Debian 10225 Published by

Ondřej Surý has released PHP 8.3.0RC1, 8.2.10, 8.1.23, 8.0.30, 7.4.33-14, 7.3.33-14, 7.2.34-43, 7.1.33-56, 7.0.33-68, and 5.6.40-68 packages for Debian GNU/Linux 10 LTS, 11, and 12.





To add the repository:
#!/bin/bash # To add this repository please do:

if [ "$(whoami)" != "root" ]; then
SUDO=sudo
fi

${SUDO} apt-get -y install apt-transport-https lsb-release ca-certificates curl
${SUDO} wget -O /etc/apt/trusted.gpg.d/php.gpg https://packages.sury.org/php/apt.gpg
${SUDO} sh -c 'echo "deb https://packages.sury.org/php/ $(lsb_release -sc) main" > /etc/apt/sources.list.d/php.list'
${SUDO} apt-get update

php-8.3.0RC1

- Core:
. Fixed bug GH-11937 (Constant ASTs containing objects). (ilutov)
. Introduced Zend guard recursion protection to fix __debugInfo issue.
(Jakub Zelenka)
. Fixed bug GH-11790 (On riscv64 require libatomic if actually needed).
(Jeremie Courreges-Anglas)
. Fixed oss-fuzz #61712 (assertion failure with error handler during binary
op). (nielsdos)
- DOM:
. Fixed GH-11952 (Confusing warning when blocking entity loading via
libxml_set_external_entity_loader). (nielsdos)

- FFI:
. Implement GH-11934 (Allow to pass CData into struct and/or union fields).
(nielsdos, KapitanOczywisty)

- FPM:
. Fixed bug #76067 (system() function call leaks php-fpm listening sockets).
(Mikhail Galanin, Jakub Zelenka)

- Standard:
. Added $before_needle argument to strrchr(). (HypeMC)
. Fixed GH-11982 (str_getcsv returns null byte for unterminated enclosure).
(Jakub Zelenka)

- Streams:
. Fixed bug #52335 (fseek() on memory stream behavior different than file).
(Jakub Zelenka)
. Fixed bug #76857 (Can read "non-existant" files). (Jakub Zelenka)

php-8.2.10

- CLI:
. Fixed bug GH-11716 (cli server crashes on SIGINT when compiled with
ZEND_RC_DEBUG=1). (nielsdos)
. Fixed bug GH-10964 (Improve man page about the built-in server).
(Alexandre Daubois)

- Date:
. Fixed bug GH-11416 (Crash with DatePeriod when uninitialised objects are
passed in). (Derick)

- Core:
. Fixed strerror_r detection at configuration time. (Kévin Dunglas)
. Fixed trait typed properties using a DNF type not being correctly bound.
(Girgias)
. Fixed trait property types not being arena allocated if copied from
an internal trait. (Girgias)
. Fixed deep copy of property DNF type during lazy class load.
(Girgias, ilutov)
. Fixed memory freeing of DNF types for non arena allocated types.
(Girgias, ju1ius)

- DOM:
. Fix DOMEntity field getter bugs. (nielsdos)
. Fix incorrect attribute existence check in DOMElement::setAttributeNodeNS.
(nielsdos)
. Fix DOMCharacterData::replaceWith() with itself. (nielsdos)
. Fix empty argument cases for DOMParentNode methods. (nielsdos)
. Fixed bug GH-11791 (Wrong default value of DOMDocument::xmlStandalone).
(nielsdos)
. Fix json_encode result on DOMDocument. (nielsdos)
. Fix manually calling __construct() on DOM classes. (nielsdos)
. Fixed bug GH-11830 (ParentNode methods should perform their checks
upfront). (nielsdos)
. Fix viable next sibling search for replaceWith. (nielsdos)
. Fix segfault when DOMParentNode::prepend() is called when the child
disappears. (nielsdos)

- FFI:
. Fix leaking definitions when using FFI::cdef()->new(...). (ilutov)

- Hash:
. Fix use-of-uninitialized-value in hash_pbkdf2(), fix missing $options
parameter in signature. (ilutov)

- MySQLnd:
. Fixed bug GH-11440 (authentication to a sha256_password account fails over
SSL). (nielsdos)
. Fixed bug GH-11438 (mysqlnd fails to authenticate with sha256_password
accounts using passwords longer than 19 characters).
(nielsdos, Kamil Tekiela)
. Fixed bug GH-11550 (MySQL Statement has a empty query result when
the response field has changed, also Segmentation fault).
(Yurunsoft)
. Fixed invalid error message "Malformed packet" when connection is dropped.
(Kamil Tekiela)

- Opcache:
. Fixed bug GH-11715 (opcache.interned_strings_buffer either has no effect or
opcache_get_status() / phpinfo() is wrong). (nielsdos)
. Avoid adding an unnecessary read-lock when loading script from shm if
restart is in progress. (mikhainin)

- PCNTL:
. Revert behaviour of receiving SIGCHLD signals back to the behaviour
before 8.1.22. (nielsdos)

- SPL:
. Fixed bug #81992 (SplFixedArray::setSize() causes use-after-free).
(nielsdos)

- Standard:
. Prevent int overflow on $decimals in number_format. (Marc Bennewitz)
. Fixed bug GH-11870 (Fix off-by-one bug when truncating tempnam prefix)
(athos-ribeiro)

php-8.1.23

- CLI:
. Fixed bug GH-11716 (cli server crashes on SIGINT when compiled with
ZEND_RC_DEBUG=1). (nielsdos)
. Fixed bug GH-10964 (Improve man page about the built-in server).
(Alexandre Daubois)

- Core:
. Fixed strerror_r detection at configuration time. (Kévin Dunglas)

- Date:
. Fixed bug GH-11416: Crash with DatePeriod when uninitialised objects
are passed in. (Derick)

- DOM:
. Fix DOMEntity field getter bugs. (nielsdos)
. Fix incorrect attribute existence check in DOMElement::setAttributeNodeNS.
(nielsdos)
. Fix DOMCharacterData::replaceWith() with itself. (nielsdos)
. Fix empty argument cases for DOMParentNode methods. (nielsdos)
. Fixed bug GH-11791 (Wrong default value of DOMDocument::xmlStandalone).
(nielsdos)
. Fix json_encode result on DOMDocument. (nielsdos)
. Fix manually calling __construct() on DOM classes. (nielsdos)
. Fixed bug GH-11830 (ParentNode methods should perform their checks
upfront). (nielsdos)
. Fix segfault when DOMParentNode::prepend() is called when the child
disappears. (nielsdos)

- FFI:
. Fix leaking definitions when using FFI::cdef()->new(...). (ilutov)

- MySQLnd:
. Fixed bug GH-11440 (authentication to a sha256_password account fails over
SSL). (nielsdos)
. Fixed bug GH-11438 (mysqlnd fails to authenticate with sha256_password
accounts using passwords longer than 19 characters).
(nielsdos, Kamil Tekiela)
. Fixed bug GH-11550 (MySQL Statement has a empty query result when
the response field has changed, also Segmentation fault).
(Yurunsoft)
. Fixed invalid error message "Malformed packet" when connection is dropped.
(Kamil Tekiela)

- Opcache:
. Fixed bug GH-11715 (opcache.interned_strings_buffer either has no effect or
opcache_get_status() / phpinfo() is wrong). (nielsdos)
. Avoid adding an unnecessary read-lock when loading script from shm if
restart is in progress. (mikhainin)

- PCNTL:
. Revert behaviour of receiving SIGCHLD signals back to the behaviour
before 8.1.22. (nielsdos)

- SPL:
. Fixed bug #81992 (SplFixedArray::setSize() causes use-after-free).
(nielsdos)

- Standard:
. Prevent int overflow on $decimals in number_format. (Marc Bennewitz)
. Fixed bug GH-11870 (Fix off-by-one bug when truncating tempnam prefix)
(athos-ribeiro)

php-8.0.30, 7.4.33-8, 7.3.33-14, 7.2.34-43, 7.1.33-56, 7.0.33-68, 5.6.40-68

- Libxml:
. Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading
in XML without enabling it). (CVE-2023-3823) (nielsdos, ilutov)

- Phar:
. Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()).
(CVE-2023-3824) (nielsdos)

PHP 8.2.0

PHP Packages
Issues Tracker