Fixed

  • JobQueue HTTPS requests failure on IBM i
  • Change lighttpd configuration for HTTPv.1.1 compatibility
  • JobQueue incorrect behavior during DST change
  •  Zend Server RPM php-sources-zend-server packages missing PHP 7.1 sources

Updated

  • Upgrade angularjs to latest perforce-angular 1.8.4 in Zend Server

Backported PHP CVE fixes

  • PHP versions: 7.1.33.16, 7.2.34.12, 7.3.33.4, 7.4.33
    • Fixed bug #81738: buffer overflow in hash_update() on long parameter.(CVE-2022-37454) (applies to 7.4.33 ONLY)
    • Fixed bug #81739: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630)
    • Fixed bug #81726: phar wrapper: DOS when using quine gzip file. (CVE-2022-31628)
    • Fixed bug #81727: Don't mangle HTTP variable names that clash with ones that have a specific semantic meaning. (CVE-2022-31629).