PHP 8.1.30 released

Software 42646 Published by

The PHP 8.1.30 security update fixes issues with CGI, FPM, and SAPI. It gets rid of CVE-2024-4577, fixes problems with cgi.force_redirect configuration, stops children from changing logs, and fixes issues with processing multipart form data.



php-8.1.30

- CGI:
. Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection
Vulnerability). (CVE-2024-8926) (nielsdos)
. Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is
bypassable due to the environment variable collision). (CVE-2024-8927)
(nielsdos)

- FPM:
. Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered).
(CVE-2024-9026) (Jakub Zelenka)

- SAPI:
. Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data).
(CVE-2024-8925) (Arnaud)

Release php-8.1.30 · php/php-src

Boost (SSA:2024-270-01) update for Slackware

Windows 11 KB5043145 (OS Builds 22621.4249 and 22631.4249) Preview released

Windows

Linux

macOS

Community

  • dhamu
    Hello Phil, I have a Linux Tutorial website that curre ...
  • StephanX
    Hi friends, i am new in the Linux universe but i try to ...
  • Philipp
    I would try the XanMod kernel: https://xanmod.org  I ...