Security update for php81
This update for php81 fixes the following issues:
Version update to 8.1.28
* Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos) [boo#1222857]
* Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
opening ATO risk). (CVE-2024-3096) (Jakub Zelenka) [boo#1222858]
-
Submitted by
Petr Gajdos (pgajdos)
Fixed bugs
bnc#1222858
VUL-0: CVE-2024-3096: php5,php53,php7,php72,php74,php8: php: password_verify can erroneously return true, opening ATO risk
bnc#1222857
VUL-0: CVE-2024-2756: php5,php53,php7,php72,php74,php8: php: host/secure cookie bypass due to partial fix
