Fedora 43 phpunit8 Critical Code Execution Flaw FEDORA-2026-dad4e31f49
fedora
February 5, 2026
Version 8.5.52 - 2026-01-27 Changed To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the t...
Summary
PHPUnit is a programmer-oriented testing framework for PHP.
It is an instance of the xUnit architecture for unit testing frameworks.
This package provides the version 8 of PHPUnit,
available using the phpunit8 command.
Documentation: https://phpunit.de/documentation.html
Update Information:
Version 8.5.52 - 2026-01-27 Changed To prevent Poisoned Pipeline Execution (PPE) attacks using prepared .coverage files in pull requests, a PHPT test will no longer be run if the temporary file for writing code coverage information already exists before the test runs Version 8.5.51 - 2026-01-24 Changed PHPUnit\Framework\MockObject exceptions subtypes of PHPUnit\Exception
Change Log
* Tue Jan 27 2026 Remi Collet
References
[ 1 ] Bug #2433681 - CVE-2026-24765 phpunit8: PHPUnit: Arbitrary code execution via unsafe deserialization of code coverage files [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2433681
Update Instructions
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-dad4e31f49' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Name: phpunit8
Product: Fedora 43
Version: 8.5.52
Release: 1.fc43
Summary: The PHP Unit Testing framework version 8
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!