"This is a security release" according to the 8.1.14 release announcement, and I see this in the changelog: "Fixed bug #81740 (PDO::quote() may return unquoted string). (CVE-2022-31631)" Unsure if there's any other security-relevant changes.
8.2.1 is also released.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ea29351e6d832a664c9205ece3e60ef28ca8917a commit ea29351e6d832a664c9205ece3e60ef28ca8917a Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2023-01-05 21:29:41 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2023-01-05 21:30:13 +0000 dev-lang/php: Version bump for 8.1.14 Bug: https://bugs.gentoo.org/889882 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-8.1.14.ebuild | 757 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 758 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=227858dba6257113140653f501de91625567cc5c commit 227858dba6257113140653f501de91625567cc5c Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2023-01-05 21:11:33 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2023-01-05 21:30:13 +0000 dev-lang/php: Version bump for 8.0.27 Bug: https://bugs.gentoo.org/889882 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-8.0.27.ebuild | 759 +++++++++++++++++++++++++++++++++++++++++ 2 files changed, 760 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7cb74e0dfb7422871ba57d0dc76fc8531576f32e commit 7cb74e0dfb7422871ba57d0dc76fc8531576f32e Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2023-01-05 20:46:07 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2023-01-05 21:30:13 +0000 dev-lang/php: Apply CVE-2022-31631 patch to 7.4.33 Bug: https://bugs.gentoo.org/889882 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/files/php-7.4.33-CVE-2022-31631.patch | 50 ++ dev-lang/php/php-7.4.33-r1.ebuild | 750 +++++++++++++++++++++ 2 files changed, 800 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=335f8c2846f9c33f907d5deb92ead13a690f12c7 commit 335f8c2846f9c33f907d5deb92ead13a690f12c7 Author: Brian Evans <grknight@gentoo.org> AuthorDate: 2023-01-06 00:08:12 +0000 Commit: Brian Evans <grknight@gentoo.org> CommitDate: 2023-01-06 00:08:12 +0000 dev-lang/php: Version bump for 8.2.1 Bug: https://bugs.gentoo.org/889882 Signed-off-by: Brian Evans <grknight@gentoo.org> dev-lang/php/Manifest | 1 + dev-lang/php/php-8.2.1.ebuild | 759 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 760 insertions(+)
Please stabilize when ready.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=30ce731e4321742de9b62d58a1f60dbe0cb57e0d commit 30ce731e4321742de9b62d58a1f60dbe0cb57e0d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-12 07:39:21 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-12 07:43:34 +0000 [ GLSA 202408-32 ] PHP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/889882 Bug: https://bugs.gentoo.org/895416 Bug: https://bugs.gentoo.org/908259 Bug: https://bugs.gentoo.org/912331 Bug: https://bugs.gentoo.org/929929 Bug: https://bugs.gentoo.org/933752 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-32.xml | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+)