CVE Fixes for PHP versions: 7.1.33.16, 7.2.34.11, 7.3.33.3

  • Hash
    • Fixed bug #81738: buffer overflow in hash_update() on long parameter. (CVE-2022-37454)

CVE Fixes for PHP versions 7.1.33.16, 7.2.34.11, 7.3.33.3

  • Core
    • Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628).
    • Fixed bug #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629).