Author: Pierrick Charron (adoy) Date: 2024-09-26T12:27:07-04:00 Commit: https://github.com/php/web-php/commit/367ef68f466a96b1c04d074d9b06bf638ad31b29 Raw diff: https://github.com/php/web-php/commit/367ef68f466a96b1c04d074d9b06bf638ad31b29.diff
Announce PHP 8.2.24 Changed paths: A archive/entries/2024-09-26-2.xml A releases/8_2_24.php M ChangeLog-8.php M archive/archive.xml M include/releases.inc M include/version.inc Diff: diff --git a/ChangeLog-8.php b/ChangeLog-8.php index 183022d89b..fb422b4cda 100644 --- a/ChangeLog-8.php +++ b/ChangeLog-8.php @@ -1097,6 +1097,70 @@ <a id="PHP_8_2"></a> +<section class="version" id="8.2.24"><!-- {{{ 8.2.24 --> +<h3>Version 8.2.24</h3> +<b><?php release_date('26-Sep-2024'); ?></b> +<ul><li>CGI: +<ul> + <li>Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)</li> + <li>Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)</li> +</ul></li> +<li>Core: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15408); ?> (MSan false-positve on zend_max_execution_timer).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 15515); ?> (Configure error grep illegal option q).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 15514); ?> (Configure error: genif.sh: syntax error).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 15565); ?> (--disable-ipv6 during compilation produces error EAI_SYSTEM not found).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 15587); ?> (CRC32 API build error on arm 32-bit).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 15330); ?> (Do not scan generator frames more than once).</li> + <li>Fixed uninitialized lineno in constant AST of internal enums.</li> +</ul></li> +<li>Curl: +<ul> + <li>FIxed bug <?php githubissuel('php/php-src', 15547); ?> (curl_multi_select overflow on timeout argument).</li> +</ul></li> +<li>DOM: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15551); ?> (Segmentation fault (access null pointer) in ext/dom/xml_common.h).</li> +</ul></li> +<li>Fileinfo: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15752); ?> (Incorrect error message for finfo_file with an empty filename argument).</li> +</ul></li> +<li>FPM: +<ul> + <li>Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026)</li> +</ul></li> +<li>MySQLnd: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15432); ?> (Heap corruption when querying a vector).</li> +</ul></li> +<li>Opcache: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15661); ?> (Access null pointer in Zend/Optimizer/zend_inference.c).</li> + <li>Fixed bug <?php githubissuel('php/php-src', 15658); ?> (Segmentation fault in Zend/zend_vm_execute.h).</li> +</ul></li> +<li>SAPI: +<ul> + <li>Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925)</li> +</ul></li> +<li>SOAP: +<ul> + <li><?php bugfix(73182); ?> (PHP SOAPClient does not support stream context HTTP headers in array form).</li> +</ul></li> +<li>Standard: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15552); ?> (Signed integer overflow in ext/standard/scanf.c).</li> +</ul></li> +<li>Streams: +<ul> + <li>Fixed bug <?php githubissuel('php/php-src', 15628); ?> (php_stream_memory_get_buffer() not zero-terminated).</li> +</ul></li> +</ul> +<!-- }}} --></section> + + + <section class="version" id="8.2.23"><!-- {{{ 8.2.23 --> <h3>Version 8.2.23</h3> <b><?php release_date('29-Aug-2024'); ?></b> diff --git a/archive/archive.xml b/archive/archive.xml index 349816dd35..0d838d15fc 100644 --- a/archive/archive.xml +++ b/archive/archive.xml @@ -9,6 +9,7 @@ <uri>http://php.net/contact</uri> <email>php-webmaster@lists.php.net</email> </author> + <xi:include href="entries/2024-09-26-2.xml"/> <xi:include href="entries/2024-09-26-1.xml"/> <xi:include href="entries/2024-09-17-1.xml"/> <xi:include href="entries/2024-09-12-1.xml"/> diff --git a/archive/entries/2024-09-26-2.xml b/archive/entries/2024-09-26-2.xml new file mode 100644 index 0000000000..30226f1bba --- /dev/null +++ b/archive/entries/2024-09-26-2.xml @@ -0,0 +1,21 @@ +<?xml version="1.0" encoding="utf-8"?> +<entry xmlns="http://www.w3.org/2005/Atom"> + <title>PHP 8.2.24 Released!</title> + <id>https://www.php.net/archive/2024.php#2024-09-26-2</id> + <published>2024-09-26T16:25:23+00:00</published> + <updated>2024-09-26T16:25:23+00:00</updated> + <link href="https://www.php.net/index.php#2024-09-26-2" rel="alternate" type="text/html"/> + <link href="https://www.php.net/archive/2024.php#2024-09-26-2" rel="via" type="text/html"/> + <category term="releases" label="New PHP release"/> + <category term="frontpage" label="PHP.net frontpage news"/> + <content type="xhtml"> + <div xmlns="http://www.w3.org/1999/xhtml"><p>The PHP development team announces the immediate availability of PHP 8.2.24. This is a security release.</p> + +<p>All PHP 8.2 users are encouraged to upgrade to this version.</p> + +<p>For source downloads of PHP 8.2.24 please visit our <a href="https://www.php.net/downloads.php">downloads page</a>, +Windows source and binaries can be found on <a href="https://windows.php.net/download/">windows.php.net/download/</a>. +The list of changes is recorded in the <a href="https://www.php.net/ChangeLog-8.php#8.2.24">ChangeLog</a>. +</p> </div> + </content> +</entry> diff --git a/include/releases.inc b/include/releases.inc index 440f6b7aab..ca11e52e14 100644 --- a/include/releases.inc +++ b/include/releases.inc @@ -2,6 +2,42 @@ $OLDRELEASES = array ( 8 => array ( + '8.2.23' => + array ( + 'announcement' => + array ( + 'English' => '/releases/8_2_23.php', + ), + 'tags' => + array ( + ), + 'date' => '29 Aug 2024', + 'source' => + array ( + 0 => + array ( + 'filename' => 'php-8.2.23.tar.gz', + 'name' => 'PHP 8.2.23 (tar.gz)', + 'sha256' => 'f5cb5f0e063bcc632c60a8f26af63b19d5f924f1fc54b4471d88cfaa865d6917', + 'date' => '29 Aug 2024', + ), + 1 => + array ( + 'filename' => 'php-8.2.23.tar.bz2', + 'name' => 'PHP 8.2.23 (tar.bz2)', + 'sha256' => 'f7c90cda7a3c1de01f3bfb7b469d52dec9eba2f3b83320836004f9c2eecae26b', + 'date' => '29 Aug 2024', + ), + 2 => + array ( + 'filename' => 'php-8.2.23.tar.xz', + 'name' => 'PHP 8.2.23 (tar.xz)', + 'sha256' => '81c5ae6ba44e262a076349ee54a2e468638a4571085d80bff37f6fd308e1d8d5', + 'date' => '29 Aug 2024', + ), + ), + 'museum' => false, + ), '8.3.11' => array ( 'announcement' => diff --git a/include/version.inc b/include/version.inc index 8cd324d997..4e87d39185 100644 --- a/include/version.inc +++ b/include/version.inc @@ -32,13 +32,13 @@ $RELEASES = (function () { /* PHP 8.2 Release */ $data['8.2'] = [ - 'version' => '8.2.23', - 'date' => '29 Aug 2024', - 'tags' => [], // Set to ['security'] for security releases. + 'version' => '8.2.24', + 'date' => '26 Sep 2024', + 'tags' => ['security'], // Set to ['security'] for security releases. 'sha256' => [ - 'tar.gz' => 'f5cb5f0e063bcc632c60a8f26af63b19d5f924f1fc54b4471d88cfaa865d6917', - 'tar.bz2' => 'f7c90cda7a3c1de01f3bfb7b469d52dec9eba2f3b83320836004f9c2eecae26b', - 'tar.xz' => '81c5ae6ba44e262a076349ee54a2e468638a4571085d80bff37f6fd308e1d8d5', + 'tar.gz' => '5d26441969279a594e404bb9f2e17b6f74bb10606fe05911e739137673ae6c4c', + 'tar.bz2' => '4cc76ec644eee97d17c92bfe8d0e84714fedf299a538b7dfadc0639dd0dc432f', + 'tar.xz' => '80a5225746a9eb484475b312d4c626c63a88a037d8e56d214f30205e1ba1411a', ] ]; diff --git a/releases/8_2_24.php b/releases/8_2_24.php new file mode 100644 index 0000000000..d65b9c85e4 --- /dev/null +++ b/releases/8_2_24.php @@ -0,0 +1,16 @@ +<?php +$_SERVER['BASE_PAGE'] = 'releases/8_2_24.php'; +include_once __DIR__ . '/../include/prepend.inc'; +site_header('PHP 8.2.24 Release Announcement'); +?> +<h1>PHP 8.2.24 Release Announcement</h1> + +<p>The PHP development team announces the immediate availability of PHP 8.2.24. This is a security release.</p> + +<p>All PHP 8.2 users are encouraged to upgrade to this version.</p> + +<p>For source downloads of PHP 8.2.24 please visit our <a href="https://www.php.net/downloads.php">downloads page</a>, +Windows source and binaries can be found on <a href="https://windows.php.net/download/">windows.php.net/download/</a>. +The list of changes is recorded in the <a href="https://www.php.net/ChangeLog-8.php#8.2.24">ChangeLog</a>. +</p> +<?php site_footer();