Overview

File _patchinfo of Package patchinfo.41627

<patchinfo incident="41627">
  <issue tracker="jsc" id="PED-13850">Customer requests php7 packages be added to PackageHub</issue>
  <issue tracker="cve" id="2025-14178"/>
  <issue tracker="bnc" id="1255711">VUL-0: CVE-2025-14178: php53,php7,php8: heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE</issue>
  <packager>pgajdos</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for php7</summary>
  <description>This update for php7 fixes the following issues:

Security fixes:

- CVE-2025-14178: heap buffer overflow occurs in array_merge() when the total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE (bsc#1255711).

Other fixes:

- Add all php7 packages to PackageHUB (unsupported), no source changes. (bsc#1251932)
  </description>
</patchinfo>
openSUSE Build Service is sponsored by
Places