Fedora: 2022-ec0491574d Important: Bug Fixes for PHP Version 8.1.8

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

**PHP version 8.1.8** (07 Jul 2022) **Core:** * Fixed bug

[GH-8338](https://github.com/php/php-src/issues/8338) (Intel CET is disabled

unintentionally). (Chen, Hu) * Fixed leak in Enum::from/tryFrom for internal

enums when using JIT (ilutov) * Fixed calling internal methods with a static

return type from extension code. (Sara) * Fixed bug

[GH-8655](https://github.com/php/php-src/issues/8655) (Casting an object to

array does not unwrap refcount=1 references). (Nicolas Grekas) * Fixed potential

use after free in php_binary_init(). (Heiko Weber) **CLI:** * Fixed

[GH-8827](https://github.com/php/php-src/issues/8827) (Intentionally closing std

handles no longer possible). (cmb) **Curl:** * Fixed CURLOPT_TLSAUTH_TYPE is

not treated as a string option. (Pierrick) **Date:** * Fixed bug php#72963

(Null-byte injection in CreateFromFormat and related functions). (Derick) *

Fixed bug php#74671 (DST timezone abbreviation has incorrect offset). (Derick) *

Fixed bug php#77243 (Weekdays are calculated incorrectly for negative years).

(Derick) * Fixed bug php#78139 (timezone_open accepts invalid timezone string

argument). (Derick) **Fileinfo:** * Fixed bug php#81723 (Heap buffer overflow

in finfo_buffer). (**CVE-2022-31627**) (cmb) **FPM:** * Fixed bug php#67764

(fpm: syslog.ident don't work). (Jakub Zelenka) **GD:** * Fixed

imagecreatefromavif() memory leak. (cmb) **MBString:** * mb_detect_encoding

recognizes all letters in Czech alphabet (alexdowad) * mb_detect_encoding

recognizes all letters in Hungarian alphabet (alexdowad) * Fixed bug

[GH-8685](https://github.com/php/php-src/issues/8685) (pcre not ready at

mbstring startup). (Remi) * Backwards-compatible mappings for 0x5C/0x7E in

Shift-JIS are restored, after they had been changed in 8.1.0. (Alex Dowad)

**ODBC:** * Fixed handling of single-key connection strings. (Calvin Buckley)

**OPcache:** * Fixed bug [GH-8591](https://github.com/php/php-src/issues/8591)

(tracing JIT crash after private instance method change). (Arnaud, Dmitry, Oleg

Stepanischev) **OpenSSL:** * Fixed bug php#50293 (Several openssl functions

ignore the VCWD). (Jakub Zelenka, cmb) * Fixed bug php#81713 (NULL byte

injection in several OpenSSL functions working with certificates). (Jakub

Zelenka) **PDO_ODBC:** * Fixed handling of single-key connection strings.

(Calvin Buckley)

* Wed Jul 6 2022 Remi Collet - 8.1.8-1

- Update to 8.1.8 - https://www.php.net/releases/8_1_8.php

su -c 'dnf upgrade --advisory FEDORA-2022-ec0491574d' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure