Advisories » MGASA-2022-0056

Updated php-adodb packages fix security vulnerability

Publication date: 12 Feb 2022
Modification date: 12 Feb 2022
Type: security
Affected Mageia releases : 8
CVE: CVE-2021-3850

Description

Security hotfix release addressing a critical vulnerability in PostgreSQL
connections (CVE-2021-3850)

Additional fixes:
Fix usage of get_magic_* functions #619 #657
Fix PHP warning in _rs2rs() function #679
pdo: Fix Fatal error in _query() #666
pdo: Fix undefined variable #678
pgsql: Fix Fatal error in _close() method (PHP8) #666
pgsql: fix deprecated function aliases (PHP8) #667
text: fix Cannot pass parameter by reference #668
Add support for persistent connections in PDO driver #650
Connect to SQL Server database on a specified port. #624
DSN database connection with password containing # fails #651
Metacolumns returns wrong type for integer fields in Mysql 8 #642
Uninitialized Variable access in mssqlnative ErrorNo() method #637
                

References

• https://bugs.mageia.org/show_bug.cgi?id=30008
• https://github.com/ADOdb/ADOdb/releases/tag/v5.20.21
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3850

SRPMS

8/core

• php-adodb-5.20.21-1.mga8