: syslog.ident don't work). (Jakub Zelenka) **GD:** * Fixed
imagecreatefromavif() memory leak. (cmb) **MBString:** * mb_detect_encoding
recognizes all letters in Czech alphabet (alexdowad) * mb_detect_encoding
recognizes all letters in Hungarian alphabet (alexdowad) * Fixed bug
[GH-8685](https://github.com/php/php-src/issues/8685) (pcre not ready at
mbstring startup). (Remi) * Backwards-compatible mappings for 0x5C/0x7E in
Shift-JIS are restored, after they had been changed in 8.1.0. (Alex Dowad)
**ODBC:** * Fixed handling of single-key connection strings. (Calvin Buckley)
**OPcache:** * Fixed bug [GH-8591](https://github.com/php/php-src/issues/8591)
(tracing JIT crash after private instance method change). (Arnaud, Dmitry, Oleg
Stepanischev) **OpenSSL:** * Fixed bug php#50293 (Several openssl functions
ignore the VCWD). (Jakub Zelenka, cmb) * Fixed bug php#81713 (NULL byte
injection in several OpenSSL functions working with certificates). (Jakub
Zelenka) **PDO_ODBC:** * Fixed handling of single-key connection strings.
(Calvin Buckley)
* Wed Jul 6 2022 Remi Collet
- Update to 8.1.8 - https://www.php.net/releases/8_1_8.php
su -c 'dnf upgrade --advisory FEDORA-2022-ec0491574d' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
FEDORA-2022-ec0491574d 2022-07-15 01:15:23.604929 Product : Fedora 36 Version : 8.1.8 Release : 1.fc36 URL : https://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. **PHP version 8.1.8** (07 Jul 2022) **Core:** * Fixed bug [GH-8338](https://github.com/php/php-src/issues/8338) (Intel CET is disabled unintentionally). (Chen, Hu) * Fixed leak in Enum::from/tryFrom for internal enums when using JIT (ilutov) * Fixed calling internal methods with a static return type from extension code. (Sara) * Fixed bug [GH-8655](https://github.com/php/php-src/issues/8655) (Casting an object to array does not unwrap refcount=1 references). (Nicolas Grekas) * Fixed potential use after free in php_binary_init(). (Heiko Weber) **CLI:** * Fixed [GH-8827](https://github.com/php/php-src/issues/8827) (Intentionally closing std handles no longer possible). (cmb) **Curl:** * Fixed CURLOPT_TLSAUTH_TYPE is not treated as a string option. (Pierrick) **Date:** * Fixed bug php#72963 (Null-byte injection in CreateFromFormat and related functions). (Derick) * Fixed bug php#74671 (DST timezone abbreviation has incorrect offset). (Derick) * Fixed bug php#77243 (Weekdays are calculated incorrectly for negative years). (Derick) * Fixed bug php#78139 (timezone_open accepts invalid timezone string argument). (Derick) **Fileinfo:** * Fixed bug php#81723 (Heap buffer overflow in finfo_buffer). (**CVE-2022-31627**) (cmb) **FPM:** * Fixed bug php#67764 (fpm: syslog.ident don't work). (Jakub Zelenka) **GD:** * Fixed imagecreatefromavif() memory leak. (cmb) **MBString:** * mb_detect_encoding recognizes all letters in Czech alphabet (alexdowad) * mb_detect_encoding recognizes all letters in Hungarian alphabet (alexdowad) * Fixed bug [GH-8685](https://github.com/php/php-src/issues/8685) (pcre not ready at mbstring startup). (Remi) * Backwards-compatible mappings for 0x5C/0x7E in Shift-JIS are restored, after they had been changed in 8.1.0. (Alex Dowad) **ODBC:** * Fixed handling of single-key connection strings. (Calvin Buckley) **OPcache:** * Fixed bug [GH-8591](https://github.com/php/php-src/issues/8591) (tracing JIT crash after private instance method change). (Arnaud, Dmitry, Oleg Stepanischev) **OpenSSL:** * Fixed bug php#50293 (Several openssl functions ignore the VCWD). (Jakub Zelenka, cmb) * Fixed bug php#81713 (NULL byte injection in several OpenSSL functions working with certificates). (Jakub Zelenka) **PDO_ODBC:** * Fixed handling of single-key connection strings. (Calvin Buckley) * Wed Jul 6 2022 Remi Collet - 8.1.8-1 - Update to 8.1.8 - https://www.php.net/releases/8_1_8.php su -c 'dnf upgrade --advisory FEDORA-2022-ec0491574d' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Change Log
References