Summary: | <dev-lang/php-{7.4.33,8.0.25,8.1.12}: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | mjo, php-bugs |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://mouha.be/sha-3-buffer-overflow/ | ||
See Also: | https://bugs.php.net/bug.php?id=81738 | ||
Whiteboard: | B2 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 879333 | ||
Bug Blocks: | 877849 |
Description
John Helmert III
2022-10-21 16:05:54 UTC
Will be fixed in the next release Thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=933e9dbff1dade86d2492c6a6f18dbc69f70caed commit 933e9dbff1dade86d2492c6a6f18dbc69f70caed Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-10-28 18:20:34 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-10-28 18:22:16 +0000 dev-lang/php: Version bump for 8.1.12 Bug: https://bugs.gentoo.org/877853 Bug: https://bugs.gentoo.org/878133 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-8.1.12.ebuild | 757 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 758 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7f2e081926e4380728f98037cda3e3b7aaf4410f commit 7f2e081926e4380728f98037cda3e3b7aaf4410f Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-10-28 17:47:34 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-10-28 18:22:16 +0000 dev-lang/php: Version bump for 8.0.25 Bug: https://bugs.gentoo.org/877853 Bug: https://bugs.gentoo.org/878133 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-8.0.25.ebuild | 759 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 760 insertions(+) Thanks! Please stabilize when ready. Do we know if 7.4 is affected? (In reply to John Helmert III from comment #4) > Thanks! Please stabilize when ready. Do we know if 7.4 is affected? Yes this was applied to the 7.4 branch. I will wait a few days for a release before localizing these patches into a revbump. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9788a266bffae184d77b33abfb39cd38003be75 commit d9788a266bffae184d77b33abfb39cd38003be75 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-11-03 13:01:49 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-11-03 13:02:14 +0000 dev-lang/php: Version bump for 7.4.33 Bug: https://bugs.gentoo.org/877853 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-7.4.33.ebuild | 749 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 750 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=782bbfabc6969db4a521238fa5e5bdc6c295e942 commit 782bbfabc6969db4a521238fa5e5bdc6c295e942 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2022-11-18 16:10:27 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2022-11-18 16:10:27 +0000 dev-lang/php: Drop old versions Bug: https://bugs.gentoo.org/877853 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 3 - dev-lang/php/php-7.4.32.ebuild | 748 ---------------------------------------- dev-lang/php/php-8.0.24.ebuild | 758 ----------------------------------------- dev-lang/php/php-8.1.11.ebuild | 756 ---------------------------------------- 4 files changed, 2265 deletions(-) Added to existing GLSA request. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=a1c6623b6eaf15e917c58aa4f27b51911625e28f commit a1c6623b6eaf15e917c58aa4f27b51911625e28f Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-11-19 03:32:18 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-11-22 03:59:39 +0000 [ GLSA 202211-03 ] PHP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/867913 Bug: https://bugs.gentoo.org/873376 Bug: https://bugs.gentoo.org/877853 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202211-03.xml | 65 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 65 insertions(+) GLSA released, all done! |