Overview

File _patchinfo of Package patchinfo.27342

<patchinfo incident="27342">
  <issue tracker="bnc" id="1206958">VUL-0: CVE-2022-31631: php53,php7,php72,php74,php8,php5: Due to an integer overflow PDO:quote() may return unquoted string</issue>
  <issue tracker="cve" id="2022-31631"/>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for php8</summary>
  <description>This update for php8 fixes the following issues:

- Updated to version 8.0.27:
  - CVE-2022-31631: Fixed an issue where PDO::quote would return an
    unquoted string (bsc#1206958).

Non-security fixes:
  - Fixed a NULL pointer dereference with -w/-s options.
  - Fixed a crash in Generator when interrupted during argument
    evaluation with extra named params.
  - Fixed a crash in Generator when memory limit was exceeded during
    initialization.
  - Fixed a memory leak in Generator when interrupted during argument
    evaluation.
  - Fixed an issue in the DateTimeZone constructor where an extra null
    byte could be added to the input.
  - Fixed a hang in SaltStack when using php-fpm 8.1.11.
  - Fixed mysqli_query warnings being shown despite using silenced
    error mode.
  - Fixed a NULL pointer dereference when serializing a SOAP response
    call.
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places