drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in php8
| Name: |
Mehrere Probleme in php8 |
|
| ID: |
SUSE-SU-2026:0086-1 |
|
| Distribution: |
SUSE |
|
| Plattformen: |
SUSE Linux Enterprise Server 15 SP7, SUSE Linux Enterprise Server for SAP Applications 15 SP7, SUSE Web and Scripting Module 15-SP7 |
|
| Datum: |
Fr, 9. Januar 2026, 23:46 |
|
| Referenzen: |
https://www.cve.org/CVERecord?id=CVE-2025-14180
https://www.cve.org/CVERecord?id=CVE-2025-14177
https://www.cve.org/CVERecord?id=CVE-2025-14178 |
|
| Applikationen: |
PHP |
|
Originalnachricht |
--===============8132739791524457033==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
# Security update for php8
Announcement ID: SUSE-SU-2026:0086-1
Release Date: 2026-01-09T15:01:56Z
Rating: moderate
References:
* bsc#1255710
* bsc#1255711
* bsc#1255712
Cross-References:
* CVE-2025-14177
* CVE-2025-14178
* CVE-2025-14180
CVSS scores:
* CVE-2025-14177 ( SUSE ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N
* CVE-2025-14177 ( SUSE ): 3.7 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
* CVE-2025-14177 ( NVD ): 6.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-14177 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
* CVE-2025-14178 ( SUSE ): 8.3
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14178 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-14178 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
* CVE-2025-14180 ( SUSE ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-14180 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
* CVE-2025-14180 ( NVD ): 8.2
CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Affected Products:
* SUSE Linux Enterprise Server 15 SP7
* SUSE Linux Enterprise Server for SAP Applications 15 SP7
* Web and Scripting Module 15-SP7
An update that solves three vulnerabilities can now be installed.
## Description:
This update for php8 fixes the following issues:
Security fixes:
* CVE-2025-14177: getimagesize() function may leak uninitialized heap memory
into the APPn segments when reading images in multi-chunk mode
(bsc#1255710).
* CVE-2025-14178: heap buffer overflow occurs in array_merge() when the total
element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE
(bsc#1255711).
* CVE-2025-14180: null pointer dereference in pdo_parse_params() function
when
using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled
(bsc#1255712).
Other fixes:
Version 8.3.29 Core: Sync all boost.context files with release 1.86.0. Fixed
bug
GH-20435 (SensitiveParameter doesn't work for named argument passing to
variadic
parameter). Fixed bug GH-20286 (use-after-destroy during userland
stream_close()). Bz2: Fix assertion failures resulting in crashes with stream
filter object parameters. Date: Fix crashes when trying to instantiate
uninstantiable classes via date static constructors. DOM: Fix missing NUL byte
check on C14NFile(). Fibers: Fixed bug GH-20483 (ASAN stack overflow with
fiber.stack_size INI small value). FTP: Fixed bug GH-20601 (ftp_connect overflow
on timeout). GD: Fixed bug GH-20511 (imagegammacorrect out of range
input/output
values). Fixed bug GH-20602 (imagescale overflow with large height values).
Intl: Fixed bug GH-20426 (Spoofchecker::setRestrictionLevel() error message
suggests missing constants). LibXML: Fix some deprecations on newer libxml
versions regarding input buffer/parser handling. MbString: Fixed bug GH-20491
(SLES15 compile error with mbstring oniguruma). Fixed bug GH-20492 (mbstring
compile warning due to non-strings). MySQLnd: Fixed bug GH-20528 (Regression
breaks mysql connexion using an IPv6 address enclosed in square brackets).
Opcache: Fixed bug GH-20329 (opcache.file_cache broken with full interned
string
buffer). PDO: Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null deref).
(CVE-2025-14180) Phar: Fixed bug GH-20442 (Phar does not respect case-
insensitiveness of __halt_compiler() when reading stub). Fix broken return
value
of fflush() for phar file entries. Fix assertion failure when fseeking a phar
file out of bounds. PHPDBG: Fixed ZPP type violation in phpdbg_get_executable()
and phpdbg_end_oplog(). SPL: Fixed bug GH-20614 (SplFixedArray incorrectly
handles references in deserialization). Standard: Fix memory leak in
array_diff() with custom type checks. Fixed bug GH-20583 (Stack overflow in
http_build_query via deep structures). Fixed GHSA-www2-q4fc-65wf (Null byte
termination in dns_get_record()). Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer
overflow in array_merge()). (CVE-2025-14178) Fixed GHSA-3237-qqm7-mfv7
(Information Leak of Memory in getimagesize). (CVE-2025-14177) Tidy: Fixed bug
GH-20374 (PHP with tidy and custom-tags). XML: Fixed bug GH-20439
(xml_set_default_handler() does not properly handle special characters in
attributes when passing data to callback). Zip: Fix crash in property existence
test. Don't truncate return value of zip_fread() with user sizes. Zlib: Fix
assertion failures resulting in crashes with stream filter object parameters.
Version 8.3.28 Core: Fixed bug GH-19934 (CGI with auto_globals_jit=0 causes
uouv). Fixed bug GH-20073 (Assertion failure in WeakMap offset operations on
reference). Fixed bug GH-19844 (Don't bail when closing resources on
shutdown).
Fixed bug GH-20177 (Accessing overridden private property in get_object_vars()
triggers assertion error). Fixed bug GH-20183 (Stale
EG(opline_before_exception)
pointer through eval). DOM: Partially fixed bug GH-16317 (DOM classes do not
allow __debugInfo() overrides to work). Exif: Fix possible memory leak when tag
is empty. FPM: Fixed bug GH-19974 (fpm_status_export_to_zval segfault for
parallel execution). FTP: Fixed bug GH-20240 (FTP with SSL: ftp_fput():
Connection timed out on successful writes). GD: Fixed bug GH-20070 (Return type
violation in imagefilter when an invalid filter is provided). Intl: Fix memory
leak on error in locale_filter_matches(). LibXML: Fix not thread safe
schema/relaxng calls. MySQLnd: Fixed bug GH-8978 (SSL certificate verification
fails (port doubled)). Fixed bug GH-20122 (getColumnMeta() for JSON-column in
MySQL). Opcache: Fixed bug GH-20081 (access to uninitialized vars in
preload_load()). Fixed bug GH-20121 (JIT broken in ZTS builds on MacOS 15).
PgSql: Fix memory leak when first string conversion fails. Fix segfaults when
attempting to fetch row into a non-instantiable class name. Phar: Fix memory
leak of argument in webPhar. Fix memory leak when setAlias() fails. Fix a bunch
of memory leaks in phar_parse_zipfile() error handling. Fix file
descriptor/memory leak when opening central fp fails. Fix memleak+UAF when
opening temp stream in buildFromDirectory() fails. Fix potential buffer length
truncation due to usage of type int instead of type size_t. Fix memory leak
when
openssl polyfill returns garbage. Fix file descriptor leak in phar_zip_flush()
on failure. Fix memory leak when opening temp file fails while trying to open
gzip-compressed archive. Fixed bug GH-20302 (Freeing a phar alias may
invalidate
PharFileInfo objects). Random: Fix Randomizer::__serialize() w.r.t. INDIRECTs.
SimpleXML: Partially fixed bug GH-16317 (SimpleXML does not allow __debugInfo()
overrides to work). Standard: Fix shm corruption with coercion in options of
unserialize(). Streams: Fixed bug GH-19798: XP_SOCKET XP_SSL (Socket stream
modules): Incorrect condition for Win32/Win64. Tidy: Fixed GH-19021 (improved
tidyOptGetCategory detection). Fix UAF in tidy when tidySetErrorBuffer() fails.
XMLReader: Fix arginfo/zpp violations when LIBXML_SCHEMAS_ENABLED is not
available. Windows: Fix GH-19722 ( _get_osfhandle asserts in debug mode when
given a socket). Zip: Fix memory leak when passing enc_method/enc_password is
passed as option for ZipArchive::addGlob()/addPattern() and with consecutive
calls. Version 8.3.27 Core: Fixed bug GH-19765 (object_properties_load()
bypasses readonly property checks). Fixed hard_timeout with --enable-zend-max-
execution-timers. Fixed bug GH-19792 (SCCP causes UAF for return value if both
warning and exception are triggered). Fixed bug GH-19653 (Closure named
argument
unpacking between temporary closures can cause a crash). Fixed bug GH-19839
(Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland array). Fixed bug GH-19480
(error_log php.ini cannot be unset when open_basedir is configured). Fixed bug
GH-20002 (Broken build on *BSD with MSAN). CLI: Fix useless "Failed to poll
event" error logs due to EAGAIN in CLI server with PHP_CLI_SERVER_WORKERS.
Curl:
Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead of the
curl_copy_handle() function to clone a CurlHandle. Fix curl build and test
failures with version 8.16. Date: Fixed GH-17159: "P" format for
::createFromFormat swallows string literals. DBA: Fixed GH-19885 (dba_fetch()
overflow on skip argument). GD: Fixed GH-19955 (imagefttext() memory leak).
MySQLnd: Fixed bug #67563 (mysqli compiled with mysqlnd does not take ipv6
adress as parameter). Phar: Fix memory leak and invalid continuation after tar
header writing fails. Fix memory leaks when creating temp file fails when
applying zip signature. SimpleXML: Fixed bug GH-19988 (zend_string_init with
NULL pointer in simplexml (UB)). Soap: Fixed bug GH-19784 (SoapServer memory
leak). Fixed bug GH-20011 (Array of SoapVar of unknown type causes crash).
Standard: Fixed bug GH-12265 (Cloning an object breaks serialization
recursion).
Fixed bug GH-19701 (Serialize/deserialize loses some data). Fixed bug GH-19801
(leaks in var_dump() and debug_zval_dump()). Fixed bug GH-20043 (array_unique
assertion failure with RC1 array causing an exception on sort). Fixed bug
GH-19926 (reset internal pointer earlier while splicing array while COW
violation flag is still set). Fixed bug GH-19570 (unable to fseek in /dev/zero
and /dev/null). Streams: Fixed bug GH-19248 (Use strerror_r instead of strerror
in main). Fixed bug GH-17345 (Bug #35916 was not completely fixed). Fixed bug
GH-19705 (segmentation when attempting to flush on non seekable stream.
XMLReader: Fixed bug GH-20009 (XMLReader leak on RelaxNG schema failure). Zip:
Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()). Fixed bug
GH-19932 (Memory leak in zip setEncryptionName()/setEncryptionIndex()). Zlib:
Fixed bug GH-19922 (Double free on gzopen). Version 8.3.26 Core: Fixed bug
GH-18850 (Repeated inclusion of file with __halt_compiler() triggers
"Constant
already defined" warning). Partially fixed bug GH-19542 (Scanning of string
literals >=2GB will fail due to signed int overflow). Fixed bug GH-19544 (GC
treats ZEND_WEAKREF_TAG_MAP references as WeakMap references). Fixed bug
GH-19613 (Stale array iterator pointer). Fixed bug GH-19679
(zend_ssa_range_widening may fail to converge). Fixed bug GH-19681
(PHP_EXPAND_PATH broken with bash 5.3.0). Fixed bug GH-19720 (Assertion failure
when error handler throws when accessing a deprecated constant). CLI: Fixed bug
GH-19461 (Improve error message on listening error with IPv6 address). Date:
Fixed date_sunrise() and date_sunset() with partial-hour UTC offset. DOM: Fixed
bug GH-19612 (Mitigate libxml2 tree dictionary bug). FPM: Fixed failed debug
assertion when php_admin_value setting fails. GD: Fixed bug GH-19579
(imagefilledellipse underflow on width argument). Intl: Fixed bug GH-11952 (Fix
locale strings canonicalization for IntlDateFormatter and NumberFormatter).
OpenSSL: Fixed bug GH-19245 (Success error message on TLS stream accept
failure). PGSQL: Fixed bug GH-19485 (potential use after free when using
persistent pgsql connections). Phar: Fixed memory leaks when verifying OpenSSL
signature. Fix memory leak in phar tar temporary file error handling code. Fix
metadata leak when phar convert logic fails. Fix memory leak on failure in
phar_convert_to_other(). Fixed bug GH-19752 (Phar decompression with invalid
extension can cause UAF). Standard: Fixed bug GH-16649 (UAF during
array_splice). Fixed bug GH-19577 (Avoid integer overflow when using a small
offset and PHP_INT_MAX with LimitIterator). Streams: Remove incorrect call to
zval_ptr_dtor() in user_wrapper_metadata(). Fix OSS-Fuzz #385993744. Tidy:
Fixed
GH-19021 build issue with libtidy in regard of tidyOptIsReadonly deprecation
and
TidyInternalCategory being available later than tidyOptGetCategory. Zip: Fix
memory leak in zip when encountering empty glob result. Version 8.3.25 Core:
Fixed GH-19169 build issue with C++17 and ZEND_STATIC_ASSERT macro. Fixed bug
GH-18581 (Coerce numeric string keys from iterators when argument unpacking).
Fixed OSS-Fuzz #434346548 (Failed assertion with throwing __toString in binary
const expr). Fixed bug GH-19305 (Operands may be being released during
comparison). Fixed bug GH-19303 (Unpacking empty packed array into
uninitialized
array causes assertion failure). Fixed bug GH-19306 (Generator can be resumed
while fetching next value from delegated Generator). Fixed bug GH-19326
(Calling
Generator::throw() on a running generator with a non-Generator delegate
crashes). Fixed bug GH-18736 (Circumvented type check with return by ref +
finally). Fixed zend call stack size for macOs/arm64. Fixed bug GH-19065 (Long
match statement can segfault compiler during recursive SSA renaming). Calendar:
Fixed bug GH-19371 (integer overflow in calendar.c). FTP: Fix theoretical issues
with hrtime() not being available. GD: Fix incorrect comparison with result of
php_stream_can_cast(). Hash: Fix crash on clone failure. Intl: Fixed GH-19261:
msgfmt_parse_message leaks on message creation failure. Fix return value on
failure for resourcebundle count handler. LDAP: Fixed bug GH-18529 (additional
inheriting of TLS int options). LibXML: Fixed bug GH-19098 (libxml<2.13
segmentation fault caused by php_libxml_node_free). MbString: Fixed bug
GH-19397
(mb_list_encodings() can cause crashes on shutdown). Opcache: Reset global
pointers to prevent use-after-free in zend_jit_status(). OpenSSL: Fixed bug
GH-18986 (OpenSSL backend: incorrect RAND__file() return value check). Fix
error
return check of EVP_CIPHER_CTX_ctrl(). Fixed bug GH-19428 (openssl_pkey_derive
segfaults for DH derive with low key_length param). PDO Pgsql: Fixed dangling
pointer access on _pdo_pgsql_trim_message helper. Readline: Fixed bug GH-19250
and bug #51360 (Invalid conftest for rl_pending_input). SOAP: Fixed bug
GH-18640
(heap-use-after-free ext/soap/php_encoding.c:299:32 in soap_check_zval_ref).
Sockets: Fix some potential crashes on incorrect argument value. Standard:
Fixed
OSS Fuzz #433303828 (Leak in failed unserialize() with opcache). Fix
theoretical
issues with hrtime() not being available. Fixed bug GH-19300 (Nested
array_multisort invocation with error breaks). Windows: Free opened_path when
opened_path_len >= MAXPATHLEN. Version 8.3.24 Calendar: Fixed jewishtojd
overflow on year argument. Core: Fixed bug GH-18833 (Use after free with
weakmaps dependent on destruction order). Fix OSS-Fuzz #427814456. Fix OSS-Fuzz
#428983568 and #428760800. Fixed bug GH-17204 -Wuseless-escape warnings emitted
by re2c. Curl: Fix memory leaks when returning refcounted value from curl
callback. Remove incorrect string release. LDAP: Fixed GH-18902
ldap_exop/ldap_exop_sync assert triggered on empty request OID. MbString: Fixed
bug GH-18901 (integer overflow mb_split). OCI8: Fixed bug GH-18873
(OCI_RETURN_LOBS flag causes oci8 to leak memory). Opcache: Fixed bug GH-18639
(Internal class aliases can break preloading + JIT). Fixed bug GH-14082
(Segmentation fault on unknown address 0x600000000018 in
ext/opcache/jit/zend_jit.c). OpenSSL: Fixed bug #80770 (It is not possible to
get client peer certificate with stream_socket_server). PCNTL: Fixed bug
GH-18958 (Fatal error during shutdown after pcntl_rfork() or pcntl_forkx() with
zend-max-execution-timers). Phar: Fix stream double free in phar. Fix phar
crash
and file corruption with SplFileObject. SOAP: Fixed bug GH-18990, bug #81029,
bug #47314 (SOAP HTTP socket not closing on object destruction). Fix memory
leak
when URL parsing fails in redirect. SPL: Fixed bug GH-19094 (Attaching class
with no Iterator implementation to MultipleIterator causes crash). Standard:
Fix
misleading errors in printf(). Fix RCN violations in array functions. Fixed
GH-18976 pack() overflow with h/H format and INT_MAX repeater value. Streams:
Fixed GH-13264 (fgets() and stream_get_line() do not return false on filter
fatal error). Zip: Fix leak when path is too long in ZipArchive::extractTo().
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* Web and Scripting Module 15-SP7
zypper in -t patch SUSE-SLE-Module-Web-Scripting-15-SP7-2026-86=1
## Package List:
* Web and Scripting Module 15-SP7 (aarch64 ppc64le s390x x86_64)
* php8-phar-8.3.29-150700.3.9.1
* php8-ftp-8.3.29-150700.3.9.1
* php8-calendar-debuginfo-8.3.29-150700.3.9.1
* php8-opcache-8.3.29-150700.3.9.1
* php8-sockets-debuginfo-8.3.29-150700.3.9.1
* php8-xmlreader-debuginfo-8.3.29-150700.3.9.1
* php8-embed-debugsource-8.3.29-150700.3.9.1
* php8-ftp-debuginfo-8.3.29-150700.3.9.1
* php8-intl-debuginfo-8.3.29-150700.3.9.1
* php8-dom-debuginfo-8.3.29-150700.3.9.1
* php8-posix-debuginfo-8.3.29-150700.3.9.1
* php8-sockets-8.3.29-150700.3.9.1
* php8-calendar-8.3.29-150700.3.9.1
* apache2-mod_php8-debuginfo-8.3.29-150700.3.9.1
* php8-pcntl-8.3.29-150700.3.9.1
* php8-tokenizer-8.3.29-150700.3.9.1
* php8-shmop-8.3.29-150700.3.9.1
* php8-xmlwriter-debuginfo-8.3.29-150700.3.9.1
* php8-embed-8.3.29-150700.3.9.1
* php8-test-8.3.29-150700.3.9.1
* php8-exif-8.3.29-150700.3.9.1
* php8-sodium-8.3.29-150700.3.9.1
* php8-curl-8.3.29-150700.3.9.1
* php8-intl-8.3.29-150700.3.9.1
* php8-xmlwriter-8.3.29-150700.3.9.1
* php8-posix-8.3.29-150700.3.9.1
* php8-tidy-8.3.29-150700.3.9.1
* php8-exif-debuginfo-8.3.29-150700.3.9.1
* php8-openssl-debuginfo-8.3.29-150700.3.9.1
* php8-pgsql-8.3.29-150700.3.9.1
* php8-sysvsem-8.3.29-150700.3.9.1
* php8-sqlite-8.3.29-150700.3.9.1
* php8-sqlite-debuginfo-8.3.29-150700.3.9.1
* php8-fpm-debugsource-8.3.29-150700.3.9.1
* php8-sysvshm-debuginfo-8.3.29-150700.3.9.1
* php8-fastcgi-debugsource-8.3.29-150700.3.9.1
* php8-sysvmsg-8.3.29-150700.3.9.1
* php8-pdo-debuginfo-8.3.29-150700.3.9.1
* php8-debuginfo-8.3.29-150700.3.9.1
* php8-sysvmsg-debuginfo-8.3.29-150700.3.9.1
* php8-gettext-8.3.29-150700.3.9.1
* php8-ctype-8.3.29-150700.3.9.1
* php8-cli-8.3.29-150700.3.9.1
* php8-gd-8.3.29-150700.3.9.1
* php8-mbstring-debuginfo-8.3.29-150700.3.9.1
* php8-fastcgi-debuginfo-8.3.29-150700.3.9.1
* php8-gmp-debuginfo-8.3.29-150700.3.9.1
* php8-bz2-debuginfo-8.3.29-150700.3.9.1
* php8-readline-8.3.29-150700.3.9.1
* php8-ctype-debuginfo-8.3.29-150700.3.9.1
* php8-8.3.29-150700.3.9.1
* php8-embed-debuginfo-8.3.29-150700.3.9.1
* php8-pgsql-debuginfo-8.3.29-150700.3.9.1
* php8-phar-debuginfo-8.3.29-150700.3.9.1
* php8-bcmath-debuginfo-8.3.29-150700.3.9.1
* php8-snmp-debuginfo-8.3.29-150700.3.9.1
* php8-fileinfo-debuginfo-8.3.29-150700.3.9.1
* php8-bz2-8.3.29-150700.3.9.1
* php8-dom-8.3.29-150700.3.9.1
* php8-xsl-debuginfo-8.3.29-150700.3.9.1
* php8-xmlreader-8.3.29-150700.3.9.1
* php8-enchant-8.3.29-150700.3.9.1
* php8-curl-debuginfo-8.3.29-150700.3.9.1
* php8-fpm-debuginfo-8.3.29-150700.3.9.1
* php8-gd-debuginfo-8.3.29-150700.3.9.1
* php8-debugsource-8.3.29-150700.3.9.1
* php8-fileinfo-8.3.29-150700.3.9.1
* php8-odbc-debuginfo-8.3.29-150700.3.9.1
* php8-ldap-8.3.29-150700.3.9.1
* php8-devel-8.3.29-150700.3.9.1
* php8-zip-debuginfo-8.3.29-150700.3.9.1
* php8-fpm-8.3.29-150700.3.9.1
* php8-tokenizer-debuginfo-8.3.29-150700.3.9.1
* php8-soap-debuginfo-8.3.29-150700.3.9.1
* php8-zip-8.3.29-150700.3.9.1
* php8-gmp-8.3.29-150700.3.9.1
* php8-openssl-8.3.29-150700.3.9.1
* php8-sysvsem-debuginfo-8.3.29-150700.3.9.1
* php8-readline-debuginfo-8.3.29-150700.3.9.1
* php8-sysvshm-8.3.29-150700.3.9.1
* php8-cli-debuginfo-8.3.29-150700.3.9.1
* php8-gettext-debuginfo-8.3.29-150700.3.9.1
* php8-enchant-debuginfo-8.3.29-150700.3.9.1
* php8-iconv-8.3.29-150700.3.9.1
* php8-dba-8.3.29-150700.3.9.1
* php8-opcache-debuginfo-8.3.29-150700.3.9.1
* php8-odbc-8.3.29-150700.3.9.1
* php8-mysql-8.3.29-150700.3.9.1
* php8-pcntl-debuginfo-8.3.29-150700.3.9.1
* php8-snmp-8.3.29-150700.3.9.1
* php8-dba-debuginfo-8.3.29-150700.3.9.1
* apache2-mod_php8-debugsource-8.3.29-150700.3.9.1
* php8-sodium-debuginfo-8.3.29-150700.3.9.1
* php8-zlib-debuginfo-8.3.29-150700.3.9.1
* php8-mysql-debuginfo-8.3.29-150700.3.9.1
* php8-ldap-debuginfo-8.3.29-150700.3.9.1
* php8-zlib-8.3.29-150700.3.9.1
* php8-mbstring-8.3.29-150700.3.9.1
* php8-bcmath-8.3.29-150700.3.9.1
* apache2-mod_php8-8.3.29-150700.3.9.1
* php8-fastcgi-8.3.29-150700.3.9.1
* php8-shmop-debuginfo-8.3.29-150700.3.9.1
* php8-soap-8.3.29-150700.3.9.1
* php8-tidy-debuginfo-8.3.29-150700.3.9.1
* php8-xsl-8.3.29-150700.3.9.1
* php8-pdo-8.3.29-150700.3.9.1
* php8-iconv-debuginfo-8.3.29-150700.3.9.1
## References:
* https://www.suse.com/security/cve/CVE-2025-14177.html
* https://www.suse.com/security/cve/CVE-2025-14178.html
* https://www.suse.com/security/cve/CVE-2025-14180.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255710
* https://bugzilla.suse.com/show_bug.cgi?id=1255711
* https://bugzilla.suse.com/show_bug.cgi?id=1255712
--===============8132739791524457033==
Content-Type: text/html; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
<div class="container">
<h1>Security update for php8</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2026:0086-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2026-01-09T15:01:56Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1255710">bsc#1255710</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1255711">bsc#1255711</a>
</li>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1255712">bsc#1255712</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-14177.html">CVE-2025-14177</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-14178.html">CVE-2025-14178</a>
</li>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2025-14180.html">CVE-2025-14180</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14177</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14177</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">3.7</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14177</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">6.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14177</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">7.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14178</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">8.3</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:L/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14178</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">6.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14178</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">6.5</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14180</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">8.2</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14180</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span
class="cvss-score">5.9</span>
<span
class="cvss-vector">CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span
class="cvss-reference">CVE-2025-14180</span>
<span class="cvss-source">
(
NVD
):
</span>
<span
class="cvss-score">8.2</span>
<span
class="cvss-vector">CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux
Enterprise Server 15 SP7</li>
<li class="list-group-item">SUSE Linux
Enterprise Server for SAP Applications 15 SP7</li>
<li class="list-group-item">Web and
Scripting Module 15-SP7</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves three vulnerabilities can now be
installed.</p>
<h2>Description:</h2>
<p>This update for php8 fixes the following issues:</p>
<p>Security fixes:</p>
<ul>
<li>CVE-2025-14177: getimagesize() function may leak uninitialized heap
memory into the APPn segments when reading images in multi-chunk mode (bsc#1255710).</li>
<li>CVE-2025-14178: heap buffer overflow occurs in array_merge() when the
total element count of packed arrays exceeds 32-bit limits or HT_MAX_SIZE (bsc#1255711).</li>
<li>CVE-2025-14180: null pointer dereference in pdo_parse_params()
function when using the PDO PostgreSQL driver with PDO::ATTR_EMULATE_PREPARES enabled (bsc#1255712).</li>
</ul>
<p>Other fixes:</p>
<p>Version 8.3.29
Core:
Sync all boost.context files with release 1.86.0.
Fixed bug GH-20435 (SensitiveParameter doesn't work for named
argument passing to variadic parameter).
Fixed bug GH-20286 (use-after-destroy during userland stream_close()).
Bz2:
Fix assertion failures resulting in crashes with stream filter object
parameters.
Date:
Fix crashes when trying to instantiate uninstantiable classes via date
static constructors.
DOM:
Fix missing NUL byte check on C14NFile().
Fibers:
Fixed bug GH-20483 (ASAN stack overflow with fiber.stack_size INI small
value).
FTP:
Fixed bug GH-20601 (ftp_connect overflow on timeout).
GD:
Fixed bug GH-20511 (imagegammacorrect out of range input/output
values).
Fixed bug GH-20602 (imagescale overflow with large height values).
Intl:
Fixed bug GH-20426 (Spoofchecker::setRestrictionLevel() error message
suggests missing constants).
LibXML:
Fix some deprecations on newer libxml versions regarding input
buffer/parser handling.
MbString:
Fixed bug GH-20491 (SLES15 compile error with mbstring oniguruma).
Fixed bug GH-20492 (mbstring compile warning due to non-strings).
MySQLnd:
Fixed bug GH-20528 (Regression breaks mysql connexion using an IPv6
address enclosed in square brackets).
Opcache:
Fixed bug GH-20329 (opcache.file_cache broken with full interned string
buffer).
PDO:
Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null deref).
(CVE-2025-14180)
Phar:
Fixed bug GH-20442 (Phar does not respect case-insensitiveness of
__halt_compiler() when reading stub).
Fix broken return value of fflush() for phar file entries.
Fix assertion failure when fseeking a phar file out of bounds.
PHPDBG:
Fixed ZPP type violation in phpdbg_get_executable() and
phpdbg_end_oplog().
SPL:
Fixed bug GH-20614 (SplFixedArray incorrectly handles references in
deserialization).
Standard:
Fix memory leak in array_diff() with custom type checks.
Fixed bug GH-20583 (Stack overflow in http_build_query via deep
structures).
Fixed GHSA-www2-q4fc-65wf (Null byte termination in dns_get_record()).
Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()).
(CVE-2025-14178)
Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize).
(CVE-2025-14177)
Tidy:
Fixed bug GH-20374 (PHP with tidy and custom-tags).
XML:
Fixed bug GH-20439 (xml_set_default_handler() does not properly handle
special characters in attributes when passing data to callback).
Zip:
Fix crash in property existence test.
Don't truncate return value of zip_fread() with user sizes.
Zlib:
Fix assertion failures resulting in crashes with stream filter object
parameters.
Version 8.3.28
Core:
Fixed bug GH-19934 (CGI with auto_globals_jit=0 causes uouv).
Fixed bug GH-20073 (Assertion failure in WeakMap offset operations on
reference).
Fixed bug GH-19844 (Don't bail when closing resources on
shutdown).
Fixed bug GH-20177 (Accessing overridden private property in
get_object_vars() triggers assertion error).
Fixed bug GH-20183 (Stale EG(opline_before_exception) pointer through
eval).
DOM:
Partially fixed bug GH-16317 (DOM classes do not allow __debugInfo()
overrides to work).
Exif:
Fix possible memory leak when tag is empty.
FPM:
Fixed bug GH-19974 (fpm_status_export_to_zval segfault for parallel
execution).
FTP:
Fixed bug GH-20240 (FTP with SSL: ftp_fput(): Connection timed out on
successful writes).
GD:
Fixed bug GH-20070 (Return type violation in imagefilter when an
invalid filter is provided).
Intl:
Fix memory leak on error in locale_filter_matches().
LibXML:
Fix not thread safe schema/relaxng calls.
MySQLnd:
Fixed bug GH-8978 (SSL certificate verification fails (port doubled)).
Fixed bug GH-20122 (getColumnMeta() for JSON-column in MySQL).
Opcache:
Fixed bug GH-20081 (access to uninitialized vars in preload_load()).
Fixed bug GH-20121 (JIT broken in ZTS builds on MacOS 15).
PgSql:
Fix memory leak when first string conversion fails.
Fix segfaults when attempting to fetch row into a non-instantiable
class name.
Phar:
Fix memory leak of argument in webPhar.
Fix memory leak when setAlias() fails.
Fix a bunch of memory leaks in phar_parse_zipfile() error handling.
Fix file descriptor/memory leak when opening central fp fails.
Fix memleak+UAF when opening temp stream in buildFromDirectory() fails.
Fix potential buffer length truncation due to usage of type int instead
of type size_t.
Fix memory leak when openssl polyfill returns garbage.
Fix file descriptor leak in phar_zip_flush() on failure.
Fix memory leak when opening temp file fails while trying to open
gzip-compressed archive.
Fixed bug GH-20302 (Freeing a phar alias may invalidate PharFileInfo
objects).
Random:
Fix Randomizer::__serialize() w.r.t. INDIRECTs.
SimpleXML:
Partially fixed bug GH-16317 (SimpleXML does not allow __debugInfo()
overrides to work).
Standard:
Fix shm corruption with coercion in options of unserialize().
Streams:
Fixed bug GH-19798: XP_SOCKET XP_SSL (Socket stream modules): Incorrect
condition for Win32/Win64.
Tidy:
Fixed GH-19021 (improved tidyOptGetCategory detection).
Fix UAF in tidy when tidySetErrorBuffer() fails.
XMLReader:
Fix arginfo/zpp violations when LIBXML_SCHEMAS_ENABLED is not
available.
Windows:
Fix GH-19722 (<em load_write="load,write">get_osfhandle
asserts in debug mode when given a socket).
Zip:
Fix memory leak when passing enc_method/enc_password is passed as
option for ZipArchive::addGlob()/addPattern() and with consecutive calls.
Version 8.3.27
Core:
Fixed bug GH-19765 (object_properties_load() bypasses readonly property
checks).
Fixed hard_timeout with --enable-zend-max-execution-timers.
Fixed bug GH-19792 (SCCP causes UAF for return value if both warning
and exception are triggered).
Fixed bug GH-19653 (Closure named argument unpacking between temporary
closures can cause a crash).
Fixed bug GH-19839 (Incorrect HASH_FLAG_HAS_EMPTY_IND flag on userland
array).
Fixed bug GH-19480 (error_log php.ini cannot be unset when open_basedir
is configured).
Fixed bug GH-20002 (Broken build on *BSD with MSAN).
CLI:
Fix useless "Failed to poll event" error logs due to
EAGAIN in CLI server with PHP_CLI_SERVER_WORKERS.
Curl:
Fix cloning of CURLOPT_POSTFIELDS when using the clone operator instead
of the curl_copy_handle() function to clone a CurlHandle.
Fix curl build and test failures with version 8.16.
Date:
Fixed GH-17159: "P" format for ::createFromFormat
swallows string literals.
DBA:
Fixed GH-19885 (dba_fetch() overflow on skip argument).
GD:
Fixed GH-19955 (imagefttext() memory leak).
MySQLnd:
Fixed bug #67563 (mysqli compiled with mysqlnd does not take ipv6
adress as parameter).
Phar:
Fix memory leak and invalid continuation after tar header writing
fails.
Fix memory leaks when creating temp file fails when applying zip
signature.
SimpleXML:
Fixed bug GH-19988 (zend_string_init with NULL pointer in simplexml
(UB)).
Soap:
Fixed bug GH-19784 (SoapServer memory leak).
Fixed bug GH-20011 (Array of SoapVar of unknown type causes crash).
Standard:
Fixed bug GH-12265 (Cloning an object breaks serialization recursion).
Fixed bug GH-19701 (Serialize/deserialize loses some data).
Fixed bug GH-19801 (leaks in var_dump() and debug_zval_dump()).
Fixed bug GH-20043 (array_unique assertion failure with RC1 array
causing an exception on sort).
Fixed bug GH-19926 (reset internal pointer earlier while splicing array
while COW violation flag is still set).
Fixed bug GH-19570 (unable to fseek in /dev/zero and /dev/null).
Streams:
Fixed bug GH-19248 (Use strerror_r instead of strerror in main).
Fixed bug GH-17345 (Bug #35916 was not completely fixed).
Fixed bug GH-19705 (segmentation when attempting to flush on non
seekable stream.
XMLReader:
Fixed bug GH-20009 (XMLReader leak on RelaxNG schema failure).
Zip:
Fixed bug GH-19688 (Remove pattern overflow in zip addGlob()).
Fixed bug GH-19932 (Memory leak in zip
setEncryptionName()/setEncryptionIndex()).
Zlib:
Fixed bug GH-19922 (Double free on gzopen).
Version 8.3.26
Core:
Fixed bug GH-18850 (Repeated inclusion of file with __halt_compiler()
triggers "Constant already defined" warning).
Partially fixed bug GH-19542 (Scanning of string literals >=2GB
will fail due to signed int overflow).
Fixed bug GH-19544 (GC treats ZEND_WEAKREF_TAG_MAP references as
WeakMap references).
Fixed bug GH-19613 (Stale array iterator pointer).
Fixed bug GH-19679 (zend_ssa_range_widening may fail to converge).
Fixed bug GH-19681 (PHP_EXPAND_PATH broken with bash 5.3.0).
Fixed bug GH-19720 (Assertion failure when error handler throws when
accessing a deprecated constant).
CLI:
Fixed bug GH-19461 (Improve error message on listening error with IPv6
address).
Date:
Fixed date_sunrise() and date_sunset() with partial-hour UTC offset.
DOM:
Fixed bug GH-19612 (Mitigate libxml2 tree dictionary bug).
FPM:
Fixed failed debug assertion when php_admin_value setting fails.
GD:
Fixed bug GH-19579 (imagefilledellipse underflow on width argument).
Intl:
Fixed bug GH-11952 (Fix locale strings canonicalization for
IntlDateFormatter and NumberFormatter).
OpenSSL:
Fixed bug GH-19245 (Success error message on TLS stream accept
failure).
PGSQL:
Fixed bug GH-19485 (potential use after free when using persistent
pgsql connections).
Phar:
Fixed memory leaks when verifying OpenSSL signature.
Fix memory leak in phar tar temporary file error handling code.
Fix metadata leak when phar convert logic fails.
Fix memory leak on failure in phar_convert_to_other().
Fixed bug GH-19752 (Phar decompression with invalid extension can cause
UAF).
Standard:
Fixed bug GH-16649 (UAF during array_splice).
Fixed bug GH-19577 (Avoid integer overflow when using a small offset
and PHP_INT_MAX with LimitIterator).
Streams:
Remove incorrect call to zval_ptr_dtor() in user_wrapper_metadata().
Fix OSS-Fuzz #385993744.
Tidy:
Fixed GH-19021 build issue with libtidy in regard of tidyOptIsReadonly
deprecation and TidyInternalCategory being available later than tidyOptGetCategory.
Zip:
Fix memory leak in zip when encountering empty glob result.
Version 8.3.25
Core:
Fixed GH-19169 build issue with C++17 and ZEND_STATIC_ASSERT macro.
Fixed bug GH-18581 (Coerce numeric string keys from iterators when
argument unpacking).
Fixed OSS-Fuzz #434346548 (Failed assertion with throwing __toString in
binary const expr).
Fixed bug GH-19305 (Operands may be being released during comparison).
Fixed bug GH-19303 (Unpacking empty packed array into uninitialized
array causes assertion failure).
Fixed bug GH-19306 (Generator can be resumed while fetching next value
from delegated Generator).
Fixed bug GH-19326 (Calling Generator::throw() on a running generator
with a non-Generator delegate crashes).
Fixed bug GH-18736 (Circumvented type check with return by ref +
finally).
Fixed zend call stack size for macOs/arm64.
Fixed bug GH-19065 (Long match statement can segfault compiler during
recursive SSA renaming).
Calendar:
Fixed bug GH-19371 (integer overflow in calendar.c).
FTP:
Fix theoretical issues with hrtime() not being available.
GD:
Fix incorrect comparison with result of php_stream_can_cast().
Hash:
Fix crash on clone failure.
Intl:
Fixed GH-19261: msgfmt_parse_message leaks on message creation failure.
Fix return value on failure for resourcebundle count handler.
LDAP:
Fixed bug GH-18529 (additional inheriting of TLS int options).
LibXML:
Fixed bug GH-19098 (libxml<2.13 segmentation fault caused by
php_libxml_node_free).
MbString:
Fixed bug GH-19397 (mb_list_encodings() can cause crashes on shutdown).
Opcache:
Reset global pointers to prevent use-after-free in zend_jit_status().
OpenSSL:
Fixed bug GH-18986 (OpenSSL backend: incorrect RAND</em>_file()
return value check).
Fix error return check of EVP_CIPHER_CTX_ctrl().
Fixed bug GH-19428 (openssl_pkey_derive segfaults for DH derive with
low key_length param).
PDO Pgsql:
Fixed dangling pointer access on _pdo_pgsql_trim_message helper.
Readline:
Fixed bug GH-19250 and bug #51360 (Invalid conftest for
rl_pending_input).
SOAP:
Fixed bug GH-18640 (heap-use-after-free ext/soap/php_encoding.c:299:32
in soap_check_zval_ref).
Sockets:
Fix some potential crashes on incorrect argument value.
Standard:
Fixed OSS Fuzz #433303828 (Leak in failed unserialize() with opcache).
Fix theoretical issues with hrtime() not being available.
Fixed bug GH-19300 (Nested array_multisort invocation with error
breaks).
Windows:
Free opened_path when opened_path_len >= MAXPATHLEN.
Version 8.3.24
Calendar:
Fixed jewishtojd overflow on year argument.
Core:
Fixed bug GH-18833 (Use after free with weakmaps dependent on
destruction order).
Fix OSS-Fuzz #427814456.
Fix OSS-Fuzz #428983568 and #428760800.
Fixed bug GH-17204 -Wuseless-escape warnings emitted by re2c.
Curl:
Fix memory leaks when returning refcounted value from curl callback.
Remove incorrect string release.
LDAP:
Fixed GH-18902 ldap_exop/ldap_exop_sync assert triggered on empty
request OID.
MbString:
Fixed bug GH-18901 (integer overflow mb_split).
OCI8:
Fixed bug GH-18873 (OCI_RETURN_LOBS flag causes oci8 to leak memory).
Opcache:
Fixed bug GH-18639 (Internal class aliases can break preloading + JIT).
Fixed bug GH-14082 (Segmentation fault on unknown address
0x600000000018 in ext/opcache/jit/zend_jit.c).
OpenSSL:
Fixed bug #80770 (It is not possible to get client peer certificate
with stream_socket_server).
PCNTL:
Fixed bug GH-18958 (Fatal error during shutdown after pcntl_rfork() or
pcntl_forkx() with zend-max-execution-timers).
Phar:
Fix stream double free in phar.
Fix phar crash and file corruption with SplFileObject.
SOAP:
Fixed bug GH-18990, bug #81029, bug #47314 (SOAP HTTP socket not
closing on object destruction).
Fix memory leak when URL parsing fails in redirect.
SPL:
Fixed bug GH-19094 (Attaching class with no Iterator implementation to
MultipleIterator causes crash).
Standard:
Fix misleading errors in printf().
Fix RCN violations in array functions.
Fixed GH-18976 pack() overflow with h/H format and INT_MAX repeater
value.
Streams:
Fixed GH-13264 (fgets() and stream_get_line() do not return false on
filter fatal error).
Zip:
Fix leak when path is too long in ZipArchive::extractTo().</p>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper
patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
Web and Scripting Module 15-SP7
<br/>
<code>zypper in -t patch
SUSE-SLE-Module-Web-Scripting-15-SP7-2026-86=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
Web and Scripting Module 15-SP7 (aarch64 ppc64le s390x
x86_64)
<ul>
<li>php8-phar-8.3.29-150700.3.9.1</li>
<li>php8-ftp-8.3.29-150700.3.9.1</li>
<li>php8-calendar-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-opcache-8.3.29-150700.3.9.1</li>
<li>php8-sockets-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-xmlreader-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-embed-debugsource-8.3.29-150700.3.9.1</li>
<li>php8-ftp-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-intl-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-dom-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-posix-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-sockets-8.3.29-150700.3.9.1</li>
<li>php8-calendar-8.3.29-150700.3.9.1</li>
<li>apache2-mod_php8-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-pcntl-8.3.29-150700.3.9.1</li>
<li>php8-tokenizer-8.3.29-150700.3.9.1</li>
<li>php8-shmop-8.3.29-150700.3.9.1</li>
<li>php8-xmlwriter-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-embed-8.3.29-150700.3.9.1</li>
<li>php8-test-8.3.29-150700.3.9.1</li>
<li>php8-exif-8.3.29-150700.3.9.1</li>
<li>php8-sodium-8.3.29-150700.3.9.1</li>
<li>php8-curl-8.3.29-150700.3.9.1</li>
<li>php8-intl-8.3.29-150700.3.9.1</li>
<li>php8-xmlwriter-8.3.29-150700.3.9.1</li>
<li>php8-posix-8.3.29-150700.3.9.1</li>
<li>php8-tidy-8.3.29-150700.3.9.1</li>
<li>php8-exif-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-openssl-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-pgsql-8.3.29-150700.3.9.1</li>
<li>php8-sysvsem-8.3.29-150700.3.9.1</li>
<li>php8-sqlite-8.3.29-150700.3.9.1</li>
<li>php8-sqlite-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-fpm-debugsource-8.3.29-150700.3.9.1</li>
<li>php8-sysvshm-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-fastcgi-debugsource-8.3.29-150700.3.9.1</li>
<li>php8-sysvmsg-8.3.29-150700.3.9.1</li>
<li>php8-pdo-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-sysvmsg-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-gettext-8.3.29-150700.3.9.1</li>
<li>php8-ctype-8.3.29-150700.3.9.1</li>
<li>php8-cli-8.3.29-150700.3.9.1</li>
<li>php8-gd-8.3.29-150700.3.9.1</li>
<li>php8-mbstring-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-fastcgi-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-gmp-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-bz2-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-readline-8.3.29-150700.3.9.1</li>
<li>php8-ctype-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-8.3.29-150700.3.9.1</li>
<li>php8-embed-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-pgsql-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-phar-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-bcmath-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-snmp-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-fileinfo-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-bz2-8.3.29-150700.3.9.1</li>
<li>php8-dom-8.3.29-150700.3.9.1</li>
<li>php8-xsl-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-xmlreader-8.3.29-150700.3.9.1</li>
<li>php8-enchant-8.3.29-150700.3.9.1</li>
<li>php8-curl-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-fpm-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-gd-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-debugsource-8.3.29-150700.3.9.1</li>
<li>php8-fileinfo-8.3.29-150700.3.9.1</li>
<li>php8-odbc-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-ldap-8.3.29-150700.3.9.1</li>
<li>php8-devel-8.3.29-150700.3.9.1</li>
<li>php8-zip-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-fpm-8.3.29-150700.3.9.1</li>
<li>php8-tokenizer-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-soap-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-zip-8.3.29-150700.3.9.1</li>
<li>php8-gmp-8.3.29-150700.3.9.1</li>
<li>php8-openssl-8.3.29-150700.3.9.1</li>
<li>php8-sysvsem-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-readline-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-sysvshm-8.3.29-150700.3.9.1</li>
<li>php8-cli-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-gettext-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-enchant-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-iconv-8.3.29-150700.3.9.1</li>
<li>php8-dba-8.3.29-150700.3.9.1</li>
<li>php8-opcache-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-odbc-8.3.29-150700.3.9.1</li>
<li>php8-mysql-8.3.29-150700.3.9.1</li>
<li>php8-pcntl-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-snmp-8.3.29-150700.3.9.1</li>
<li>php8-dba-debuginfo-8.3.29-150700.3.9.1</li>
<li>apache2-mod_php8-debugsource-8.3.29-150700.3.9.1</li>
<li>php8-sodium-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-zlib-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-mysql-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-ldap-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-zlib-8.3.29-150700.3.9.1</li>
<li>php8-mbstring-8.3.29-150700.3.9.1</li>
<li>php8-bcmath-8.3.29-150700.3.9.1</li>
<li>apache2-mod_php8-8.3.29-150700.3.9.1</li>
<li>php8-fastcgi-8.3.29-150700.3.9.1</li>
<li>php8-shmop-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-soap-8.3.29-150700.3.9.1</li>
<li>php8-tidy-debuginfo-8.3.29-150700.3.9.1</li>
<li>php8-xsl-8.3.29-150700.3.9.1</li>
<li>php8-pdo-8.3.29-150700.3.9.1</li>
<li>php8-iconv-debuginfo-8.3.29-150700.3.9.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-14177.html">https://www.suse.com/security/cve/CVE-2025-14177.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-14178.html">https://www.suse.com/security/cve/CVE-2025-14178.html</a>
</li>
<li>
<a href="https://www.suse.com/security/cve/CVE-2025-14180.html">https://www.suse.com/security/cve/CVE-2025-14180.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1255710">https://bugzilla.suse.com/show_bug.cgi?id=1255710</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1255711">https://bugzilla.suse.com/show_bug.cgi?id=1255711</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1255712">https://bugzilla.suse.com/show_bug.cgi?id=1255712</a>
</li>
</ul>
</div>
--===============8132739791524457033==--
|
|
|
|
