"Fixed bug #81723 (Heap buffer overflow in finfo_buffer). (CVE-2022-31627)" Please stabilize 8.1.8. Presumably other branches will get the patch too, so no need to clean them up.
(In reply to John Helmert III from comment #0) > "Fixed bug #81723 (Heap buffer overflow in finfo_buffer). (CVE-2022-31627)" > > Please stabilize 8.1.8. Presumably other branches will get the patch > too, so no need to clean them up. This bug is specific to the 8.1 slot. It stems from a custom patch created by the PHP team specifically for 8.1. Older versions apparently did things differently.
Thanks!
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4cdeacff00b3466376b13bed5d05ce970f6e3ceb commit 4cdeacff00b3466376b13bed5d05ce970f6e3ceb Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-07-09 12:48:56 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-07-09 12:51:59 +0000 dev-lang/php: Drop old Bug: https://bugs.gentoo.org/857054 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 - dev-lang/php/php-8.1.7.ebuild | 759 ------------------------------------------ 2 files changed, 760 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=4447c90f117a8f0928cc5e880f3cfc9fde7ee918 commit 4447c90f117a8f0928cc5e880f3cfc9fde7ee918 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-09-29 14:23:13 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-09-29 14:48:00 +0000 [ GLSA 202209-20 ] PHP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/799776 Bug: https://bugs.gentoo.org/810526 Bug: https://bugs.gentoo.org/819510 Bug: https://bugs.gentoo.org/833585 Bug: https://bugs.gentoo.org/850772 Bug: https://bugs.gentoo.org/857054 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202209-20.xml | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+)
GLSA released, all done!