SECURITY: Fedora 36 Update: php-8.1.8-1.fc36
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2022-ec0491574d
2022-07-15 01:15:23.604929
--------------------------------------------------------------------------------
Name : php
Product : Fedora 36
Version : 8.1.8
Release : 1.fc36
URL : http://www.php.net/
Summary : PHP scripting language for creating dynamic web sites
Description :
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.
--------------------------------------------------------------------------------
Update Information:
**PHP version 8.1.8** (07 Jul 2022) **Core:** * Fixed bug
[GH-8338]( https://github.com/php/php-src/issues/8338) (Intel CET is disabled
unintentionally). (Chen, Hu) * Fixed leak in Enum::from/tryFrom for internal
enums when using JIT (ilutov) * Fixed calling internal methods with a static
return type from extension code. (Sara) * Fixed bug
[GH-8655]( https://github.com/php/php-src/issues/8655) (Casting an object to
array does not unwrap refcount=1 references). (Nicolas Grekas) * Fixed potential
use after free in php_binary_init(). (Heiko Weber) **CLI:** * Fixed
[GH-8827]( https://github.com/php/php-src/issues/8827) (Intentionally closing std
handles no longer possible). (cmb) **Curl:** * Fixed CURLOPT_TLSAUTH_TYPE is
not treated as a string option. (Pierrick) **Date:** * Fixed bug php#72963
(Null-byte injection in CreateFromFormat and related functions). (Derick) *
Fixed bug php#74671 (DST timezone abbreviation has incorrect offset). (Derick) *
Fixed bug php#77243 (Weekdays are calculated incorrectly for negative years).
(Derick) * Fixed bug php#78139 (timezone_open accepts invalid timezone string
argument). (Derick) **Fileinfo:** * Fixed bug php#81723 (Heap buffer overflow
in finfo_buffer). (**CVE-2022-31627**) (cmb) **FPM:** * Fixed bug php#67764
(fpm: syslog.ident don't work). (Jakub Zelenka) **GD:** * Fixed
imagecreatefromavif() memory leak. (cmb) **MBString:** * mb_detect_encoding
recognizes all letters in Czech alphabet (alexdowad) * mb_detect_encoding
recognizes all letters in Hungarian alphabet (alexdowad) * Fixed bug
[GH-8685]( https://github.com/php/php-src/issues/8685) (pcre not ready at
mbstring startup). (Remi) * Backwards-compatible mappings for 0x5C/0x7E in
Shift-JIS are restored, after they had been changed in 8.1.0. (Alex Dowad)
**ODBC:** * Fixed handling of single-key connection strings. (Calvin Buckley)
**OPcache:** * Fixed bug [GH-8591]( https://github.com/php/php-src/issues/8591)
(tracing JIT crash after private instance method change). (Arnaud, Dmitry, Oleg
Stepanischev) **OpenSSL:** * Fixed bug php#50293 (Several openssl functions
ignore the VCWD). (Jakub Zelenka, cmb) * Fixed bug php#81713 (NULL byte
injection in several OpenSSL functions working with certificates). (Jakub
Zelenka) **PDO_ODBC:** * Fixed handling of single-key connection strings.
(Calvin Buckley)
--------------------------------------------------------------------------------
ChangeLog:
* Wed Jul 6 2022 Remi Collet - 8.1.8-1
- Update to 8.1.8 - http://www.php.net/releases/8_1_8.php
--------------------------------------------------------------------------------
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2022-ec0491574d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
A php security update has been released for Fedora 36.
