Package "php8.1"

Name:	php8.1
Description:	server-side, HTML-embedded scripting language (metapackage)
Latest version:	8.1.12-1ubuntu4.3
Release:	lunar (23.04)
Level:	security
Repository:	main
Homepage:	http://www.php.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "php8.1"

All arch deb package

APT INSTALL

Other versions of "php8.1" in Lunar

Repository	Area	Version
base	main	8.1.12-1ubuntu4
base	universe	8.1.12-1ubuntu4
security	universe	8.1.12-1ubuntu4.3
updates	universe	8.1.12-1ubuntu4.3
updates	main	8.1.12-1ubuntu4.3

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 8.1.12-1ubuntu4.3 2023-08-23 18:07:01 UTC

Version: 8.1.12-1ubuntu4.3	2023-08-23 18:07:01 UTC
php8.1 (8.1.12-1ubuntu4.3) lunar-security; urgency=medium * SECURITY UPDATE: Disclosure sensitive information - debian/patches/CVE-2023-3823.patch: sanitieze libxml2 globals before parsing in ext/dom/document.c, ext/dom/documentfragment.c, xml_global_state_entity_loader_bypass.phpt, ext/libxml/php_libxml.h, ext/simplexml/simplexml.c, xml_global_state_entity_loader_bypass.phpt, ext/soap/php_xml.c, ext/xml/compat.c, ext/xmlreader/php_xmlreader.c, xml_global_state_entity_loader_bypass.phpt, ext/xsl/xsltprocessor.c, ext/zend_test/test.c, ext/zend_test/test.stub.php. - CVE-2023-3823 * SECURITY UPDATE: Stack buffer overflow - debian/patches/CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read(), and in files ext/phar/dirstream.c, ext/phar/tests/GHSA-jqcx-ccgx-xwhv.phpt. - CVE-2023-3824 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 17 Aug 2023 14:37:48 -0300
Source diff to previous version

php8.1 (8.1.12-1ubuntu4.3) lunar-security; urgency=medium * SECURITY UPDATE: Disclosure sensitive information - debian/patches/CVE-2023-3823.patch: sanitieze libxml2 globals before parsing in ext/dom/document.c, ext/dom/documentfragment.c, xml_global_state_entity_loader_bypass.phpt, ext/libxml/php_libxml.h, ext/simplexml/simplexml.c, xml_global_state_entity_loader_bypass.phpt, ext/soap/php_xml.c, ext/xml/compat.c, ext/xmlreader/php_xmlreader.c, xml_global_state_entity_loader_bypass.phpt, ext/xsl/xsltprocessor.c, ext/zend_test/test.c, ext/zend_test/test.stub.php. - CVE-2023-3823 * SECURITY UPDATE: Stack buffer overflow - debian/patches/CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read(), and in files ext/phar/dirstream.c, ext/phar/tests/GHSA-jqcx-ccgx-xwhv.phpt. - CVE-2023-3824 -- Leonidas Da Silva Barbosa <email address hidden> Thu, 17 Aug 2023 14:37:48 -0300

Source diff to previous version

Version: 8.1.12-1ubuntu4.2 2023-07-03 17:07:15 UTC

php8.1 (8.1.12-1ubuntu4.2) lunar-security; urgency=medium * SECURITY UPDATE: Missing error check and insufficient random bytes - debian/patches/CVE-2023-3247-1.patch: fixes missing randomness check and insufficient random byes for SOAP HTTP digest in ext/soap/php_http.c. - debian/patches/CVE-2023-3247-2.patch: fix wrong backporting of previous soap patch. - CVE-2023-3247 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 28 Jun 2023 10:56:12 -0300

CVE-2023-3247

GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

About - Send Feedback to @ubuntu_updates

Package "php8.1"

Links

Download "php8.1"

Other versions of "php8.1" in Lunar

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates