{"id":"MGASA-2024-0132","summary":"Updated php packages fix security vulnerabilities","details":"Core:\n- Corrupted memory in destructor with weak references\n- GC does not scale well with a lot of objects created in destructor\nDOM:\n- Add some missing ZPP checks.\n- Fix potential memory leak in XPath evaluation results.\nFPM:\n- Fix incorrect check in fpm_shm_free().\nGettext:\n- Fixed sigabrt raised with dcgettext/dcngettext calls with gettext\n0.22.5 with category set to LC_ALL.\nMySQLnd:\n- Fixed handshake response [mysqlnd]\n- Fix incorrect charset length in check_mb_eucjpms().\nOpcache:\n- JITed QM_ASSIGN may be optimized out when op1 is null\n- Segmentation fault for enabled observers when calling trait method of\ninternal trait when opcache is loaded\nPDO:\n- Fix various PDORow bugs.\nRandom:\n- Pre-PHP 8.2 compatibility for mt_srand with unknown modes\n- Global Mt19937 is not properly reset in-between requests when\nMT_RAND_PHP is used\nSession:\n- Segfault with session_decode and compilation error\nSockets:\n- socket_getsockname returns random characters in the end of the socket\nname\nSPL:\n- Unable to resize SplfixedArray after being unserialized in PHP 8.2.15\n- Unexpected null pointer in zend_string.h\nStandard:\n- Added validation of `\\n` in $additional_headers of mail()\n- Command injection via array-ish $command parameter of proc_open).\n(CVE-2024-1874)\nFixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to\npartial CVE-2022-31629 fix). (CVE-2024-2756)\n- password_verify can erroneously return true, opening ATO risk.\n(CVE-2024-3096)\n","modified":"2026-02-04T04:24:53.137169Z","published":"2024-04-13T16:56:38Z","related":["CVE-2024-1874","CVE-2024-2756","CVE-2024-3096"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0132.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=33093"},{"type":"REPORT","url":"https://www.php.net/ChangeLog-8.php#8.2.18"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.2.18-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0132.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}