php-pdo-8.0.30-16.module_php.8.0.fc43.remi RPM for x86_64

From Remi's RPM Modular for Fedora 43 for x86_64

The php-pdo package contains a dynamic shared object that will add
a database access abstraction layer to PHP.  This module provides
a common interface for accessing MySQL, PostgreSQL or other
databases.

Provides

• php-pdo
• config(php-pdo)
• php(pdo-abi)
• php-pdo(x86-64)
• php-pdo-abi
• php-pdo_sqlite
• php-pdo_sqlite(x86-64)
• php-sqlite3
• php-sqlite3(x86-64)

Requires

• config(php-pdo) = 8.0.30-16.module_php.8.0.fc43.remi
• libc.so.6()(64bit)
• libc.so.6(GLIBC_2.14)(64bit)
• libc.so.6(GLIBC_2.2.5)(64bit)
• libc.so.6(GLIBC_2.3)(64bit)
• libc.so.6(GLIBC_2.3.4)(64bit)
• libc.so.6(GLIBC_2.38)(64bit)
• libc.so.6(GLIBC_2.4)(64bit)
• libc.so.6(GLIBC_ABI_DT_RELR)(64bit)
• libsqlite3.so.0()(64bit)
• php-common(x86-64) = 8.0.30-16.module_php.8.0.fc43.remi
• rpmlib(CompressedFileNames) <= 3.0.4-1
• rpmlib(FileDigests) <= 4.6.0-1
• rpmlib(PayloadFilesHavePrefix) <= 4.0-1
• rpmlib(PayloadIsZstd) <= 5.4.18-1
• rtld(GNU_HASH)

License

PHP

Changelog

* Mon May 11 2026 Remi Collet <remi@remirepo.net> - 8.0.30-16
  - Fix XSS within status endpoint
    CVE-2026-6735
  - Fix Null pointer dereference in php_mb_check_encoding() via mb_ereg_search_init()
    CVE-2026-7259
  - Fix SQL injection via NUL bytes in quoted strings
    CVE-2025-14179
  - Fix Stale SOAP_GLOBAL(ref_map) pointer with Apache Map
    CVE-2026-6722
  - Fix Use-after-free after header parsing failure with SOAP_PERSISTENCE_SESSION
    CVE-2026-7261
  - Fix Broken Apache map value NULL check
    CVE-2026-7262
  - Fix Signed integer overflow of char array offset
    CVE-2026-7568
  - Fix Consistently pass unsigned char to ctype.h functions
    CVE-2026-7258
* Thu Dec 18 2025 Remi Collet <remi@remirepo.net> - 8.0.30-15
  - Fix Null byte termination in dns_get_record()
    GHSA-www2-q4fc-65wf
  - Fix Heap buffer overflow in array_merge()
    CVE-2025-14178
  - Fix Information Leak of Memory in getimagesize
    CVE-2025-14177
* Thu Jul 03 2025 Remi Collet <remi@remirepo.net> - 8.0.30-14
  - Fix pgsql extension does not check for errors during escaping
    CVE-2025-1735
  - Fix NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix
    CVE-2025-6491
  - Fix Null byte termination in hostnames
    CVE-2025-1220
* Thu Mar 13 2025 Remi Collet <remi@remirepo.net> - 8.0.30-13
  - Fix libxml streams use wrong `content-type` header when requesting a redirected resource
    CVE-2025-1219
  - Fix Stream HTTP wrapper header check might omit basic auth header
    CVE-2025-1736
  - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes
    CVE-2025-1861
  - Fix Streams HTTP wrapper does not fail for headers without colon
    CVE-2025-1734
  - Fix Header parser of `http` stream wrapper does not handle folded headers
    CVE-2025-1217
  - use oracle client library version 23.7 on x86_64 and aarch64
* Thu Feb 13 2025 Remi Collet <remi@remirepo.net> - 8.0.30-12
  - backport fix for ICU 74+
  - backport fix strict prototypes
* Wed Nov 27 2024 Remi Collet <remi@remirepo.net> - 8.0.30-11
  - Fix Leak partial content of the heap through heap buffer over-read
    CVE-2024-8929
* Fri Nov 22 2024 Remi Collet <remi@remirepo.net> - 8.0.30-10
  - Fix Heap-Use-After-Free in sapi_read_post_data Processing in CLI SAPI Interface
    GHSA-4w77-75f9-2c8w
  - Fix OOB access in ldap_escape
    CVE-2024-8932
  - Fix Integer overflow in the dblib/firebird quoter causing OOB writes
    CVE-2024-11236
  - Fix Configuring a proxy in a stream context might allow for CRLF injection in URIs
    CVE-2024-11234
  - Fix Single byte overread with convert.quoted-printable-decode filter
    CVE-2024-11233
* Thu Sep 26 2024 Remi Collet <remi@remirepo.net> - 8.0.30-9
  - Fix Bypass of CVE-2012-1823, Argument Injection in PHP-CGI
    CVE-2024-4577
  - Fix Bypass of CVE-2024-4577, Parameter Injection Vulnerability
    CVE-2024-8926
  - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision
    CVE-2024-8927
  - Fix Logs from childrens may be altered
    CVE-2024-9026
  - Fix Erroneous parsing of multipart form data
    CVE-2024-8925
  - use ICU 74.2
* Mon Aug 26 2024 Remi Collet <remi@remirepo.net> - 8.0.30-8
  - add backport for https://bugs.php.net/79589
    error:14095126:SSL routines:ssl3_read_n:unexpected eof while reading
* Wed Jul 31 2024 Remi Collet <remi@remirepo.net> - 8.0.30-7
  - use oracle client library version 23.5 on x86_64
* Tue Jun 04 2024 Remi Collet <remi@remirepo.net> - 8.0.30-6
  - Fix filter bypass in filter_var FILTER_VALIDATE_URL
    CVE-2024-5458

Files

/etc/php.d/20-pdo.ini
/etc/php.d/20-sqlite3.ini
/etc/php.d/30-pdo_sqlite.ini
/usr/lib/.build-id
/usr/lib/.build-id/07
/usr/lib/.build-id/07/60c5e825805243e7bbaf9937732fe8e527189a
/usr/lib/.build-id/23
/usr/lib/.build-id/23/4524f406a8d4d5c678a7da006bed6af8753d79
/usr/lib/.build-id/52
/usr/lib/.build-id/52/bc0f350fdedc8b76d214763eb2f49a874750d5
/usr/lib64/php/modules/pdo.so
/usr/lib64/php/modules/pdo_sqlite.so
/usr/lib64/php/modules/sqlite3.so

Generated by rpm2html 1.8.1

Fabrice Bellet, Tue May 12 06:05:19 2026