php8-8.1.12-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12467-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z php8-8.1.12-1.1 on GA media These are all security issues fixed in the php8-8.1.12-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12467 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-31630/ SUSE CVE CVE-2022-31630 page openSUSE Tumbleweed php8-8.1.12-1.1 php8-bcmath-8.1.12-1.1 php8-bz2-8.1.12-1.1 php8-calendar-8.1.12-1.1 php8-cli-8.1.12-1.1 php8-ctype-8.1.12-1.1 php8-curl-8.1.12-1.1 php8-dba-8.1.12-1.1 php8-devel-8.1.12-1.1 php8-dom-8.1.12-1.1 php8-enchant-8.1.12-1.1 php8-exif-8.1.12-1.1 php8-ffi-8.1.12-1.1 php8-fileinfo-8.1.12-1.1 php8-ftp-8.1.12-1.1 php8-gd-8.1.12-1.1 php8-gettext-8.1.12-1.1 php8-gmp-8.1.12-1.1 php8-iconv-8.1.12-1.1 php8-intl-8.1.12-1.1 php8-ldap-8.1.12-1.1 php8-mbstring-8.1.12-1.1 php8-mysql-8.1.12-1.1 php8-odbc-8.1.12-1.1 php8-opcache-8.1.12-1.1 php8-openssl-8.1.12-1.1 php8-pcntl-8.1.12-1.1 php8-pdo-8.1.12-1.1 php8-pgsql-8.1.12-1.1 php8-phar-8.1.12-1.1 php8-posix-8.1.12-1.1 php8-readline-8.1.12-1.1 php8-shmop-8.1.12-1.1 php8-snmp-8.1.12-1.1 php8-soap-8.1.12-1.1 php8-sockets-8.1.12-1.1 php8-sodium-8.1.12-1.1 php8-sqlite-8.1.12-1.1 php8-sysvmsg-8.1.12-1.1 php8-sysvsem-8.1.12-1.1 php8-sysvshm-8.1.12-1.1 php8-tidy-8.1.12-1.1 php8-tokenizer-8.1.12-1.1 php8-xmlreader-8.1.12-1.1 php8-xmlwriter-8.1.12-1.1 php8-xsl-8.1.12-1.1 php8-zip-8.1.12-1.1 php8-zlib-8.1.12-1.1 php8-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-bcmath-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-bz2-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-calendar-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-cli-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-ctype-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-curl-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-dba-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-devel-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-dom-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-enchant-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-exif-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-ffi-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-fileinfo-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-ftp-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-gd-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-gettext-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-gmp-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-iconv-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-intl-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-ldap-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-mbstring-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-mysql-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-odbc-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-opcache-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-openssl-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-pcntl-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-pdo-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-pgsql-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-phar-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-posix-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-readline-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-shmop-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-snmp-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-soap-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-sockets-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-sodium-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-sqlite-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-sysvmsg-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-sysvsem-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-sysvshm-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-tidy-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-tokenizer-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-xmlreader-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-xmlwriter-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-xsl-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-zip-8.1.12-1.1 as a component of openSUSE Tumbleweed php8-zlib-8.1.12-1.1 as a component of openSUSE Tumbleweed In PHP versions prior to 7.4.33, 8.0.25 and 8.1.12, when using imageloadfont() function in gd extension, it is possible to supply a specially crafted font file, such as if the loaded font is used with imagechar() function, the read outside allocated buffer will be used. This can lead to crashes or disclosure of confidential information. CVE-2022-31630 openSUSE Tumbleweed:php8-8.1.12-1.1 openSUSE Tumbleweed:php8-bcmath-8.1.12-1.1 openSUSE Tumbleweed:php8-bz2-8.1.12-1.1 openSUSE Tumbleweed:php8-calendar-8.1.12-1.1 openSUSE Tumbleweed:php8-cli-8.1.12-1.1 openSUSE Tumbleweed:php8-ctype-8.1.12-1.1 openSUSE Tumbleweed:php8-curl-8.1.12-1.1 openSUSE Tumbleweed:php8-dba-8.1.12-1.1 openSUSE Tumbleweed:php8-devel-8.1.12-1.1 openSUSE Tumbleweed:php8-dom-8.1.12-1.1 openSUSE Tumbleweed:php8-enchant-8.1.12-1.1 openSUSE Tumbleweed:php8-exif-8.1.12-1.1 openSUSE Tumbleweed:php8-ffi-8.1.12-1.1 openSUSE Tumbleweed:php8-fileinfo-8.1.12-1.1 openSUSE Tumbleweed:php8-ftp-8.1.12-1.1 openSUSE Tumbleweed:php8-gd-8.1.12-1.1 openSUSE Tumbleweed:php8-gettext-8.1.12-1.1 openSUSE Tumbleweed:php8-gmp-8.1.12-1.1 openSUSE Tumbleweed:php8-iconv-8.1.12-1.1 openSUSE Tumbleweed:php8-intl-8.1.12-1.1 openSUSE Tumbleweed:php8-ldap-8.1.12-1.1 openSUSE Tumbleweed:php8-mbstring-8.1.12-1.1 openSUSE Tumbleweed:php8-mysql-8.1.12-1.1 openSUSE Tumbleweed:php8-odbc-8.1.12-1.1 openSUSE Tumbleweed:php8-opcache-8.1.12-1.1 openSUSE Tumbleweed:php8-openssl-8.1.12-1.1 openSUSE Tumbleweed:php8-pcntl-8.1.12-1.1 openSUSE Tumbleweed:php8-pdo-8.1.12-1.1 openSUSE Tumbleweed:php8-pgsql-8.1.12-1.1 openSUSE Tumbleweed:php8-phar-8.1.12-1.1 openSUSE Tumbleweed:php8-posix-8.1.12-1.1 openSUSE Tumbleweed:php8-readline-8.1.12-1.1 openSUSE Tumbleweed:php8-shmop-8.1.12-1.1 openSUSE Tumbleweed:php8-snmp-8.1.12-1.1 openSUSE Tumbleweed:php8-soap-8.1.12-1.1 openSUSE Tumbleweed:php8-sockets-8.1.12-1.1 openSUSE Tumbleweed:php8-sodium-8.1.12-1.1 openSUSE Tumbleweed:php8-sqlite-8.1.12-1.1 openSUSE Tumbleweed:php8-sysvmsg-8.1.12-1.1 openSUSE Tumbleweed:php8-sysvsem-8.1.12-1.1 openSUSE Tumbleweed:php8-sysvshm-8.1.12-1.1 openSUSE Tumbleweed:php8-tidy-8.1.12-1.1 openSUSE Tumbleweed:php8-tokenizer-8.1.12-1.1 openSUSE Tumbleweed:php8-xmlreader-8.1.12-1.1 openSUSE Tumbleweed:php8-xmlwriter-8.1.12-1.1 openSUSE Tumbleweed:php8-xsl-8.1.12-1.1 openSUSE Tumbleweed:php8-zip-8.1.12-1.1 openSUSE Tumbleweed:php8-zlib-8.1.12-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-31630.html CVE-2022-31630 https://bugzilla.suse.com/1204979 SUSE Bug 1204979