April 2024Contains only PHP and installer/packaging fixes/changes.AddedAdds support for Rocky Linux 8 (x68_64 only) ZS Repository Installer script updated to allow usage with Rocky Linux 8.Backported PHP CVE fixesPHP version 7.1.33.22, 7.2.34.18, 7.3.33.10, 7.4.33.5 CVE fixes StandardFixed bug GHSA-wpj3-hf5j-x4v4: __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix. (CVE-2024-2756)Fixed bug GHSA-h746-cjrr-wfmr: password_verify can erroneously return true, opening ATO risk. (CVE-2024-3096)PHP version 7.4.33.5 CVE fix StandardFixed bug GHSA-pc52-254m-w9w7: Command injection via array-ish $command parameter of proc_open. (CVE-2024-1874)Known issuesRHEL 8 upgrade may fail with the message:Problem: cannot install the best update candidate for package liboci8-zend-11.2.0.4-8.x86_64This problem is related to RHEL RPM package dependency resolving, and cannot be fixed in Zend Server packaging. Dependency package libaio from RHEL repository does not install for unknown reasons.Solution: Enter the following command when this error message has been displayed, and then retry the upgrade.sudo yum install libaio-0.3.112-1.el8.i686 liboci8-zend
