File _patchinfo of Package patchinfo.42122
<patchinfo incident="42122">
<issue tracker="cve" id="2025-14177"/>
<issue tracker="cve" id="2025-14178"/>
<issue tracker="cve" id="2025-14180"/>
<issue tracker="bnc" id="1255710">VUL-0: CVE-2025-14177: php53,php7,php8: getimagesize() function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode</issue>
<issue tracker="bnc" id="1255712">VUL-0: CVE-2025-14180: php53,php7,php8: null pointer dereference in pdo_parse_params() function when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled</issue>
<issue tracker="bnc" id="1255711">VUL-0: CVE-2025-14178: php53,php7,php8: heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE</issue>
<packager>pgajdos</packager>
<rating>moderate</rating>
<category>security</category>
<summary>Security update for php8</summary>
<description>This update for php8 fixes the following issues:
Security fixes:
- CVE-2025-14177: getimagesize() function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk mode (bsc#1255710).
- CVE-2025-14178: heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE (bsc#1255711).
- CVE-2025-14180: null pointer dereference in pdo_parse_params() function when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled (bsc#1255712).
Other fixes:
- Update to 8.2.30:
Curl:
Fix curl build and test failures with version 8.16.
Opcache:
Reset global pointers to prevent use-after-free in zend_jit_status().
PDO:
Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null deref). (CVE-2025-14180)
Standard:
Fixed GHSA-www2-q4fc-65wf (Null byte termination in dns_get_record()).
Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()). (CVE-2025-14178)
Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize). (CVE-2025-14177)
</description>
</patchinfo>
