-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-da047483d8 2025-07-13 02:56:45.883677+00:00 -------------------------------------------------------------------------------- Name : php Product : Fedora 41 Version : 8.3.23 Release : 1.fc41 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. -------------------------------------------------------------------------------- Update Information: PHP version 8.3.23 (03 Jul 2025) Core: Fixed GH-18695 (zend_ast_export() - float number is not preserved). (Oleg Efimov) Do not delete main chunk in zend_gc. (danog, Arnaud) Fix compile issues with zend_alloc and some non-default options. (nielsdos) Curl: Fix memory leak when setting a list via curl_setopt fails. (nielsdos) Fix incorrect OpenSSL version detection. (Peter Kokot) Date: Fix leaks with multiple calls to DatePeriod iterator current(). (nielsdos) FPM: Fixed GH-18662 (fpm_get_status segfault). (txuna) Hash: Fixed bug GH-14551 (PGO build fails with xxhash). (nielsdos) Intl: Fix memory leak in intl_datetime_decompose() on failure. (nielsdos) Fix memory leak in locale lookup on failure. (nielsdos) ODBC: Fix memory leak on php_odbc_fetch_hash() failure. (nielsdos) Opcache: Fixed bug GH-18743 (Incompatibility in Inline TLS Assembly on Alpine 3.22). (nielsdos, Arnaud) OpenSSL: Fix memory leak of X509_STORE in php_openssl_setup_verify() on failure. (nielsdos) Fixed bug php#74796 (Requests through http proxy set peer name). (Jakub Zelenka) PGSQL: Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735) (Jakub Zelenka) Phar: Add missing filter cleanups on phar failure. (nielsdos) Fixed bug GH-18642 (Signed integer overflow in ext/phar fseek). (nielsdos) PHPDBG: Fix 'phpdbg --help' segfault on shutdown with USE_ZEND_ALLOC=0. (nielsdos) PDO ODBC: Fix memory leak if WideCharToMultiByte() fails. (nielsdos) PGSQL: Fix warning not being emitted when failure to cancel a query with pg_cancel_query(). (Girgias) Random: Fix reference type confusion and leak in user random engine. (nielsdos, timwolla) Readline: Fix memory leak when calloc() fails in php_readline_completion_cb(). (nielsdos) SOAP: Fix memory leaks in php_http.c when call_user_function() fails. (nielsdos) Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491) (Lekssays, nielsdos) Standard: Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220) (Jakub Zelenka) Tidy: Fix memory leak in tidy output handler on error. (nielsdos) Fix tidyOptIsReadonly deprecation, using tidyOptGetCategory. (David Carlier) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 2 2025 Remi Collet <remi@xxxxxxxxxxxx> - 8.3.23-1 - Update to 8.3.23 - http://www.php.net/releases/8_3_23.php -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-da047483d8' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
