{"id":"MGASA-2022-0234","summary":"Updated php packages fix security vulnerability","details":"CLI -Fixed bug #8575 (CLI closes standard streams too early).\nCore -Fixed Haiku ZTS builds.\nDate -Fixed bug #8471 (Segmentation fault when converting immutable and\nmutable DateTime instances created using reflection).\nphp-fpm - Fixed bug #72185 writes empty fcgi record causing nginx 502.\nMysqlnd - Fixed bug #81719: mysqlnd/pdo password buffer overflow.\n(CVE-2022-31626)\nOPcache - Fixed bug #8466 (ini_get() is optimized out when the option does\nnot exist).\nPcntl - Fixed Haiku build.\nPgsql - Fixed bug #81720: Uninitialized array in pg_query_params().\n(CVE-2022-31625)\nSoap - Fixed bug #8578 (Error on wrong parameter on SoapHeader\nconstructor).\nFixed bug #8538 (SoapClient may strip parts of nmtokens).\nSPL - Fixed bug #8235 (iterator_count() may run indefinitely).\nZip - Fixed type for index in ZipArchive::replaceFile.\n","modified":"2026-02-01T12:29:13.051979Z","published":"2022-06-18T21:30:41Z","related":["CVE-2022-31625","CVE-2022-31626"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0234.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30533"},{"type":"REPORT","url":"https://www.php.net/ChangeLog-8.php#8.0.20"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.20-3.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0234.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}