Package "php8.1-mysql"

Name:	php8.1-mysql
Description:	MySQL module for PHP
Latest version:	8.1.2-1ubuntu2.18
Release:	jammy (22.04)
Level:	updates
Repository:	main
Head package:	php8.1
Homepage:	http://www.php.net/

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "php8.1-mysql"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "php8.1-mysql" in Jammy

Repository	Area	Version
base	main	8.1.2-1ubuntu2
security	main	8.1.2-1ubuntu2.18

Changelog

Version: 8.1.2-1ubuntu2.18 2024-06-19 14:07:16 UTC

php8.1 (8.1.2-1ubuntu2.18) jammy-security; urgency=medium * SECURITY UPDATE: Invalid user information - debian/patches/CVE-2024-5458.patch: improves filters validation in ext/filter/logical_filters.c and adds test in ext/filter/tests/ghsa-w8qr-v226-r27w.phpt. - CVE-2024-5458 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 14 Jun 2024 12:52:55 -0300

Source diff to previous version

CVE-2024-5458

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, due to a code logic error, filtering functions such as filter_var when

Version: 8.1.2-1ubuntu2.17 2024-05-03 04:07:00 UTC

php8.1 (8.1.2-1ubuntu2.17) jammy-security; urgency=medium * SECURITY UPDATE: Heap buffer-overflow - debian/patches/CVE-2022-4900.patch: prevent potential buffer overflow for large valye of php_cli_server_workers_max in sapi/cli/php_cli_server.c. - CVE-2022-4900 * SECURITY UPDATE: Cookie by pass - debian/patches/CVE-2024-2756.patch: adds more mangling rules in main/php_variable.c. - CVE-2024-2756 * SECURITY UPDATE: Account take over risk - debian/patches/CVE-2024-3096.patch: disallow null character in bcrypt password in ext/standard/password.c, ext/standard/tests/password_bcrypt_errors.phpt. - CVE-2024-3096 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 01 May 2024 07:10:07 -0300

Source diff to previous version

CVE-2022-4900	A vulnerability was found in PHP where setting the environment variable PHP_CLI_SERVER_WORKERS to a large value leads to a heap buffer overflow.
CVE-2024-2756	Due to an incomplete fix to CVE-2022-31629 https://github.com/advisories/GHSA-c43m-486j-j32p , network and same-site attackers can set a standard in
CVE-2024-3096	In PHP version 8.1.* before 8.1.28, 8.2.* before 8.2.18, 8.3.* before 8.3.5, if a password stored with password_hash() starts with a null byte (\x00

Version: 8.1.2-1ubuntu2.15 2024-04-11 20:06:59 UTC

php8.1 (8.1.2-1ubuntu2.15) jammy; urgency=medium * d/p/fix-attribute-instantion-dangling-pointer.patch: Fix sigsegv from dangling pointer on attribute observer. (LP: #2054621) * d/p/fix-attribute-instantion-memory-overflow-recovery.patch: Fix sigsegv during memory overflow recovery on attribute observer. -- Brian Morton <email address hidden> Fri, 23 Feb 2024 12:26:53 -0500

Source diff to previous version

2054621

Fix PHP crashes due to accessing dangling pointers

Version: 8.1.2-1ubuntu2.14 2023-08-23 20:07:01 UTC

Version: 8.1.2-1ubuntu2.14	2023-08-23 20:07:01 UTC
php8.1 (8.1.2-1ubuntu2.14) jammy-security; urgency=medium * SECURITY UPDATE: Disclosure sensitive information - debian/patches/CVE-2023-3823.patch: sanitieze libxml2 globals before parsing in ext/dom/document.c, ext/dom/documentfragment.c, xml_global_state_entity_loader_bypass.phpt, ext/libxml/php_libxml.h, ext/simplexml/simplexml.c, xml_global_state_entity_loader_bypass.phpt, ext/soap/php_xml.c, ext/xml/compat.c, ext/xmlreader/php_xmlreader.c, xml_global_state_entity_loader_bypass.phpt, ext/xsl/xsltprocessor.c, ext/zend_test/test.c, ext/zend_test/test.stub.php. - CVE-2023-3823 * SECURITY UPDATE: Stack buffer overflow - debian/patches/CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read(), and in files ext/phar/dirstream.c, ext/phar/tests/GHSA-jqcx-ccgx-xwhv.phpt. - CVE-2023-3824 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 18 Aug 2023 08:41:11 -0300
Source diff to previous version

php8.1 (8.1.2-1ubuntu2.14) jammy-security; urgency=medium * SECURITY UPDATE: Disclosure sensitive information - debian/patches/CVE-2023-3823.patch: sanitieze libxml2 globals before parsing in ext/dom/document.c, ext/dom/documentfragment.c, xml_global_state_entity_loader_bypass.phpt, ext/libxml/php_libxml.h, ext/simplexml/simplexml.c, xml_global_state_entity_loader_bypass.phpt, ext/soap/php_xml.c, ext/xml/compat.c, ext/xmlreader/php_xmlreader.c, xml_global_state_entity_loader_bypass.phpt, ext/xsl/xsltprocessor.c, ext/zend_test/test.c, ext/zend_test/test.stub.php. - CVE-2023-3823 * SECURITY UPDATE: Stack buffer overflow - debian/patches/CVE-2023-3824.patch: fix buffer mismanagement in phar_dir_read(), and in files ext/phar/dirstream.c, ext/phar/tests/GHSA-jqcx-ccgx-xwhv.phpt. - CVE-2023-3824 -- Leonidas Da Silva Barbosa <email address hidden> Fri, 18 Aug 2023 08:41:11 -0300

Source diff to previous version

Version: 8.1.2-1ubuntu2.13 2023-07-03 17:07:11 UTC

php8.1 (8.1.2-1ubuntu2.13) jammy-security; urgency=medium * SECURITY UPDATE: Missing error check and insufficient random bytes - debian/patches/CVE-2023-3247-1.patch: fixes missing randomness check and insufficient random byes for SOAP HTTP digest in ext/soap/php_http.c. - debian/patches/CVE-2023-3247-2.patch: fix wrong backporting of previous soap patch. - CVE-2023-3247 -- Leonidas Da Silva Barbosa <email address hidden> Wed, 28 Jun 2023 11:01:49 -0300

CVE-2023-3247

GHSA-76gg-c692-v2mw: Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP

About - Send Feedback to @ubuntu_updates

Package "php8.1-mysql"

Links

Download "php8.1-mysql"

Other versions of "php8.1-mysql" in Jammy

Changelog

Share this page

Bookmarks

Latest updates

proposed

updates

PPA updates