SUSE Package Hub - openSUSE-2024-115

Update Info

openSUSE-2024-115

Security update for php81

Type: security

Severity: important

Issued: 2024-05-02

Description:

This update for php81 fixes the following issues:

Version update to 8.1.28

* Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to
  partial CVE-2022-31629 fix). (CVE-2024-2756) (nielsdos) [boo#1222857]
* Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true,
  opening ATO risk). (CVE-2024-3096) (Jakub Zelenka) [boo#1222858]

References

Packages

php81-8.1.28-bp155.8.1

apache2-mod_php81-8.1.28-bp155.8.1

php81-embed-8.1.28-bp155.8.1

php81-fastcgi-8.1.28-bp155.8.1

php81-fpm-8.1.28-bp155.8.1

php81-test-8.1.28-bp155.8.3