-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2025-2c344545bf 2025-07-13 04:19:28.747341+00:00 -------------------------------------------------------------------------------- Name : php Product : Fedora 42 Version : 8.4.10 Release : 1.fc42 URL : http://www.php.net/ Summary : PHP scripting language for creating dynamic web sites Description : PHP is an HTML-embedded scripting language. PHP attempts to make it easy for developers to write dynamically generated web pages. PHP also offers built-in database integration for several commercial and non-commercial database management systems, so writing a database-enabled webpage with PHP is fairly simple. The most common use of PHP coding is probably as a replacement for CGI scripts. -------------------------------------------------------------------------------- Update Information: PHP version 8.4.10 (03 Jul 2025) BcMath: Fixed bug GH-18641 (Accessing a BcMath\Number property by ref crashes). (nielsdos) Core: Fixed bugs GH-17711 and GH-18022 (Infinite recursion on deprecated attribute evaluation) and GH-18464 (Recursion protection for deprecation constants not released on bailout). (DanielEScherzer and ilutov) Fixed GH-18695 (zend_ast_export() - float number is not preserved). (Oleg Efimov) Fix handling of references in zval_try_get_long(). (nielsdos) Do not delete main chunk in zend_gc. (danog, Arnaud) Fix compile issues with zend_alloc and some non-default options. (nielsdos) Curl: Fix memory leak when setting a list via curl_setopt fails. (nielsdos) Date: Fix leaks with multiple calls to DatePeriod iterator current(). (nielsdos) DOM: Fixed bug GH-18744 (classList works not correctly if copy HTMLElement by clone keyword). (nielsdos) FPM: Fixed GH-18662 (fpm_get_status segfault). (txuna) Hash: Fixed bug GH-14551 (PGO build fails with xxhash). (nielsdos) Intl: Fix memory leak in intl_datetime_decompose() on failure. (nielsdos) Fix memory leak in locale lookup on failure. (nielsdos) Opcache: Fixed bug GH-18743 (Incompatibility in Inline TLS Assembly on Alpine 3.22). (nielsdos, Arnaud) ODBC: Fix memory leak on php_odbc_fetch_hash() failure. (nielsdos) OpenSSL: Fix memory leak of X509_STORE in php_openssl_setup_verify() on failure. (nielsdos) Fixed bug php#74796 (Requests through http proxy set peer name). (Jakub Zelenka) PGSQL: Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735) (Jakub Zelenka) PDO ODBC: Fix memory leak if WideCharToMultiByte() fails. (nielsdos) PDO Sqlite: Fixed memory leak with Pdo_Sqlite::createCollation when the callback has an incorrect return type. (David Carlier) Phar: Add missing filter cleanups on phar failure. (nielsdos) Fixed bug GH-18642 (Signed integer overflow in ext/phar fseek). (nielsdos) PHPDBG: Fix 'phpdbg --help' segfault on shutdown with USE_ZEND_ALLOC=0. (nielsdos) PGSQL: Fix warning not being emitted when failure to cancel a query with pg_cancel_query(). (Girgias) Random: Fix reference type confusion and leak in user random engine. (nielsdos, timwolla) Readline: Fix memory leak when calloc() fails in php_readline_completion_cb(). (nielsdos) SimpleXML: Fixed bug GH-18597 (Heap-buffer-overflow in zend_alloc.c when assigning string with UTF-8 bytes). (nielsdos) SOAP: Fix memory leaks in php_http.c when call_user_function() fails. (nielsdos) Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491) (Lekssays, nielsdos) Standard: Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220) (Jakub Zelenka) Tidy: Fix memory leak in tidy output handler on error. (nielsdos) Fix tidyOptIsReadonly deprecation, using tidyOptGetCategory. (David Carlier) -------------------------------------------------------------------------------- ChangeLog: * Wed Jul 2 2025 Remi Collet <remi@xxxxxxxxxxxx> - 8.4.10-1 - Update to 8.4.10 - http://www.php.net/releases/8_4_10.php -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-2c344545bf' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys -------------------------------------------------------------------------------- -- _______________________________________________ package-announce mailing list -- package-announce@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to package-announce-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
