Author: Derick Rethans (derickr) Date: 2022-11-03T08:30:50Z Commit: https://github.com/php/web-php/commit/b4d045ea19222f01493d7f6632f0da40408e170c Raw diff: https://github.com/php/web-php/commit/b4d045ea19222f01493d7f6632f0da40408e170c.diff
Go with 7.4.33 Changed paths: A archive/entries/2022-11-03-1.xml A releases/7_4_33.php M ChangeLog-7.php M archive/archive.xml M include/releases.inc M include/version.inc Diff: diff --git a/ChangeLog-7.php b/ChangeLog-7.php index 3ef98837a..1cadc9b67 100644 --- a/ChangeLog-7.php +++ b/ChangeLog-7.php @@ -8,6 +8,22 @@ ?> <a id="PHP_7_4"></a> +<section class="version" id="7.4.33"><!-- {{{ 7.4.33 --> +<h3>Version 7.4.33</h3> +<b><?php release_date('03-Nov-2022'); ?></b> +<ul><li>GD: +<ul> + <li><?php bugfix(81739); ?>: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630)</li> +</ul></li> +<li>Hash: +<ul> + <li><?php bugfix(81738); ?>: buffer overflow in hash_update() on long parameter. (CVE-2022-37454)</li> +</ul></li> +</ul> +<!-- }}} --></section> + + + <section class="version" id="7.4.32"><!-- {{{ 7.4.32 --> <h3>Version 7.4.32</h3> <b><?php release_date('29-Sep-2022'); ?></b> diff --git a/archive/archive.xml b/archive/archive.xml index 2661bc844..e0f96491e 100644 --- a/archive/archive.xml +++ b/archive/archive.xml @@ -9,6 +9,7 @@ <uri>http://php.net/contact</uri> <email>php-webmaster@lists.php.net</email> </author> + <xi:include href="entries/2022-11-03-1.xml"/> <xi:include href="entries/2022-10-28-2.xml"/> <xi:include href="entries/2022-10-28-1.xml"/> <xi:include href="entries/2022-10-27-1.xml"/> diff --git a/archive/entries/2022-11-03-1.xml b/archive/entries/2022-11-03-1.xml new file mode 100644 index 000000000..4490d7831 --- /dev/null +++ b/archive/entries/2022-11-03-1.xml @@ -0,0 +1,25 @@ +<?xml version="1.0" encoding="utf-8"?> +<entry xmlns="http://www.w3.org/2005/Atom"> + <title>PHP 7.4.33 Released!</title> + <id>https://www.php.net/archive/2022.php#2022-11-03-1</id> + <published>2022-11-03T08:28:02+00:00</published> + <updated>2022-11-03T08:28:02+00:00</updated> + <link href="https://www.php.net/index.php#2022-11-03-1" rel="alternate" type="text/html"/> + <link href="https://www.php.net/archive/2022.php#2022-11-03-1" rel="via" type="text/html"/> + <category term="releases" label="New PHP release"/> + <category term="frontpage" label="PHP.net frontpage news"/> + <content type="xhtml"> + <div xmlns="http://www.w3.org/1999/xhtml"><p>The PHP development team announces the immediate availability of PHP 7.4.33.</p> + +<p>This is security release that fixes an OOB read due to insufficient +input validation in imageloadfont(), and a buffer overflow in +hash_update() on long parameter.</p> + +<p>All PHP 7.4 users are encouraged to upgrade to this version.</p> + +<p>For source downloads of PHP 7.4.33 please visit our <a href="https://www.php.net/downloads.php">downloads page</a>, +Windows source and binaries can be found on <a href="https://windows.php.net/download/">windows.php.net/download/</a>. +The list of changes is recorded in the <a href="https://www.php.net/ChangeLog-7.php#7.4.33">ChangeLog</a>. +</p> </div> + </content> +</entry> diff --git a/include/releases.inc b/include/releases.inc index 30624174a..be6fed226 100644 --- a/include/releases.inc +++ b/include/releases.inc @@ -1313,6 +1313,43 @@ $OLDRELEASES = array ( ), 7 => array ( + '7.4.32' => + array ( + 'announcement' => + array ( + 'English' => '/releases/7_4_32.php', + ), + 'tags' => + array ( + 0 => 'security', + ), + 'date' => '29 Sep 2022', + 'source' => + array ( + 0 => + array ( + 'filename' => 'php-7.4.32.tar.gz', + 'name' => 'PHP 7.4.32 (tar.gz)', + 'sha256' => '197e3372afd69694eb6b230838305eb9e1cbe5db272e0fa3bbe0d38e329a95bc', + 'date' => '29 Sep 2022', + ), + 1 => + array ( + 'filename' => 'php-7.4.32.tar.bz2', + 'name' => 'PHP 7.4.32 (tar.bz2)', + 'sha256' => '9b4c3c21ffbb4f35d7b865dbf88538bba1742335248ae1cc2afc303d456e3aa6', + 'date' => '29 Sep 2022', + ), + 2 => + array ( + 'filename' => 'php-7.4.32.tar.xz', + 'name' => 'PHP 7.4.32 (tar.xz)', + 'sha256' => '323332c991e8ef30b1d219cb10f5e30f11b5f319ce4c6642a5470d75ade7864a', + 'date' => '29 Sep 2022', + ), + ), + 'museum' => false, + ), '7.4.30' => array ( 'announcement' => diff --git a/include/version.inc b/include/version.inc index 3af64223b..3bcee9312 100644 --- a/include/version.inc +++ b/include/version.inc @@ -44,13 +44,13 @@ $RELEASES = (function () { /* PHP 7.4 Release */ $data['7.4'] = [ - 'version' => '7.4.32', - 'date' => '29 Sep 2022', + 'version' => '7.4.33', + 'date' => '03 Nov 2022', 'tags' => ['security'], // Set to ['security'] for security releases 'sha256' => [ - 'tar.gz' => '197e3372afd69694eb6b230838305eb9e1cbe5db272e0fa3bbe0d38e329a95bc', - 'tar.bz2' => '9b4c3c21ffbb4f35d7b865dbf88538bba1742335248ae1cc2afc303d456e3aa6', - 'tar.xz' => '323332c991e8ef30b1d219cb10f5e30f11b5f319ce4c6642a5470d75ade7864a', + 'tar.gz' => '5a2337996f07c8a097e03d46263b5c98d2c8e355227756351421003bea8f463e', + 'tar.bz2' => '4e8117458fe5a475bf203128726b71bcbba61c42ad463dffadee5667a198a98a', + 'tar.xz' => '924846abf93bc613815c55dd3f5809377813ac62a9ec4eb3778675b82a27b927', ] ]; diff --git a/releases/7_4_33.php b/releases/7_4_33.php new file mode 100644 index 000000000..7f1476819 --- /dev/null +++ b/releases/7_4_33.php @@ -0,0 +1,20 @@ +<?php +$_SERVER['BASE_PAGE'] = 'releases/7_4_33.php'; +include_once __DIR__ . '/../include/prepend.inc'; +site_header('PHP 7.4.33 Release Announcement'); +?> +<h1>PHP 7.4.33 Release Announcement</h1> + +<p>The PHP development team announces the immediate availability of PHP 7.4.33.</p> + +<p>This is security release that fixes an OOB read due to insufficient +input validation in imageloadfont(), and a buffer overflow in +hash_update() on long parameter.</p> + +<p>All PHP 7.4 users are encouraged to upgrade to this version.</p> + +<p>For source downloads of PHP 7.4.33 please visit our <a href="https://www.php.net/downloads.php">downloads page</a>, +Windows source and binaries can be found on <a href="https://windows.php.net/download/">windows.php.net/download/</a>. +The list of changes is recorded in the <a href="https://www.php.net/ChangeLog-7.php#7.4.33">ChangeLog</a>. +</p> +<?php site_footer(); -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php