Ondřej Surý has announced the release of several PHP packages for Debian versions 11 (Bullseye), 12 (Bookworm), and 13 (Trixie). The versions include PHP 8.4.10, 8.3.23, 8.2.29, and 8.3.33, along with older versions such as PHP 8.0.30-15, 7.4.33-21, and 5.6.40-82, all of which come with important security fixes.
To add the PHP repository on your Debian system, a bash script is provided, which installs necessary packages and configures the repository.
- Core: Resolved issues with infinite recursion in deprecated attributes and improved memory handling.
- Curl and Date: Fixed memory leaks associated with Curl options and DatePeriod iterator.
- OpenSSL: Addressed memory leaks and issues with proxy requests.
- PGSQL: Enhanced error checking during escaping operations.
- SOAP: Fixed memory leaks and a NULL pointer dereference vulnerability.
To add the PHP repository on your Debian system, a bash script is provided, which installs necessary packages and configures the repository.
Highlights from PHP 8.4.10:
- BcMath: Fixed crashes related to accessing BcMath properties.- Core: Resolved issues with infinite recursion in deprecated attributes and improved memory handling.
- Curl and Date: Fixed memory leaks associated with Curl options and DatePeriod iterator.
- OpenSSL: Addressed memory leaks and issues with proxy requests.
- PGSQL: Enhanced error checking during escaping operations.
- SOAP: Fixed memory leaks and a NULL pointer dereference vulnerability.
Notable Fixes in PHP 8.3.23:
Similar to 8.4.10, it includes improvements in core handling, memory management, and security vulnerabilities across various extensions, including Curl, OpenSSL, and PGSQL.Security Fixes in Older Versions (8.2.29, 8.1.33, 8.0.30-15, 7.4.33-21, 5.6.40-82):
These versions also received critical updates, particularly in the PGSQL and SOAP extensions, addressing vulnerabilities that could lead to NULL pointer dereferences and null byte termination issues.Conclusion:
These updates emphasize the importance of maintaining secure and efficient PHP environments, especially for developers using Debian systems. Users are encouraged to update their installations to benefit from the latest features and security enhancementsPHP 8.4.10, 8.3.23, 8.2.29, 8.3.33, 8.0.30-15, 7.4.33-21, 5.6.40-82 packages for Debian 11, 12, and 13 released
Ondřej Surý has released PHP 8.4.10, 8.3.23, 8.2.29, and 8.3.33 packages for Debian GNU/Linux 11 (Bullseye) LTS, 12 (Bookworm), and 13 (Trixie), as well as PHP 8.0.30-15, 7.4.33-21, and 5.6.40-82 packages with the latest security fixes backported.
