Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 39: FEDORA-2024-52c23ef1ec Moderate: PHP Buffer Fix and Updates

fedora
Calendar Grey June 13, 2024
Dist Fedora Esm H88
PHP 8.2.20 has launched revisions focused on optimizing memory thresholds, rectifying security flaws, and enhancing functionalities for Fedora 39.
PHP version 8.2.20 (06 Jun 2024) CGI: Fixed buffer limit on Windows, replacing read call usage by _read

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

Update Information:

PHP version 8.2.20 (06 Jun 2024) CGI: Fixed buffer limit on Windows, replacing read call usage by _read. (David Carlier) Fixed bug GHSA-3qgc-jrrr-25jv (Bypass of CVE-2012-1823, Argument Injection in PHP-CGI). (CVE-2024-4577) (nielsdos) CLI: Fixed bug GH-14189 (PHP Interactive shell input state incorrectly handles quoted heredoc literals.). (nielsdos) Core: Fixed bug GH-13970 (Incorrect validation of #[Attribute] flags type for non- compile-time expressions). (ilutov) Fixed bug GH-14140 (Floating point bug in range operation on Apple Silicon hardware). (Derick, Saki) DOM: Fix crashes when entity declaration is removed while still having entity references. (nielsdos) Fix references not handled correctly in C14N. (nielsdos) Fix crash when calling childNodes next() when iterator is exhausted. (nielsdos) Fix crash in ParentNode::append() when dealing with a fragment containing text nodes. (nielsdos) FFI: Fixed bug GH-14215 (Cannot use FFI::load on CRLF header file w...

Topics%20covered

Topics Covered

security advisory software update Fedora php web server buffer fix argument injection

Change Log

* Tue Jun 4 2024 Remi Collet - 8.2.20-1 - Update to 8.2.20 - http://www.php.net/releases/8_2_20.php

References


[ 1 ] Bug #2291252 - CVE-2024-5458 php: Filter bypass in filter_var (FILTER_VALIDATE_URL) https://bugzilla.redhat.com/show_bug.cgi?id=2291252

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-52c23ef1ec' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Name: php
Product: Fedora 39
Version: 8.2.20
Release: 1.fc39
URL: http://www.php.net/
Summary: PHP scripting language for creating dynamic web sites

Topics%20covered

Topics Covered

security advisory software update Fedora php web server buffer fix argument injection

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here