Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 40 Security Advisory: PHP 8.3.19 Fixes Memory Leaks and Overflows

fedora
Calendar Grey March 21, 2025
Dist Fedora Esm H88
Fedora 40 has released urgent security advisories for PHP, addressing critical issues like memory leaks and stack overflows, essential for PHP application integrity
PHP version 8.3.19 (13 Mar 2025) BCMath: Fixed bug GH-17398 (bcmul memory leak)

Summary

PHP is an HTML-embedded scripting language. PHP attempts to make it

easy for developers to write dynamically generated web pages. PHP also

offers built-in database integration for several commercial and

non-commercial database management systems, so writing a

database-enabled webpage with PHP is fairly simple. The most common

use of PHP coding is probably as a replacement for CGI scripts.

Update Information:

PHP version 8.3.19 (13 Mar 2025) BCMath: Fixed bug GH-17398 (bcmul memory leak). (SakiTakamachi) Core: Fixed bug GH-17623 (Broken stack overflow detection for variable compilation). (ilutov) Fixed bug GH-17618 (UnhandledMatchError does not take zend.exception_ignore_args=1 into account). (timwolla) Fix fallback paths in fast_long_{add,sub}_function. (nielsdos) Fixed bug GH-17718 (Calling static methods on an interface that has __callStatic is allowed). (timwolla) Fixed bug GH-17797 (zend_test_compile_string crash on invalid script path). (David Carlier) Fixed GHSA-rwp7-7vc6-8477 (Reference counting in php_request_shutdown causes Use-After-Free). (CVE-2024-11235) (ilutov) DOM: Fixed bug GH-17847 (xinclude destroys live node). (nielsdos) FFI: Fix FFI Parsing of Pointer Declaration Lists. (davnotdev) FPM: Fixed bug GH-17643 (FPM with httpd ProxyPass encoded PATH_INFO env). (Jakub Zelenka) GD: Fixed bug GH-17772 (imagepalettetotruecolor crash with memory_limit=2M)...

Topics%20covered

Topics Covered

security advisory Fedora php bug fix memory leak stack overflow

Change Log

* Wed Mar 12 2025 Remi Collet - 8.3.19-1 - Update to 8.3.19 - http://www.php.net/releases/8_3_19.php * Wed Mar 12 2025 Remi Collet - 8.3.18-1 - Update to 8.3.18 -

References

Fedora Update Notification FEDORA-2025-4e7e2c40e0 2025-03-21 01:22:02.983818+00:00 Name : php Product : Fedora 40 Version : 8.3.19 Release : 1.fc40 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts.

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-4e7e2c40e0' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php
Product: Fedora 40
Version: 8.3.19
Release: 1.fc40
URL: http://www.php.net/
Summary: PHP scripting language for creating dynamic web sites

Topics%20covered

Topics Covered

security advisory Fedora php bug fix memory leak stack overflow

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here