Revisions of php8
- version update to 8.3.6 [bsc#1222857] [bsc#1222858]
- version update to 8.3.8 [bsc#1226073] CGI: Fixed buffer limit on Windows, replacing read call usage by _read. Fixed bug GHSA-3qgc-jrrr-25jv (Bypass of CVE-2012-1823, Argument Injection in PHP-CGI). (CVE-2024-4577) CLI: Fixed bug GH-14189 (PHP Interactive shell input state incorrectly handles quoted heredoc literals.). Core: Fixed bug GH-13970 (Incorrect validation of #[Attribute] flags type for non-compile-time expressions). DOM: Fix crashes when entity declaration is removed while still having entity references. Fix references not handled correctly in C14N. Fix crash when calling childNodes next() when iterator is exhausted. Fix crash in ParentNode::append() when dealing with a fragment containing text nodes. Filter: Fixed bug GHSA-w8qr-v226-r27w (Filter bypass in filter_var FILTER_VALIDATE_URL). (CVE-2024-5458) FPM: Fix bug GH-14175 (Show decimal number instead of scientific notation in systemd status). Hash: ext/hash: Swap the checking order of `__has_builtin` and `__GNUC__` (Saki Takamachi) Intl: Fixed build regression on systems without C++17 compilers. MySQLnd: Fix bug GH-14255 (mysqli_fetch_assoc reports error from nested query). Opcache: Fixed bug GH-14109 (Fix accidental persisting of internal class constant in shm). OpenSSL: The openssl_private_decrypt function in PHP and Marvin attack. Standard: Fixed bug GHSA-9fcc-425m-g385 (Bypass of CVE-2024-1874). (CVE-2024-5585) XML:
- version update to 8.3.7 Core: Fixed zend_call_stack build with Linux/uclibc-ng without thread support. Fixed bug GH-13772 (Invalid execute_data->opline pointers in observer fcall handlers when JIT is enabled). Fixed bug GH-13931 (Applying zero offset to null pointer in Zend/zend_opcode.c). Fixed bug GH-13942 (Align the behavior of zend-max-execution-timers with other timeout implementations). Fixed bug GH-14003 (Broken cleanup of unfinished calls with callable convert parameters). Fixed bug GH-14013 (Erroneous dnl appended in configure). Fixed bug GH-10232 (If autoloading occurs during constant resolution filename and lineno are identified incorrectly). Fixed bug GH-13727 (Missing void keyword). Fibers: Fixed bug GH-13903 (ASAN false positive underflow when executing copy()). Fileinfo: Fixed bug GH-13795 (Test failing in ext/fileinfo/tests/bug78987.phpt on big-endian PPC). FPM: Fixed bug GH-13563 (Setting bool values via env in FPM config fails). Intl: Fixed build for icu 74 and onwards. MySQLnd: Fix shift out of bounds on 32-bit non-fast-path platforms. Opcache: Fixed bug GH-13433 (Segmentation Fault in zend_class_init_statics when using opcache.preload). Fixed incorrect assumptions across compilation units for static calls. OpenSSL: Fixed bug GH-10495 (feof on OpenSSL stream hangs indefinitely). PDO SQLite: Fix GH-13984 (Buffer size is now checked before memcmp). Fix GH-13998 (Manage refcount of agg_context->val correctly). Phar: Fixed bug GH-13836 (Renaming a file in a Phar to an already existing filename causes a NULL pointer dereference).
- version update to 8.3.6 Core: Fixed GH-13569 (GC buffer unnecessarily grows up to GC_MAX_BUF_SIZE when scanning WeakMaps). Fixed bug GH-13612 (Corrupted memory in destructor with weak references). Fixed bug GH-13446 (Restore exception handler after it finishes). Fixed bug GH-13784 (AX_GCC_FUNC_ATTRIBUTE failure). Fixed bug GH-13670 (GC does not scale well with a lot of objects created in destructor). DOM: Add some missing ZPP checks. Fix potential memory leak in XPath evaluation results. FPM: Fixed GH-11086 (FPM: config test runs twice in daemonised mode). Fix incorrect check in fpm_shm_free(). GD: Fixed bug GH-12019 (add GDLIB_CFLAGS in feature tests). Gettext: Fixed sigabrt raised with dcgettext/dcngettext calls with gettext 0.22.5 with category set to LC_ALL. MySQLnd: Fix GH-13452 (Fixed handshake response [mysqlnd]). Fix incorrect charset length in check_mb_eucjpms(). Opcache: Fixed GH-13508 (JITed QM_ASSIGN may be optimized out when op1 is null). Fixed GH-13712 (Segmentation fault for enabled observers when calling trait method of internal trait when opcache is loaded). Random: Fixed bug GH-13544 (Pre-PHP 8.2 compatibility for mt_srand with unknown modes). Fixed bug GH-13690 (Global Mt19937 is not properly reset in-between requests when MT_RAND_PHP is used). Session: Fixed bug GH-13680 (Segfault with session_decode and compilation error). SPL: Fixed bug GH-13685 (Unexpected null pointer in zend_string.h).
changes file is diverging because we merged a different branch in
- version update to 8.2.17 * This is a bug fix release.
- Use the system default cipher list instead of hardcoded values by using crypto-policies. [bsc#1211301] * Use the --with-system-ciphers configure option. (forwarded request 1155517 from pmonrealgonzalez)
- version update to 8.2.16 * This is a bug fix release. - modified patches % php-build-reproducible-phar.patch (refreshed)
- version update to 8.2.15 * This is a bug fix release. - modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed)
- version update to 8.2.14 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.14
- version update to 8.2.13 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.13
- version update to 8.2.12 * This is a bug fix release. https://www.php.net/ChangeLog-8.php#8.2.12
- version update to 8.2.11 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.11
- add missing references to rpm changelog - 15sp4 only: [bsc#1200772], [jsc#SLE-24723] add pecl, pear [jsc#SLE-23639] version update - CVE-2023-3247 [bsc#1212349] * fixed: CVE-2022-31630 [bsc#1204979], CVE-2022-37454 [bsc#1204577] * CVEs fixed: CVE-2022-31628 [bsc#1203867], CVE-2022-31629 [bsc#1203870] * CVE-2022-31625 [bsc#1200645] * CVE-2022-31626 [bsc#1200628] * [bsc#1197644] - updated to 8.1.3: This is a security release (CVE-2021-21708 [bsc#1196252]) - updated to 8.0.13: This is a security release (CVE-2021-21707 [bsc#1193041]) - updated to 8.0.12: This is a security release (CVE-2021-21703 [bsc#1192050])
- version update to 8.2.10 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.10
- version update to 8.2.9 * This is a security release. * Fixes CVE-2023-3824 [bsc#1214103] and CVE-2023-3823 [bsc#1214106] * https://www.php.net/ChangeLog-8.php#8.2.9 - deleted patches - php-unicode-allow-redistribution.patch (upstreamed) - deleted sources - repack.sh (not needed)
- version update to 8.2.8 * This is a bug fix release. * https://www.php.net/ChangeLog-8.php#8.2.8 - modified patches % php-sort-filelist-phar.patch (refreshed)
- version update to 8.2.7 * Readonly classes * Disjunctive Normal Form (DNF) Types * Allow null, false, and true as stand-alone types * New "Random" extension * Constants in traits * Deprecate dynamic properties * for details, see https://www.php.net/releases/8.2/en.php https://www.php.net/manual/en/migration82.php - modified patches % php-ar-flags.patch (refreshed) % php-build-reproducible-phar.patch (refreshed) % php-date-regenerate-lexers.patch (refreshed) % php-ini.patch (refreshed) % php-systzdata-v23.patch (refreshed)
- version update to 8.1.20 * This is a security release. * https://www.php.net/ChangeLog-8.php#8.1.20 - force to repack tarball after update https://github.com/php/php-src/issues/11300 - session.save_path set to /var/lib/php8/sessions in mod_php8.conf and www.conf php-fpm pool example - modified sources % mod_php8.conf - added sources + repack.sh + php-unicode-allow-redistribution.patch
Displaying revisions 1 - 20 of 69