Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package php7 for openSUSE:Factory checked in at 2022-11-04 17:31:42 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/php7 (Old) and /work/SRC/openSUSE:Factory/.php7.new.2275 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "php7" Fri Nov 4 17:31:42 2022 rev:118 rq:1033030 version:7.4.33 Changes: -------- --- /work/SRC/openSUSE:Factory/php7/php7.changes 2022-10-01 17:42:56.509646710 +0200 +++ /work/SRC/openSUSE:Factory/.php7.new.2275/php7.changes 2022-11-04 17:31:45.111792629 +0100 @@ -1,0 +2,10 @@ +Thu Nov 3 10:21:36 UTC 2022 - pgaj...@suse.com + +- version update to 7.4.33 + * This is security release that fixes an OOB read due to insufficient + input validation in imageloadfont(), and a buffer overflow in + hash_update() on long parameter. + * CVE-2022-37454 [bsc#1204577], CVE-2022-31630 [bsc#1204979] + https://www.php.net/ChangeLog-7.php#7.4.33 + +------------------------------------------------------------------- Old: ---- php-7.4.32.tar.xz php-7.4.32.tar.xz.asc New: ---- php-7.4.33.tar.xz php-7.4.33.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ php7.spec ++++++ --- /var/tmp/diff_new_pack.ldyDkS/_old 2022-11-04 17:31:46.279798913 +0100 +++ /var/tmp/diff_new_pack.ldyDkS/_new 2022-11-04 17:31:46.287798956 +0100 @@ -53,7 +53,7 @@ %define build_argon2 1 %endif Name: %{pprefix}%{php_name}%{psuffix} -Version: 7.4.32 +Version: 7.4.33 Release: 0 Summary: Interpreter for the PHP scripting language version 7 License: PHP-3.01 ++++++ php-7.4.32.tar.xz -> php-7.4.33.tar.xz ++++++ /work/SRC/openSUSE:Factory/php7/php-7.4.32.tar.xz /work/SRC/openSUSE:Factory/.php7.new.2275/php-7.4.33.tar.xz differ: char 26, line 1
