Opened 3 years ago

Closed 3 years ago

Last modified 3 years ago

#16752 closed enhancement (fixed)

php-8.1.8

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: elevated Milestone: 11.2
Component: BOOK Version: git
Severity: normal Keywords:
Cc:

Description

New point version.

Change History (4)

comment:1 by Douglas R. Reno, 3 years ago

Owner: changed from blfs-book to Douglas R. Reno
Priority: normalelevated
Status: newassigned

comment:2 by Douglas R. Reno, 3 years ago

From https://www.php.net/ChangeLog-8.php#8.1.8:

--- 07 Jul 2022

Core:

Fixed bug GH-8338 (Intel CET is disabled unintentionally).

Fixed leak in Enum::from/tryFrom for internal enums when using JIT

Fixed calling internal methods with a static return type from extension code.

Fixed bug GH-8655 (Casting an object to array does not unwrap refcount=1 references).

Fixed potential use after free in php_binary_init().

CLI:

Fixed GH-8827 (Intentionally closing std handles no longer possible).

COM:

Fixed bug GH-8778 (Integer arithmethic with large number variants fails).

Curl:

Fixed CURLOPT_TLSAUTH_TYPE is not treated as a string option.

Date:

Fixed bug #72963 (Null-byte injection in CreateFromFormat and related functions).

Fixed bug #74671 (DST timezone abbreviation has incorrect offset).

Fixed bug #77243 (Weekdays are calculated incorrectly for negative years).

Fixed bug #78139 (timezone_open accepts invalid timezone string argument).

Fileinfo:

Fixed bug #81723 (Heap buffer overflow in finfo_buffer). (CVE-2022-31627)

FPM:

Fixed bug #67764 (fpm: syslog.ident don't work).

GD:

Fixed imagecreatefromavif() memory leak.

MBString:

mb_detect_encoding recognizes all letters in Czech alphabet

mb_detect_encoding recognizes all letters in Hungarian alphabet

Fixed bug GH-8685 (pcre not ready at mbstring startup).

Backwards-compatible mappings for 0x5C/0x7E in Shift-JIS are restored, after they had been changed in 8.1.0.

ODBC:

Fixed handling of single-key connection strings.

OPcache:

Fixed bug GH-8591 (tracing JIT crash after private instance method change).

OpenSSL:

Fixed bug #50293 (Several openssl functions ignore the VCWD).

Fixed bug #81713 (NULL byte injection in several OpenSSL functions working with certificates).

PDO_ODBC:

Fixed handling of single-key connection strings.

Zip:

Fixed bug GH-8781 (ZipArchive::close deletes zip file without updating stat cache).

---

CVE-2022-31627 is the CVE

comment:3 by Douglas R. Reno, 3 years ago

Resolution: fixed
Status: assignedclosed
Note: See TracTickets for help on using tickets.