Skip to main content
Fixed
- JobQueue HTTPS requests failure on IBM i
- Change lighttpd configuration for HTTPv.1.1 compatibility
- JobQueue incorrect behavior during DST change
- Zend Server RPM php-sources-zend-server packages missing PHP 7.1 sources
Updated
- Upgrade angularjs to latest perforce-angular 1.8.4 in Zend Server
Backported PHP CVE fixes
- PHP versions: 7.1.33.16, 7.2.34.12, 7.3.33.4, 7.4.33
- Fixed bug #81738: buffer overflow in hash_update() on long parameter.(CVE-2022-37454) (applies to 7.4.33 ONLY)
- Fixed bug #81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630)
- Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)
- Fixed bug #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629).
