Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 941598 (CVE-2024-8925, CVE-2024-8927, CVE-2024-9026)

Summary: <dev-lang/php-{8.1.30,8.2.24,8.3.12}: multiple vulnerabilities
Product: Gentoo Security Reporter: Michael Orlitzky <mjo>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: mjo, php-bugs
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://www.php.net/ChangeLog-8.php#8.3.12
Whiteboard: B1 [glsa+]
Package list:
Runtime testing required: ---
Bug Depends on: 941599    
Bug Blocks:    

Description Michael Orlitzky gentoo-dev 2024-10-15 23:55:53 UTC
* https://www.php.net/ChangeLog-8.php#8.1.30
* https://www.php.net/ChangeLog-8.php#8.2.24
* https://www.php.net/ChangeLog-8.php#8.3.12

Only 8.1 and 8.2 are stable, the vulnerable 8.3 ebuild is gone already.
Comment 1 Larry the Git Cow gentoo-dev 2025-01-23 07:27:19 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=681de9cd0cd49ec8f318f71af0c5917f69f302d8

commit 681de9cd0cd49ec8f318f71af0c5917f69f302d8
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2025-01-23 07:26:35 +0000
Commit:     Hans de Graaff <graaff@gentoo.org>
CommitDate: 2025-01-23 07:27:18 +0000

    [ GLSA 202501-11 ] PHP: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/941598
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: Hans de Graaff <graaff@gentoo.org>

 glsa-202501-11.xml | 54 ++++++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 54 insertions(+)