PHP 8.1.33 has been released, addressing several critical issues related to the PGSQL, SOAP, and Standard extensions. This update aims to enhance error checking, particularly during the escaping process, which is essential for maintaining security and stability in applications.
Key fixes in this release include:
- PGSQL: The extension now properly checks for errors during the escaping process, resolving the issue identified as GHSA-hrwm-9436-5mv3 (CVE-2025-1735). This fix was contributed by Jakub Zelenka.
- SOAP: A bug that could lead to a NULL Pointer Dereference due to large XML namespace prefixes has been fixed, addressing GHSA-453j-q27h-5p8x (CVE-2025-6491). This fix was contributed by Lekssays and nielsdos.
- Standard: The update resolves a vulnerability related to null byte termination in hostnames, as noted in GHSA-3cr5-j632-f35r (CVE-2025-1220), with contributions from Jakub Zelenka.
Overall, PHP 8.1.33 improves the robustness and security of the language, making it a recommended update for developers utilizing these features. It is crucial for developers to stay current with such updates to protect their applications from potential vulnerabilities.
As PHP continues to evolve, future releases are expected to further enhance performance, introduce new features, and address any emerging security concerns, ensuring that developers have the best tools available to create secure and efficient applications
Key fixes in this release include:
- PGSQL: The extension now properly checks for errors during the escaping process, resolving the issue identified as GHSA-hrwm-9436-5mv3 (CVE-2025-1735). This fix was contributed by Jakub Zelenka.
- SOAP: A bug that could lead to a NULL Pointer Dereference due to large XML namespace prefixes has been fixed, addressing GHSA-453j-q27h-5p8x (CVE-2025-6491). This fix was contributed by Lekssays and nielsdos.
- Standard: The update resolves a vulnerability related to null byte termination in hostnames, as noted in GHSA-3cr5-j632-f35r (CVE-2025-1220), with contributions from Jakub Zelenka.
Overall, PHP 8.1.33 improves the robustness and security of the language, making it a recommended update for developers utilizing these features. It is crucial for developers to stay current with such updates to protect their applications from potential vulnerabilities.
As PHP continues to evolve, future releases are expected to further enhance performance, introduce new features, and address any emerging security concerns, ensuring that developers have the best tools available to create secure and efficient applications
PHP 8.1.33 released
PHP 8.1.33 addresses issues related to PGSQL, SOAP, and Standard, as outlined in GHSA-hrwm-9436-5mv3, GHSA-453j-q27h-5p8x, and GHSA-3cr5-j632-f35r, enhancing error checking during the escaping process.
