php8-8.1.14-1.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12601-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z php8-8.1.14-1.1 on GA media These are all security issues fixed in the php8-8.1.14-1.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12601 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2022-31631/ SUSE CVE CVE-2022-31631 page openSUSE Tumbleweed php8-8.1.14-1.1 php8-bcmath-8.1.14-1.1 php8-bz2-8.1.14-1.1 php8-calendar-8.1.14-1.1 php8-cli-8.1.14-1.1 php8-ctype-8.1.14-1.1 php8-curl-8.1.14-1.1 php8-dba-8.1.14-1.1 php8-devel-8.1.14-1.1 php8-dom-8.1.14-1.1 php8-enchant-8.1.14-1.1 php8-exif-8.1.14-1.1 php8-ffi-8.1.14-1.1 php8-fileinfo-8.1.14-1.1 php8-ftp-8.1.14-1.1 php8-gd-8.1.14-1.1 php8-gettext-8.1.14-1.1 php8-gmp-8.1.14-1.1 php8-iconv-8.1.14-1.1 php8-intl-8.1.14-1.1 php8-ldap-8.1.14-1.1 php8-mbstring-8.1.14-1.1 php8-mysql-8.1.14-1.1 php8-odbc-8.1.14-1.1 php8-opcache-8.1.14-1.1 php8-openssl-8.1.14-1.1 php8-pcntl-8.1.14-1.1 php8-pdo-8.1.14-1.1 php8-pgsql-8.1.14-1.1 php8-phar-8.1.14-1.1 php8-posix-8.1.14-1.1 php8-readline-8.1.14-1.1 php8-shmop-8.1.14-1.1 php8-snmp-8.1.14-1.1 php8-soap-8.1.14-1.1 php8-sockets-8.1.14-1.1 php8-sodium-8.1.14-1.1 php8-sqlite-8.1.14-1.1 php8-sysvmsg-8.1.14-1.1 php8-sysvsem-8.1.14-1.1 php8-sysvshm-8.1.14-1.1 php8-tidy-8.1.14-1.1 php8-tokenizer-8.1.14-1.1 php8-xmlreader-8.1.14-1.1 php8-xmlwriter-8.1.14-1.1 php8-xsl-8.1.14-1.1 php8-zip-8.1.14-1.1 php8-zlib-8.1.14-1.1 php8-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-bcmath-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-bz2-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-calendar-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-cli-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-ctype-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-curl-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-dba-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-devel-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-dom-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-enchant-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-exif-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-ffi-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-fileinfo-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-ftp-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-gd-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-gettext-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-gmp-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-iconv-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-intl-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-ldap-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-mbstring-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-mysql-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-odbc-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-opcache-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-openssl-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-pcntl-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-pdo-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-pgsql-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-phar-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-posix-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-readline-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-shmop-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-snmp-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-soap-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-sockets-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-sodium-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-sqlite-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-sysvmsg-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-sysvsem-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-sysvshm-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-tidy-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-tokenizer-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-xmlreader-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-xmlwriter-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-xsl-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-zip-8.1.14-1.1 as a component of openSUSE Tumbleweed php8-zlib-8.1.14-1.1 as a component of openSUSE Tumbleweed In PHP versions 8.0.* before 8.0.27, 8.1.* before 8.1.15, 8.2.* before 8.2.2 when using PDO::quote() function to quote user-supplied data for SQLite, supplying an overly long string may cause the driver to incorrectly quote the data, which may further lead to SQL injection vulnerabilities. CVE-2022-31631 openSUSE Tumbleweed:php8-8.1.14-1.1 openSUSE Tumbleweed:php8-bcmath-8.1.14-1.1 openSUSE Tumbleweed:php8-bz2-8.1.14-1.1 openSUSE Tumbleweed:php8-calendar-8.1.14-1.1 openSUSE Tumbleweed:php8-cli-8.1.14-1.1 openSUSE Tumbleweed:php8-ctype-8.1.14-1.1 openSUSE Tumbleweed:php8-curl-8.1.14-1.1 openSUSE Tumbleweed:php8-dba-8.1.14-1.1 openSUSE Tumbleweed:php8-devel-8.1.14-1.1 openSUSE Tumbleweed:php8-dom-8.1.14-1.1 openSUSE Tumbleweed:php8-enchant-8.1.14-1.1 openSUSE Tumbleweed:php8-exif-8.1.14-1.1 openSUSE Tumbleweed:php8-ffi-8.1.14-1.1 openSUSE Tumbleweed:php8-fileinfo-8.1.14-1.1 openSUSE Tumbleweed:php8-ftp-8.1.14-1.1 openSUSE Tumbleweed:php8-gd-8.1.14-1.1 openSUSE Tumbleweed:php8-gettext-8.1.14-1.1 openSUSE Tumbleweed:php8-gmp-8.1.14-1.1 openSUSE Tumbleweed:php8-iconv-8.1.14-1.1 openSUSE Tumbleweed:php8-intl-8.1.14-1.1 openSUSE Tumbleweed:php8-ldap-8.1.14-1.1 openSUSE Tumbleweed:php8-mbstring-8.1.14-1.1 openSUSE Tumbleweed:php8-mysql-8.1.14-1.1 openSUSE Tumbleweed:php8-odbc-8.1.14-1.1 openSUSE Tumbleweed:php8-opcache-8.1.14-1.1 openSUSE Tumbleweed:php8-openssl-8.1.14-1.1 openSUSE Tumbleweed:php8-pcntl-8.1.14-1.1 openSUSE Tumbleweed:php8-pdo-8.1.14-1.1 openSUSE Tumbleweed:php8-pgsql-8.1.14-1.1 openSUSE Tumbleweed:php8-phar-8.1.14-1.1 openSUSE Tumbleweed:php8-posix-8.1.14-1.1 openSUSE Tumbleweed:php8-readline-8.1.14-1.1 openSUSE Tumbleweed:php8-shmop-8.1.14-1.1 openSUSE Tumbleweed:php8-snmp-8.1.14-1.1 openSUSE Tumbleweed:php8-soap-8.1.14-1.1 openSUSE Tumbleweed:php8-sockets-8.1.14-1.1 openSUSE Tumbleweed:php8-sodium-8.1.14-1.1 openSUSE Tumbleweed:php8-sqlite-8.1.14-1.1 openSUSE Tumbleweed:php8-sysvmsg-8.1.14-1.1 openSUSE Tumbleweed:php8-sysvsem-8.1.14-1.1 openSUSE Tumbleweed:php8-sysvshm-8.1.14-1.1 openSUSE Tumbleweed:php8-tidy-8.1.14-1.1 openSUSE Tumbleweed:php8-tokenizer-8.1.14-1.1 openSUSE Tumbleweed:php8-xmlreader-8.1.14-1.1 openSUSE Tumbleweed:php8-xmlwriter-8.1.14-1.1 openSUSE Tumbleweed:php8-xsl-8.1.14-1.1 openSUSE Tumbleweed:php8-zip-8.1.14-1.1 openSUSE Tumbleweed:php8-zlib-8.1.14-1.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2022-31631.html CVE-2022-31631 https://bugzilla.suse.com/1206958 SUSE Bug 1206958