{"id":"MGASA-2025-0330","summary":"Updated php packages fix security vulnerabilities","details":"Opcache:\n- Reset global pointers to prevent use-after-free in zend_jit_status.\nPDO:\n- Fixed PDO quoting result null deref.\nStandard:\n- Fixed Null byte termination in dns_get_record\n- Heap buffer overflow in array_merge\n- Information Leak of Memory in getimagesize\n","modified":"2026-04-16T04:44:36.020678555Z","published":"2025-12-21T04:11:33Z","upstream":["CVE-2025-14177","CVE-2025-14178","CVE-2025-14180"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2025-0330.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=34873"},{"type":"WEB","url":"https://www.php.net/ChangeLog-8.php#8.2.30"}],"affected":[{"package":{"name":"php","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/php?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"8.2.30-1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2025-0330.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}