Remi's RPM repository - Packages

Blog | Support | Repository | Wizard

Jump to letter: [ ABCDEFGHIJLMNOPQRSTUVWXYZ ]

php - PHP scripting language for creating dynamic web sites

Website:
http://www.php.net/
Licence:
PHP-3.01 AND Zend-2.0 AND BSD-2-Clause AND MIT AND Apache-1.0 AND NCSA AND BSL-1.0
Vendor:
Remi's RPM repository <https://rpms.remirepo.net/>
Description:
PHP is an HTML-embedded scripting language. PHP attempts to make it
easy for developers to write dynamically generated web pages. PHP also
offers built-in database integration for several commercial and
non-commercial database management systems, so writing a
database-enabled webpage with PHP is fairly simple. The most common
use of PHP coding is probably as a replacement for CGI scripts.

The php package contains the module (often referred to as mod_php)
which adds support for the PHP language to Apache HTTP Server.

Packages

php-8.4.10-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-07-02): 
- Update to 8.4.10 - http://www.php.net/releases/8_4_10.php
php-8.4.9~RC1-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-06-18): 
- Update to 8.4.9RC1
php-8.4.8-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-06-04): 
- Update to 8.4.8 - http://www.php.net/releases/8_4_8.php
php-8.4.8~RC1-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-05-21): 
- Update to 8.4.8RC1
- use same build tree for fpm and embed
php-8.4.7-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-05-06): 
- Update to 8.4.7 - http://www.php.net/releases/8_4_7.php
php-8.4.7~RC2-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-05-01): 
- Update to 8.4.7RC2
php-8.4.7~RC1-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-04-22): 
- Update to 8.4.7RC1
php-8.4.6-1.remi.src [13.2 MiB] Changelog by Remi Collet (2025-04-09): 
- Update to 8.4.6 - http://www.php.net/releases/8_4_6.php
php-8.3.23-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-07-02): 
- Update to 8.3.23 - http://www.php.net/releases/8_3_23.php
php-8.3.23~RC1-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-06-18): 
- update to 8.3.23RC1
php-8.3.22-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-06-04): 
- Update to 8.3.22 - http://www.php.net/releases/8_3_22.php
php-8.3.22~RC1-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-05-21): 
- update to 8.3.22RC1
php-8.3.21-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-05-06): 
- Update to 8.3.21 - http://www.php.net/releases/8_3_21.php
php-8.3.21~RC1-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-04-22): 
- update to 8.3.20RC1
php-8.3.20-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-04-09): 
- Update to 8.3.20 - http://www.php.net/releases/8_3_20.php
php-8.3.20~RC1-1.remi.src [12.2 MiB] Changelog by Remi Collet (2025-03-26): 
- update to 8.3.20RC1
php-8.2.29-1.remi.src [11.8 MiB] Changelog by Remi Collet (2025-07-02): 
- Update to 8.2.29 - http://www.php.net/releases/8_2_29.php
php-8.2.28-1.remi.src [11.8 MiB] Changelog by Remi Collet (2025-03-12): 
- Update to 8.2.28 - http://www.php.net/releases/8_2_28.php
- use oracle client library version 23.7 on x86_64 and arm64
php-8.2.27-1.remi.src [11.8 MiB] Changelog by Remi Collet (2024-12-17): 
- Update to 8.2.27 - http://www.php.net/releases/8_2_27.php
php-8.2.27~RC1-1.remi.src [11.8 MiB] Changelog by Remi Collet (2024-12-03): 
- update to 8.2.27RC1
php-8.2.26-1.remi.src [11.8 MiB] Changelog by Remi Collet (2024-11-20): 
- Update to 8.2.26 - http://www.php.net/releases/8_2_26.php
php-8.2.26~RC1-1.remi.src [11.8 MiB] Changelog by Remi Collet (2024-11-06): 
- update to 8.2.26RC1
php-8.2.25-1.remi.src [11.8 MiB] Changelog by Remi Collet (2024-10-23): 
- Update to 8.2.25 - http://www.php.net/releases/8_2_25.php
php-8.2.25~RC1-1.remi.src [11.8 MiB] Changelog by Remi Collet (2024-10-09): 
- update to 8.2.25RC1
php-8.1.33-1.remi.src [11.6 MiB] Changelog by Remi Collet (2025-07-02): 
- Update to 8.1.33 - http://www.php.net/releases/8_1_33.php
php-8.1.32-1.remi.src [11.6 MiB] Changelog by Remi Collet (2025-03-12): 
- Update to 8.1.32 - http://www.php.net/releases/8_1_32.php
- use oracle client library version 23.7 on x86_64 and arm64
php-8.1.31-2.remi.src [11.6 MiB] Changelog by Remi Collet (2025-02-13): 
- backport fix for ICU 74+
php-8.1.31-1.remi.src [11.6 MiB] Changelog by Remi Collet (2024-11-20): 
- Update to 8.1.31 - http://www.php.net/releases/8_1_31.php
php-8.1.30-1.remi.src [11.5 MiB] Changelog by Remi Collet (2024-09-27): 
- Update to 8.1.30 - http://www.php.net/releases/8_1_30.php
- use ICU 74.2
php-8.1.29-2.remi.src [11.5 MiB] Changelog by Remi Collet (2024-07-31): 
- use oracle client library version 23.5 on x86_64
php-8.1.29-1.remi.src [11.5 MiB] Changelog by Remi Collet (2024-06-05): 
- Update to 8.1.29 - http://www.php.net/releases/8_1_29.php
php-8.1.28-1.remi.src [11.5 MiB] Changelog by Remi Collet (2024-04-10): 
- Update to 8.1.28 - http://www.php.net/releases/8_1_28.php
php-8.0.30-14.remi.src [10.7 MiB] Changelog by Remi Collet (2025-07-03): 
- Fix pgsql extension does not check for errors during escaping
  CVE-2025-1735
- Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
  CVE-2025-6491
- Fix Null byte termination in hostnames
  CVE-2025-1220
php-8.0.30-13.remi.src [10.7 MiB] Changelog by Remi Collet (2025-03-13): 
- Fix libxml streams use wrong `content-type` header when requesting a redirected resource
  CVE-2025-1219
- Fix Stream HTTP wrapper header check might omit basic auth header
  CVE-2025-1736
- Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
  CVE-2025-1861
- Fix Streams HTTP wrapper does not fail for headers without colon
  CVE-2025-1734
- Fix Header parser of `http` stream wrapper does not handle folded headers
  CVE-2025-1217
- use oracle client library version 23.7 on x86_64 and aarch64
php-8.0.30-12.remi.src [10.7 MiB] Changelog by Remi Collet (2025-02-13): 
- backport fix for ICU 74+
php-8.0.30-11.remi.src [10.7 MiB] Changelog by Remi Collet (2024-11-27): 
- Fix Leak partial content of the heap through heap buffer over-read
  CVE-2024-8929
php-8.0.30-10.remi.src [10.6 MiB] Changelog by Remi Collet (2024-11-22): 
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
  GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
  CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233
php-8.0.30-9.remi.src [10.6 MiB] Changelog by Remi Collet (2024-09-26): 
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
  CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
- Fix Logs from childrens may be altered
  CVE-2024-9026
- Fix Erroneous parsing of multipart form data
  CVE-2024-8925
- use ICU 74.2
php-8.0.30-8.remi.src [10.6 MiB] Changelog by Remi Collet (2024-07-31): 
- add backport for https://bugs.php.net/79589
  error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
php-8.0.30-7.remi.src [10.6 MiB] Changelog by Remi Collet (2024-07-31): 
- use oracle client library version 23.5 on x86_64
php-7.4.33-24.remi.src [10.3 MiB] Changelog by Remi Collet (2025-07-03): 
- Fix pgsql extension does not check for errors during escaping
  CVE-2025-1735
- Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
  CVE-2025-6491
- Fix Null byte termination in hostnames
  CVE-2025-1220
php-7.4.33-23.remi.src [10.3 MiB] Changelog by Remi Collet (2025-03-17): 
- Fix libxml streams use wrong `content-type` header when requesting a redirected resource
  CVE-2025-1219
- Fix Stream HTTP wrapper header check might omit basic auth header
  CVE-2025-1736
- Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
  CVE-2025-1861
- Fix Streams HTTP wrapper does not fail for headers without colon
  CVE-2025-1734
- Fix Header parser of `http` stream wrapper does not handle folded headers
  CVE-2025-1217
- use oracle client library version 23.7 on x86_64 and aarch64
php-7.4.33-22.remi.src [10.3 MiB] Changelog by Remi Collet (2025-02-13): 
- backport fix for ICU 74+
php-7.4.33-21.remi.src [10.3 MiB] Changelog by Remi Collet (2024-11-27): 
- Fix Leak partial content of the heap through heap buffer over-read
  CVE-2024-8929
php-7.4.33-20.remi.src [10.3 MiB] Changelog by Remi Collet (2024-11-22): 
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
  GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
  CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233
php-7.4.33-19.remi.src [10.2 MiB] Changelog by Remi Collet (2024-11-15): 
- disable firebird on EL-10
php-7.4.33-18.remi.src [10.2 MiB] Changelog by Remi Collet (2024-09-26): 
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
  CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
- Fix Logs from childrens may be altered
  CVE-2024-9026
- Fix Erroneous parsing of multipart form data
  CVE-2024-8925
- use ICU 74.2
php-7.4.33-17.remi.src [10.2 MiB] Changelog by Remi Collet (2024-08-26): 
- add backport for https://bugs.php.net/79589
  error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
php-7.3.33-18.remi.src [11.9 MiB] Changelog by Remi Collet (2024-11-27): 
- Fix Leak partial content of the heap through heap buffer over-read
  CVE-2024-8929
php-7.3.33-17.remi.src [11.9 MiB] Changelog by Remi Collet (2024-11-22): 
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
  GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
  CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233
php-7.3.33-16.remi.src [11.9 MiB] Changelog by Remi Collet (2024-09-26): 
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
  CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
- Fix Erroneous parsing of multipart form data
  CVE-2024-8925
php-7.3.33-15.remi.src [11.9 MiB] Changelog by Remi Collet (2024-07-31): 
- use oracle client library version 23.5 on x86_64
php-7.3.33-14.remi.src [11.8 MiB] Changelog by Remi Collet (2024-06-04): 
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
  CVE-2024-5458
php-7.3.33-13.remi.src [11.8 MiB] Changelog by Remi Collet (2024-04-10): 
- use oracle client library version 21.11 on x86_64, 19.19 on aarch64
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
php-7.3.33-12.remi.src [11.8 MiB] Changelog by Remi Collet (2023-09-21): 
- use oracle client library version 21.11 on x86_64, 19.19 on aarch64
- use official Oracle Instant Client RPM
php-7.3.33-11.remi.src [11.8 MiB] Changelog by Remi Collet (2023-08-01): 
- Fix Security issue with external entity loading in XML without enabling it
  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824
- move httpd/nginx wants directive to config files in /etc
php-7.2.34-25.remi.src [12.0 MiB] Changelog by Remi Collet (2024-11-26): 
- Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
  GHSA-4w77-75f9-2c8w
- Fix OOB access in ldap_escape
  CVE-2024-8932
- Fix Integer overflow in the dblib/firebird quoter causing OOB writes
  CVE-2024-11236
- Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
  CVE-2024-11234
- Fix Single byte overread with convert.quoted-printable-decode filter
  CVE-2024-11233
php-7.2.34-24.remi.src [12.0 MiB] Changelog by Remi Collet (2024-09-26): 
- Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
  CVE-2024-4577
- Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
  CVE-2024-8926
- Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
  CVE-2024-8927
- Fix Erroneous parsing of multipart form data
  CVE-2024-8925
php-7.2.34-23.remi.src [12.0 MiB] Changelog by Remi Collet (2024-07-31): 
- use oracle client library version 23.5 on x86_64
php-7.2.34-22.remi.src [12.0 MiB] Changelog by Remi Collet (2024-06-04): 
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
  CVE-2024-5458
php-7.2.34-21.remi.src [12.0 MiB] Changelog by Remi Collet (2024-04-10): 
- use oracle client library version 21.13 on x86_64, 19.19 on aarch64
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
php-7.2.34-20.remi.src [12.0 MiB] Changelog by Remi Collet (2023-09-21): 
- use oracle client library version 21.11 on x86_64, 19.19 on aarch64
- use official Oracle Instant Client RPM
php-7.2.34-19.remi.src [12.0 MiB] Changelog by Remi Collet (2023-08-01): 
- Fix Security issue with external entity loading in XML without enabling it
  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824
- move httpd/nginx wants directive to config files in /etc
php-7.2.34-18.remi.src [12.0 MiB] Changelog by Remi Collet (2023-06-20): 
- fix possible buffer overflow in date
php-7.1.33-29.remi.src [12.1 MiB] Changelog by Remi Collet (2024-06-04): 
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
  CVE-2024-5458
php-7.1.33-28.remi.src [12.1 MiB] Changelog by Remi Collet (2024-04-10): 
- use oracle client library version 21.13 on x86_64, 19.19 on aarch64
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
php-7.1.33-27.remi.src [12.1 MiB] Changelog by Remi Collet (2023-08-01): 
- Fix Security issue with external entity loading in XML without enabling it
  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824
php-7.1.33-26.remi.src [12.0 MiB] Changelog by Remi Collet (2023-06-21): 
- fix possible buffer overflow in date
php-7.1.33-25.remi.src [12.0 MiB] Changelog by Remi Collet (2023-06-07): 
- Fix Missing error check and insufficient random bytes in HTTP Digest
  authentication for SOAP
  GHSA-76gg-c692-v2mw
- use oracle client library version 21.10
- define __phpize and __phpconfig
php-7.1.33-24.remi.src [12.0 MiB] Changelog by Remi Collet (2023-02-14): 
- fix #81744: Password_verify() always return true with some hash
  CVE-2023-0567
- fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
- fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662
php-7.1.33-23.remi.src [12.0 MiB] Changelog by Remi Collet (2022-12-19): 
- pdo: fix #81740: PDO::quote() may return unquoted string
  CVE-2022-31631
- use oracle client library version 21.8
php-7.1.33-22.remi.src [11.9 MiB] Changelog by Remi Collet (2022-09-27): 
- phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628
- core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
- use oracle client library version 21.7
php-7.0.33-42.remi.src [11.8 MiB] Changelog by Remi Collet (2024-06-04): 
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
  CVE-2024-5458
php-7.0.33-41.remi.src [11.8 MiB] Changelog by Remi Collet (2024-04-10): 
- use oracle client library version 21.13 on x86_64, 19.19 on aarch64
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
php-7.0.33-40.remi.src [11.8 MiB] Changelog by Remi Collet (2023-08-02): 
- Fix Security issue with external entity loading in XML without enabling it
  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824
php-7.0.33-39.remi.src [11.8 MiB] Changelog by Remi Collet (2023-06-21): 
- fix possible buffer overflow in date
php-7.0.33-38.remi.src [11.8 MiB] Changelog by Remi Collet (2023-06-07): 
- Fix Missing error check and insufficient random bytes in HTTP Digest
  authentication for SOAP
  GHSA-76gg-c692-v2mw
- use oracle client library version 21.10
- define __phpize and __phpconfig
php-7.0.33-37.remi.src [11.8 MiB] Changelog by Remi Collet (2023-02-14): 
- fix #81744: Password_verify() always return true with some hash
  CVE-2023-0567
- fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
- fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662
php-7.0.33-36.remi.src [11.7 MiB] Changelog by Remi Collet (2022-12-20): 
- pdo: fix #81740: PDO::quote() may return unquoted string
  CVE-2022-31631
- use oracle client library version 21.8
php-7.0.33-35.remi.src [11.6 MiB] Changelog by Remi Collet (2022-09-27): 
- phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628
- core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
- use oracle client library version 21.7
php-5.6.40-41.remi.src [12.4 MiB] Changelog by Remi Collet (2024-06-04): 
- Fix filter bypass in filter_var FILTER_VALIDATE_URL
  CVE-2024-5458
php-5.6.40-40.remi.src [12.4 MiB] Changelog by Remi Collet (2024-04-10): 
- use oracle client library version 21.13 on x86_64, 19.19 on aarch64
- Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix
  CVE-2024-2756
- Fix password_verify can erroneously return true opening ATO risk
  CVE-2024-3096
php-5.6.40-39.remi.src [12.4 MiB] Changelog by Remi Collet (2023-08-02): 
- Fix Security issue with external entity loading in XML without enabling it
  GHSA-3qrf-m4j2-pcrr CVE-2023-3823
- Fix Buffer mismanagement in phar_dir_read()
  GHSA-jqcx-ccgc-xwhv CVE-2023-3824
php-5.6.40-38.remi.src [12.4 MiB] Changelog by Remi Collet (2023-06-21): 
- fix possible buffer overflow in date
php-5.6.40-37.remi.src [12.4 MiB] Changelog by Remi Collet (2023-06-07): 
- Fix insufficient random bytes in HTTP Digest authentication for SOAP
  GHSA-76gg-c692-v2mw
- use oracle client library version 21.10
- define __phpize and __phpconfig
php-5.6.40-36.remi.src [12.4 MiB] Changelog by Remi Collet (2023-02-14): 
- fix #81744: Password_verify() always return true with some hash
  CVE-2023-0567
- fix #81746: 1-byte array overrun in common path resolve code
  CVE-2023-0568
- fix DOS vulnerability when parsing multipart request body
  CVE-2023-0662
php-5.6.40-35.remi.src [12.4 MiB] Changelog by Remi Collet (2022-12-20): 
- pdo: fix #81740: PDO::quote() may return unquoted string
  CVE-2022-31631
- use oracle client library version 21.8
php-5.6.40-34.remi.src [12.3 MiB] Changelog by Remi Collet (2022-09-27): 
- phar: fix #81726 DOS when using quine gzip file. CVE-2022-31628
- core: fix #81727 Don't mangle HTTP variable names that clash with ones
  that have a specific semantic meaning. CVE-2022-31629
- use oracle client library version 21.7
php-5.5.38-13.remi.src [11.0 MiB] Changelog by Remi Collet (2022-06-23): 
- rebuild with gd 2.3.3
- myqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626
php-5.4.45-19.remi.src [12.3 MiB] Changelog by Remi Collet (2022-06-23): 
- myqlnd: fix #81719: mysqlnd/pdo password buffer overflow. CVE-2022-31626