rpms/php/php80.git, branch master

Fix Null byte termination in dns_get_record()

2025-12-18T07:13:35+00:00

  GHSA-www2-q4fc-65wf
Fix Heap buffer overflow in array_merge()
  CVE-2025-14178
Fix Information Leak of Memory in getimagesize
  CVE-2025-14177

update keyring

2025-07-03T08:16:59+00:00

Fix pgsql extension does not check for errors during escaping

2025-07-03T08:16:36+00:00

  CVE-2025-1735
Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
  CVE-2025-6491
Fix Null byte termination in hostnames
  CVE-2025-1220

Fix libxml streams use wrong `content-type` header when requesting a redirected resource

2025-03-13T10:10:48+00:00

  CVE-2025-1219
Fix Stream HTTP wrapper header check might omit basic auth header
  CVE-2025-1736
Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
  CVE-2025-1861
Fix Streams HTTP wrapper does not fail for headers without colon
  CVE-2025-1734
Fix Header parser of `http` stream wrapper does not handle folded headers
  CVE-2025-1217
use oracle client library version 23.7 on x86_64 and aarch64

better fix

2025-02-13T14:54:35+00:00

backport fix for ICU 74+

2025-02-13T10:24:43+00:00

backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+
backport fix for ICU 74+

update Oracle version

2025-01-21T13:39:41+00:00

Fix Leak partial content of the heap through heap buffer over-read

2024-11-27T10:59:13+00:00

  CVE-2024-8929

Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface

2024-11-22T09:18:23+00:00

  GHSA-4w77-75f9-2c8w
Fix OOB access in ldap_escape
  CVE-2024-8932
Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233

Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI

2024-09-26T11:40:35+00:00

  CVE-2024-4577
Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
Fix Logs from childrens may be altered
  CVE-2024-9026
Fix Erroneous parsing of multipart form data
  CVE-2024-8925
use ICU 74.2