MGASA-2022-0056 - Updated php-adodb packages fix security vulnerability

Publication date: 12 Feb 2022
URL: https://advisories.mageia.org/MGASA-2022-0056.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2021-3850

Security hotfix release addressing a critical vulnerability in PostgreSQL
connections (CVE-2021-3850)

Additional fixes:
Fix usage of get_magic_* functions #619 #657
Fix PHP warning in _rs2rs() function #679
pdo: Fix Fatal error in _query() #666
pdo: Fix undefined variable #678
pgsql: Fix Fatal error in _close() method (PHP8) #666
pgsql: fix deprecated function aliases (PHP8) #667
text: fix Cannot pass parameter by reference #668
Add support for persistent connections in PDO driver #650
Connect to SQL Server database on a specified port. #624
DSN database connection with password containing # fails #651
Metacolumns returns wrong type for integer fields in Mysql 8 #642
Uninitialized Variable access in mssqlnative ErrorNo() method #637

References:
- https://bugs.mageia.org/show_bug.cgi?id=30008
- https://github.com/ADOdb/ADOdb/releases/tag/v5.20.21
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3850

SRPMS:
- 8/core/php-adodb-5.20.21-1.mga8