MGASA-2024-0262

This update ships the latest version of php 8.2. It brings fixed security issues and the usual bug fixes. Vulnerability: A code logic error, filtering functions such as filtervar when validating URLs (FILTERVALIDATEURL) for certain types of URLs the function will result in invalid user information (username + password part of URLs) being treated as valid user information. This may lead to the downstream code accepting invalid URLs as valid and parsing them incorrectly. (CVE-2024-5458) Notable fixes: DOM: Fixed bug GH-14343 (Memory leak in xml and dom). FPM: Fixed bug GH-13563 (Setting bool values via env in FPM config fails). MySQLnd: Fix bug GH-14255 (mysqlifetch_assoc reports error from nested query). Posix: Fix usage of reentrant functions in ext/posix. Soap: Various memory issues SPL: Fixed bug GH-14290 (Member access within null pointer in extension spl). Streams: Fixed bug GH-11078 (PHP Fatal error triggers pointer being freed was not allocated and malloc: double free for ptr errors).