{"id":"MGASA-2022-0362","summary":"Updated php packages fix security vulnerability","details":"Core\n  Fixed bug GH-9323 (Crash in ZEND_RETURN/GC/zend_call_function)\n  Fixed bug GH-9361 (Segmentation fault on script exit #9379).\n  Fixed bug GH-9407 (LSP error in eval'd code refers to wrong class for\n  static type).\n  Fixed bug #81727: Don't mangle HTTP variable names that clash with ones\n  that have a specific semantic meaning. (CVE-2022-31629)\n\nDOM\n  Fixed bug #79451 (DOMDocument-\u003ereplaceChild on doctype causes double\n  free).\n\nFPM\n  Fixed bug GH-8885 (FPM access.log with stderr begins to write logs to\n  error_log after daemon reload).\n  Fixed bug #77780 (\"Headers already sent...\" when previous connection was\n  aborted).\n\nGMP\n  Fixed bug GH-9308 (GMP throws the wrong error when a GMP object is\n  passed to gmp_init()).\n\nIntl\n  Fixed bug GH-9421 (Incorrect argument number for ValueError in\n  NumberFormatter).\n\nPhar\n  Fixed bug #81726: phar wrapper: DOS when using quine gzip file.\n  (CVE-2022-31628)\n\nPDO_PGSQL\n  Fixed bug GH-9411 (PgSQL large object resource is incorrectly closed).\n\nReflection\n  Fixed bug GH-8932 (ReflectionFunction provides no way to get the called\n  class of a Closure).\n  Fixed bug GH-9409 (Private method is incorrectly dumped as\n  \"overwrites\").\n\nStreams\n  Fixed bug GH-9316 ($http_response_header is wrong for long status line).\n","modified":"2026-01-31T00:55:49.391206Z","published":"2022-10-08T20:22:22Z","related":["CVE-2022-31628","CVE-2022-31629"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0362.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=30913"},{"type":"REPORT","url":"https://www.php.net/ChangeLog-8.php#8.0.24"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.0.24-1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0362.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}