CVE-2022-31628 (https://bugs.php.net/bug.php?id=81726): In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop. CVE-2022-31629 (https://bugs.php.net/bug.php?id=81727): In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications. The bug reports are private so far, but maybe we can trust the CVE descriptions here? I've not seen release notifications yet.
Well, 7.4.32 is released to fix these and 7.4.31 was skipped.
8.1.11 is released.
commit fe94a60bc978b8b1aa9bd45f4f5ae6503325863e Author: Brian Evans <grknight@gentoo.org> Date: Thu Sep 29 13:29:26 2022 -0400 dev-lang/php: Version bump for 8.1.11 Signed-off-by: Brian Evans <grknight@gentoo.org> commit 6d148e5f3eeb4db3cad1672ca234cea261a1320e Author: Brian Evans <grknight@gentoo.org> Date: Thu Sep 29 13:10:13 2022 -0400 dev-lang/php: Version bump for 7.4.32 Signed-off-by: Brian Evans <grknight@gentoo.org> Please stabilize.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=381d51ea868d35beb755abb17bf1f01053ebace4 commit 381d51ea868d35beb755abb17bf1f01053ebace4 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-09-30 19:49:36 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-09-30 19:49:36 +0000 dev-lang/php: Version bump for 8.0.24 Bug: https://bugs.gentoo.org/873376 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-8.0.24.ebuild | 758 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 759 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a7f8cbc67adf4cc0132ec89eed8872a8d2c6f8f3 commit a7f8cbc67adf4cc0132ec89eed8872a8d2c6f8f3 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-10-03 14:05:06 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-10-03 14:05:06 +0000 dev-lang/php: Drop security vulnerable versions Bug: https://bugs.gentoo.org/873376 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 8 - dev-lang/php/php-7.4.30-r1.ebuild | 748 ------------------------------------- dev-lang/php/php-7.4.30.ebuild | 746 ------------------------------------- dev-lang/php/php-8.0.20.ebuild | 758 ------------------------------------- dev-lang/php/php-8.0.21.ebuild | 758 ------------------------------------- dev-lang/php/php-8.0.22.ebuild | 758 ------------------------------------- dev-lang/php/php-8.0.23.ebuild | 758 ------------------------------------- dev-lang/php/php-8.1.10.ebuild | 756 ------------------------------------- dev-lang/php/php-8.1.8.ebuild | 759 -------------------------------------- dev-lang/php/php-8.1.9.ebuild | 756 ------------------------------------- 10 files changed, 6805 deletions(-)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a1c6623b6eaf15e917c58aa4f27b51911625e28f commit a1c6623b6eaf15e917c58aa4f27b51911625e28f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-11-19 03:32:18 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-11-22 03:59:39 +0000 [ GLSA 202211-03 ] PHP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/867913 Bug: https://bugs.gentoo.org/873376 Bug: https://bugs.gentoo.org/877853 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202211-03.xml | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+)
GLSA released, all done!
