PHP 8.2.31 has been released, introducing brotli and zstd compression support for Windows Curl while addressing several critical security vulnerabilities. The update fixes issues such as cross-site scripting in the FPM status page, a SQL injection vulnerability in PDO_Firebird, and multiple memory corruption bugs in SOAP and MBString. Additionally, it enhances compatibility with newer OpenSSL 4.0 libraries, allowing developers to upgrade without creating security risks associated with older versions. System administrators are encouraged to apply the update promptly to safeguard their servers and test their custom SOAP integrations for any potential issues following the changes
PHP 8.2.31 released
PHP 8.2.31 finally brings brotli and zstd compression to Windows Curl while patching a cluster of security flaws that could easily compromise live servers. The release squashes cross-site scripting in the FPM status page, closes a SQL injection vector in PDO_Firebird, and fixes multiple memory corruption bugs in SOAP and MBString that attackers love to exploit. Developers running newer OpenSSL 4.0 libraries will see smoother compatibility, and Windows environments can finally drop workarounds for modern compression standards. Swap out the old binaries before automated scanners start knocking, and test your custom SOAP integrations since the underlying parsing changes might catch legacy code off guard.
