PHP 7.4.30 8.1.7 und 8.0.20 Security Release

PHP Logo

Die Entwickler von PHP haben Security Updates für PHP 7.4, 8.0 und 8.1 veröffentlicht.

PHP 8.1.7 Release Notes

  • CLI:
    • Fixed bug #8575 (CLI closes standard streams too early).
  • Date:
    • Fixed bug #51934 (strtotime plurals / incorrect time).
    • Fixed bug #51987 (Datetime fails to parse an ISO 8601 ordinal date (extended format)).
    • Fixed bug #66019 (DateTime object does not support short ISO 8601 time format – YYYY-MM-DDTHH)
    • Fixed bug #68549 (Timezones and offsets are not properly used when working with dates)
    • Fixed bug #81565 (date parsing fails when provided with timezones including seconds).
    • Fixed bug #7758 (Problems with negative timestamps and fractions).
  • FPM:
    • Fixed ACL build check on MacOS.
    • Fixed bug #72185: php-fpm writes empty fcgi record causing nginx 502.
  • mysqlnd:
    • Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
  • OPcache:
    • Fixed bug #8461 (tracing JIT crash after function/method change).
  • OpenSSL:
    • Fixed bug #79589 (error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading).
  • Pcntl:
    • Fixed Haiku build.
  • pgsql:
    • Fixed bug #81720: Uninitialized array in pg_query_params(). (CVE-2022-31625)
  • Soap:
    • Fixed bug #8578 (Error on wrong parameter on SoapHeader constructor).
    • Fixed bug #8538 (SoapClient may strip parts of nmtokens).
  • SPL:
    • Fixed bug #8235 (iterator_count() may run indefinitely).
  • Standard:
    • Fixed bug #8185 (Crash during unloading of extension after dl() in ZTS).
  • Zip:
    • Fixed type for index in ZipArchive::replaceFile.

PHP 8.0.20 Release Notes

  • CLI:
    • Fixed bug #8575 (CLI closes standard streams too early).
  • Core:
    • Fixed Haiku ZTS builds.
  • Date:
    • Fixed bug #8471 (Segmentation fault when converting immutable and mutable DateTime instances created using reflection).
  • FPM:
    • Fixed ACL build check on MacOS.
    • Fixed bug #72185: php-fpm writes empty fcgi record causing nginx 502.
  • Mysqlnd:
    • Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
  • OPcache:
    • Fixed bug #8466 (ini_get() is optimized out when the option does not exist).
  • Pcntl:
    • Fixed Haiku build.
  • Pgsql:
    • Fixed bug #81720: Uninitialized array in pg_query_params(). (CVE-2022-31625)
  • Soap:
    • Fixed bug #8578 (Error on wrong parameter on SoapHeader constructor).
    • Fixed bug #8538 (SoapClient may strip parts of nmtokens).
  • SPL:
    • Fixed bug #8235 (iterator_count() may run indefinitely).
  • Zip:
    • Fixed type for index in ZipArchive::replaceFile.

PHP 7.4.30 Release Notes

  • mysqlnd:
    • Fixed bug #81719: mysqlnd/pdo password buffer overflow. (CVE-2022-31626)
  • pgsql:
    • Fixed bug #81720: Uninitialized array in pg_query_params(). (CVE-2022-31625)

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht.