Advisories » MGASA-2022-0406

Updated php packages fix security vulnerability

Publication date: 01 Nov 2022
Modification date: 01 Nov 2022
Type: security
Affected Mageia releases : 8

Description

GD - Fixed bug #81739: OOB read due to insufficient input validation in
imageloadfont().
Hash - Fixed bug #81738: buffer overflow in hash_update() on long
parameter.
Session - Fixed bug GH-9583 (session_create_id() fails with user defined
save handler that doesn't have a validateId() method).
Streams - Fixed bug GH-9590 (stream_select does not abort upon exception
or empty valid fd set)
                

References

• https://bugs.mageia.org/show_bug.cgi?id=31041
• https://www.php.net/ChangeLog-8.php#8.0.25

SRPMS

8/core

• php-8.0.25-1.mga8