Announcements: * https://news-web.php.net/php.announce/423 * https://news-web.php.net/php.announce/424 * https://news-web.php.net/php.announce/425 CVEs: * CVE-2024-1874 * CVE-2024-2756 * CVE-2024-2757 * CVE-2024-3096 Fixed versions are 8.1.28 (stable), 8.2.18 (stable), and 8.3.6 (unstable). Sorry in advance for not knowing how to express this in the summary :)
*** Bug 929930 has been marked as a duplicate of this bug. ***
No worries! In the future could you put the CVEs in the alias too? :)
Also, if possible, please consider committing each new version in a separate commit (ditto cleanups).
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=30ce731e4321742de9b62d58a1f60dbe0cb57e0d commit 30ce731e4321742de9b62d58a1f60dbe0cb57e0d Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-08-12 07:39:21 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-08-12 07:43:34 +0000 [ GLSA 202408-32 ] PHP: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/889882 Bug: https://bugs.gentoo.org/895416 Bug: https://bugs.gentoo.org/908259 Bug: https://bugs.gentoo.org/912331 Bug: https://bugs.gentoo.org/929929 Bug: https://bugs.gentoo.org/933752 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202408-32.xml | 71 ++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+)