Overview

File _patchinfo of Package patchinfo.24708

<patchinfo incident="24708">
  <issue tracker="cve" id="2021-21707"/>
  <issue tracker="cve" id="2022-31625"/>
  <issue tracker="cve" id="2022-31626"/>
  <issue tracker="bnc" id="1193041">VUL-0: CVE-2021-21707: php72,php7,php74,php53,php5: php: special character breaks path in xml parsing</issue>
  <issue tracker="bnc" id="1200628">VUL-0: CVE-2022-31626: php72,php8,php74,php5,php7,php53: buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver</issue>
  <issue tracker="bnc" id="1200645">VUL-0: CVE-2022-31625: php5,php72,php8,php74,php53,php7: uninitialized pointers free in Postgres extension</issue>
  <packager>pgajdos</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for php8</summary>
  <description>This update for php8 fixes the following issues:

- CVE-2021-21707: Fixed a special character that breaks path in xml parsing. (bsc#1193041)
- CVE-2022-31625: Fixed uninitialized pointers free in Postgres extension. (bsc#1200645)
- CVE-2022-31626: Fixed buffer overflow via user-supplied password when using pdo_mysql extension with mysqlnd driver. (bsc#1200628)
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places