ea-php81-php (8.1.34-2+6.1.cpanel) stable; urgency=low

  * EA4-230: Use system libxml2 in PHP 8.1

 -- Gary Stanley <gary.stanley@webpros.com>  Fri, 09 Jan 2026 00:00:00 -0000

ea-php81-php (8.1.34-1) stable; urgency=low

  * EA-13298: Update ea-php81 from v8.1.33 to v8.1.34
  * Fixed GHSA-8xr5-qppj-gvwj (PDO quoting result null deref). (CVE-2025-14180)
  * Fixed GHSA-h96m-rvf9-jgm2 (Heap buffer overflow in array_merge()). (CVE-2025-14178)
  * Fixed GHSA-3237-qqm7-mfv7 (Information Leak of Memory in getimagesize). (CVE-2025-14177)

 -- Dan Muey <daniel.muey@webpros.com>  Thu, 18 Dec 2025 00:00:00 -0000

ea-php81-php (8.1.33-3) stable; urgency=low

  * EA-13088: Update php-litespeed to 8.3

 -- Chris Castillo <chris.castillo@webpros.com>  Tue, 23 Sep 2025 00:00:00 -0000

ea-php81-php (8.1.33-2) stable; urgency=low

  * EA4-122: map u24 libodbc for PHP extension

 -- Dan Muey <daniel.muey@webpros.com>  Wed, 10 Sep 2025 00:00:00 -0000

ea-php81-php (8.1.33-1) stable; urgency=low

  * EA-13001: Update ea-php81 from v8.1.32 to v8.1.33
  * Fixed GHSA-hrwm-9436-5mv3 (pgsql extension does not check for errors during escaping). (CVE-2025-1735)
  * Fixed GHSA-453j-q27h-5p8x (NULL Pointer Dereference in PHP SOAP Extension via Large XML Namespace Prefix). (CVE-2025-6491)
  * Fixed GHSA-3cr5-j632-f35r (Null byte termination in hostnames). (CVE-2025-1220)

 -- Cory McIntire <cory.mcintire@webpros.com>  Thu, 03 Jul 2025 00:00:00 -0000

ea-php81-php (8.1.32-1) stable; urgency=low

  * EA-12766: Update ea-php81 from v8.1.31 to v8.1.32
  * Fixed GHSA-hgf54-96fm-v528 (Stream HTTP wrapper header check might omit basic auth header). (CVE-2025-1736)
  * Fixed GHSA-52jp-hrpf-2jff (Stream HTTP wrapper truncate redirect location to 1024 bytes). (CVE-2025-1861)
  * Fixed GHSA-pcmh-g36c-qc44 (Streams HTTP wrapper does not fail for headers without colon). (CVE-2025-1734)
  * Fixed GHSA-v8xr-gpvj-cx9g (Header parser of `http` stream wrapper does not handle folded headers). (CVE-2025-1217)
  * Fixed GHSA-p3x9-6h7p-cgfc (libxml streams use wrong `content-type` header when requesting a redirected resource). (CVE-2025-1219)
  * Fixed GHSA-rwp7-7vc6-8477 (Reference counting in php_request_shutdown causes Use-After-Free). (CVE-2024-11235)

 -- Cory McIntire <cory.mcintire@webpros.com>  Thu, 13 Mar 2025 00:00:00 -0000

ea-php81-php (8.1.31-2) stable; urgency=low

  * ZC-12495: Do gcc like newer PHPs so that the libicu update won’t break the build

 -- Dan Muey <daniel.muey@webpros.com>  Tue, 07 Jan 2025 00:00:00 -0000

ea-php81-php (8.1.31-1) stable; urgency=low

  * EA-12576: Update ea-php81 from v8.1.30 to v8.1.31
  * (Single byte overread with convert.quoted-printable-decode filter). (CVE-2024-11233)
  * (Configuring a proxy in a stream context might allow for CRLF injection in URIs). (CVE-2024-11234)
  * (Integer overflow in the dblib quoter causing OOB writes). (CVE-2024-11236)
  * (Integer overflow in the firebird quoter causing OOB writes). (CVE-2024-11236)
  * (Leak partial content of the heap through heap buffer over-read). (CVE-2024-8929)
  * (OOB access in ldap_escape). (CVE-2024-8932)

 -- Cory McIntire <cory@cpanel.net>  Thu, 21 Nov 2024 00:00:00 -0000

ea-php81-php (8.1.30-2) stable; urgency=low

  * ZC-12246: Correct conffiles for Ubuntu

 -- Julian Brown <julian.brown@cpanel.net>  Fri, 25 Oct 2024 00:00:00 -0000

ea-php81-php (8.1.30-1) stable; urgency=low

  * EA-12428: Update ea-php81 from v8.1.29 to v8.1.30
  * Fixed bug GHSA-865w-9rf3-2wh5 (Logs from childrens may be altered). (CVE-2024-9026)
  * Fixed bug GHSA-9pqp-7h25-4f32 (Erroneous parsing of multipart form data). (CVE-2024-8925)
  * Fixed bug GHSA-p99j-rfp4-xqvq (Bypass of CVE-2024-4577, Parameter Injection Vulnerability). (CVE-2024-8926)
  * Fixed bug GHSA-94p6-54jq-9mwp (cgi.force_redirect configuration is bypassable due to the environment variable collision). (CVE-2024-8927)

 -- Cory McIntire <cory@cpanel.net>  Thu, 26 Sep 2024 00:00:00 -0000

ea-php81-php (8.1.29-3) stable; urgency=low

  * ZC-12153: make opcache INI a configfile for debs

 -- Dan Muey <dan@cpanel.net>  Tue, 17 Sep 2024 00:00:00 -0000

ea-php81-php (8.1.29-2) stable; urgency=low

  * ZC-12114: Apply fix for libxml2

 -- Julian Brown <julian.brown@cpanel.net>  Wed, 04 Sep 2024 00:00:00 -0000

ea-php81-php (8.1.29-1) stable; urgency=low

  * EA-12192: Update ea-php81 from v8.1.28 to v8.1.29
  * Fixed bug GHSA-3qgc-jrrr-25jv (Bypass of CVE-2012-1823, Argument Injection in PHP-CGI). (CVE-2024-4577)
  * Fixed bug GHSA-w8qr-v226-r27w (Filter bypass in filter_var FILTER_VALIDATE_URL). (CVE-2024-5458)
  * Fixed bug GHSA-9fcc-425m-g385 (Bypass of CVE-2024-1874). (CVE-2024-5585)
  * The openssl_private_decrypt function in PHP, when using PKCS1 padding (OPENSSL_PKCS1_PADDING, which is the default), is vulnerable to the Marvin Attack

 -- Cory McIntire <cory@cpanel.net>  Thu, 06 Jun 2024 00:00:00 -0000

ea-php81-php (8.1.28-2) stable; urgency=low

  * ZC-11730: Add GD support for AVIF format on Ubuntu 22 and higher

 -- Brian Mendoza <brian.mendoza@cpanel.net>  Mon, 15 Apr 2024 00:00:00 -0000

ea-php81-php (8.1.28-1) stable; urgency=low

  * EA-12087: Update ea-php81 from v8.1.27 to v8.1.28
  * Fixed bug GHSA-pc52-254m-w9w7 (Command injection via array-ish $command parameter of proc_open). (CVE-2024-1874)
  * Fixed bug GHSA-wpj3-hf5j-x4v4 (__Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix). (CVE-2024-2756)
  * Fixed bug GHSA-h746-cjrr-wfmr (password_verify can erroneously return true, opening ATO risk). (CVE-2024-3096)

 -- Cory McIntire <cory@cpanel.net>  Fri, 12 Apr 2024 00:00:00 -0000

ea-php81-php (8.1.27-2) stable; urgency=low

  * ZC-11561: Add GD support for AVIF format on RHEL 8 and newer (RHEL only)

 -- Brian Mendoza <brian.mendoza@cpanel.net>  Tue, 05 Mar 2024 00:00:00 -0000

ea-php81-php (8.1.27-1) stable; urgency=low

  * EA-11892: Update ea-php81 from v8.1.26 to v8.1.27

 -- Travis Holloway <t.holloway@cpanel.net>  Tue, 02 Jan 2024 00:00:00 -0000

ea-php81-php (8.1.26-4) stable; urgency=low

  * EA-10753: Have snmp module require 'snmp-mibs-downloader' for deb

 -- Travis Holloway <t.holloway@cpanel.net>  Mon, 18 Dec 2023 00:00:00 -0000

ea-php81-php (8.1.26-3) stable; urgency=low

  * EA-11821: Patch to build with the latest ea-libxml2

 -- Tim Mullin <tim@cpanel.net>  Thu, 30 Nov 2023 00:00:00 -0000

ea-php81-php (8.1.26-2) stable; urgency=low

  * ZC-11419: Correct Ubuntu build issues

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 28 Nov 2023 00:00:00 -0000

ea-php81-php (8.1.26-1) stable; urgency=low

  * EA-11824: Update ea-php81 from v8.1.25 to v8.1.26

 -- Cory McIntire <cory@cpanel.net>  Fri, 24 Nov 2023 00:00:00 -0000

ea-php81-php (8.1.25-1) stable; urgency=low

  * EA-11776: Update ea-php81 from v8.1.24 to v8.1.25

 -- Cory McIntire <cory@cpanel.net>  Fri, 27 Oct 2023 00:00:00 -0000

ea-php81-php (8.1.24-1) stable; urgency=low

  * EA-11716: Update ea-php81 from v8.1.23 to v8.1.24

 -- Cory McIntire <cory@cpanel.net>  Mon, 02 Oct 2023 00:00:00 -0000

ea-php81-php (8.1.23-1) stable; urgency=low

  * EA-11664: Update ea-php81 from v8.1.22 to v8.1.23

 -- Cory McIntire <cory@cpanel.net>  Fri, 08 Sep 2023 00:00:00 -0000

ea-php81-php (8.1.22-1) stable; urgency=low

  * EA-11589: Update ea-php81 from v8.1.21 to v8.1.22
  * Libxml:
  Fixed bug GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading in XML without enabling it). (CVE-2023-3823)
  * Phar:
  Fixed bug GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()). (CVE-2023-3824)

 -- Cory McIntire <cory@cpanel.net>  Thu, 03 Aug 2023 00:00:00 -0000

ea-php81-php (8.1.21-1) stable; urgency=low

  * EA-11538: Update ea-php81 from v8.1.20 to v8.1.21

 -- Cory McIntire <cory@cpanel.net>  Fri, 07 Jul 2023 00:00:00 -0000

ea-php81-php (8.1.20-1) stable; urgency=low

  * EA-11477: Update ea-php81 from v8.1.19 to v8.1.20
  * Fixed bug GHSA-76gg-c692-v2mw
  * (Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP).

 -- Cory McIntire <cory@cpanel.net>  Thu, 08 Jun 2023 00:00:00 -0000

ea-php81-php (8.1.19-5) stable; urgency=low

  * EA-11447: Increase default php memory_limit for new installs from 32M to 128M

 -- Travis Holloway <t.holloway@cpanel.net>  Tue, 30 May 2023 00:00:00 -0000

ea-php81-php (8.1.19-4) stable; urgency=low

  * ZC-10931: Statically link ea-libc-client

 -- Julian Brown <julian.brown@cpanel.net>  Thu, 18 May 2023 00:00:00 -0000

ea-php81-php (8.1.19-3) stable; urgency=low

  * ZC-10950: Fix build problems

 -- Julian Brown <julian.brown@cpanel.net>  Wed, 17 May 2023 00:00:00 -0000

ea-php81-php (8.1.19-2) stable; urgency=low

  * ZC-10936: Clean up Makefile and remove debug-package-nil

 -- Brian Mendoza <brian.mendoza@cpanel.net>  Tue, 16 May 2023 00:00:00 -0000

ea-php81-php (8.1.19-1) stable; urgency=low

  * EA-11415: Update ea-php81 from v8.1.18 to v8.1.19

 -- Cory McIntire <cory@cpanel.net>  Fri, 12 May 2023 00:00:00 -0000

ea-php81-php (8.1.18-2) stable; urgency=low

  * ZC-10873: Simplify the libidn deps, for building on Ubuntu 20 and 22

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 18 Apr 2023 00:00:00 -0000

ea-php81-php (8.1.18-1) stable; urgency=low

  * EA-11356: Update ea-php81 from v8.1.17 to v8.1.18

 -- Cory McIntire <cory@cpanel.net>  Fri, 14 Apr 2023 00:00:00 -0000

ea-php81-php (8.1.17-1) stable; urgency=low

  * EA-11300: Update ea-php81 from v8.1.16 to v8.1.17

 -- Cory McIntire <cory@cpanel.net>  Thu, 16 Mar 2023 00:00:00 -0000

ea-php81-php (8.1.16-1) stable; urgency=low

  * EA-11244: Update ea-php81 from v8.1.15 to v8.1.16
  * Fixed bug #81744 (Password_verify() always return true with some hash). (CVE-2023-0567)
  * Fixed bug #81746 (1-byte array overrun in common path resolve code). (CVE-2023-0568)
  * Fixed bug GHSA-54hq-v5wp-fqgv (DOS vulnerability when parsing multipart request body). (CVE-2023-0662)

 -- Cory McIntire <cory@cpanel.net>  Wed, 15 Feb 2023 00:00:00 -0000

ea-php81-php (8.1.15-1) stable; urgency=low

  * EA-11208: Update ea-php81 from v8.1.14 to v8.1.15

 -- Cory McIntire <cory@cpanel.net>  Fri, 03 Feb 2023 00:00:00 -0000

ea-php81-php (8.1.14-2) stable; urgency=low

  * EA-11075: Correct default value description for log_errors in php.ini

 -- Tim Mullin <tim@cpanel.net>  Wed, 18 Jan 2023 00:00:00 -0000

ea-php81-php (8.1.14-1) stable; urgency=low

  * EA-11133: Update ea-php81 from v8.1.13 to v8.1.14
  * PDO::quote() may return unquoted string). (CVE-2022-31631)

 -- Cory McIntire <cory@cpanel.net>  Thu, 05 Jan 2023 00:00:00 -0000

ea-php81-php (8.1.13-1) stable; urgency=low

  * EA-11070: Update ea-php81 from v8.1.12 to v8.1.13

 -- Cory McIntire <cory@cpanel.net>  Thu, 24 Nov 2022 00:00:00 -0000

ea-php81-php (8.1.12-2) stable; urgency=low

  * EA-11039: Ensure php.ini is marked as a config file on debian based systems

 -- Travis Holloway <t.holloway@cpanel.net>  Mon, 14 Nov 2022 00:00:00 -0000

ea-php81-php (8.1.12-1) stable; urgency=low

  * EA-11021: Update ea-php81 from v8.1.11 to v8.1.12
  * GD: OOB read due to insufficient input validation in imageloadfont(). (CVE-2022-31630)
  * Hash: buffer overflow in hash_update() on long parameter. (CVE-2022-37454)

 -- Cory McIntire <cory@cpanel.net>  Fri, 28 Oct 2022 00:00:00 -0000

ea-php81-php (8.1.11-1) stable; urgency=low

  * EA-10958: Update ea-php81 from v8.1.10 to v8.1.11

 -- Cory McIntire <cory@cpanel.net>  Thu, 29 Sep 2022 00:00:00 -0000

ea-php81-php (8.1.10-3) stable; urgency=low

  * ZC-10009: Add changes so that it builds on AlmaLinux 9

 -- Julian Brown <julian.brown@cpanel.net>  Thu, 29 Sep 2022 00:00:00 -0000

ea-php81-php (8.1.10-2) stable; urgency=low

  * ZC-10260: Link deb against libcurl 4 explicitly

 -- Dan Muey <dan@cpanel.net>  Mon, 26 Sep 2022 00:00:00 -0000

ea-php81-php (8.1.10-1) stable; urgency=low

  * EA-10916: Update ea-php81 from v8.1.9 to v8.1.10

 -- Cory McIntire <cory@cpanel.net>  Thu, 01 Sep 2022 00:00:00 -0000

ea-php81-php (8.1.9-1) stable; urgency=low

  * EA-10865: Update ea-php81 from v8.1.8 to v8.1.9

 -- Cory McIntire <cory@cpanel.net>  Thu, 04 Aug 2022 00:00:00 -0000

ea-php81-php (8.1.8-1) stable; urgency=low

  * EA-10821: Update ea-php81 from v8.1.7 to v8.1.8
  * (Heap buffer overflow in finfo_buffer). (CVE-2022-31627)

 -- Cory McIntire <cory@cpanel.net>  Thu, 07 Jul 2022 00:00:00 -0000

ea-php81-php (8.1.7-1) stable; urgency=low

  * EA-10758: Update ea-php81 from v8.1.6 to v8.1.7

 -- Cory McIntire <cory@cpanel.net>  Thu, 09 Jun 2022 00:00:00 -0000

ea-php81-php (8.1.6-1) stable; urgency=low

  * EA-10705: Update ea-php81 from v8.1.5 to v8.1.6

 -- Cory McIntire <cory@cpanel.net>  Thu, 12 May 2022 00:00:00 -0000

ea-php81-php (8.1.5-1) stable; urgency=low

  * EA-10634: Update ea-php81 from v8.1.4 to v8.1.5

 -- Cory McIntire <cory@cpanel.net>  Thu, 14 Apr 2022 00:00:00 -0000

ea-php81-php (8.1.4-1) stable; urgency=low

  * EA-10577: Update ea-php81 from v8.1.3 to v8.1.4

 -- Cory McIntire <cory@cpanel.net>  Thu, 17 Mar 2022 00:00:00 -0000

ea-php81-php (8.1.3-2) stable; urgency=low

  * EA-10532: Update litespeed to 8.0.1

 -- Travis Holloway <t.holloway@cpanel.net>  Wed, 02 Mar 2022 00:00:00 -0000

ea-php81-php (8.1.3-1) stable; urgency=low

  * EA-10506: Update ea-php81 from v8.1.2 to v8.1.3

 -- Cory McIntire <cory@cpanel.net>  Fri, 18 Feb 2022 00:00:00 -0000

ea-php81-php (8.1.2-1) stable; urgency=low

  * EA-10451: Update ea-php81 from v8.1.1 to v8.1.2

 -- Tim Mullin <tim@cpanel.net>  Fri, 21 Jan 2022 00:00:00 -0000

ea-php81-php (8.1.1-4) stable; urgency=low

  * ZC-9600: Fix Ubuntu 21 global regs problem

 -- Julian Brown <julian.brown@cpanel.net>  Wed, 05 Jan 2022 00:00:00 -0000

ea-php81-php (8.1.1-3) stable; urgency=low

  * ZC-9589: Update DISABLE_BUILD to match OBS

 -- Dan Muey <dan@cpanel.net>  Tue, 28 Dec 2021 00:00:00 -0000

ea-php81-php (8.1.1-2) stable; urgency=low

  * ZC-9587: Build php-sodium

 -- Julian Brown <julian.brown@cpanel.net>  Tue, 21 Dec 2021 00:00:00 -0000

ea-php81-php (8.1.1-1) stable; urgency=low

  * EA-10366: Update ea-php81 from v8.1.0 to v8.1.1

 -- Cory McIntire <cory@cpanel.net>  Fri, 17 Dec 2021 00:00:00 -0000

ea-php81-php (8.1.0-1) stable; urgency=low

  * ZC-9524: Released tarball

 -- Julian Brown <julian.brown@webpros.com>  Tue, 23 Nov 2021 00:00:00 -0000

ea-php81-php (8.1.0rc6-1) stable; urgency=low

  * ZC-9479: Build php8.1 on Ubuntu

 -- Julian Brown <julian.brown@webpros.com>  Wed, 17 Nov 2021 00:00:00 -0000

ea-php81-php (8.1.0beta3-1) stable; urgency=low

  * ZC-8130: Build php8.1

 -- Cory McIntire <julian.brown@webpros.com>  Thu, 04 Nov 2021 00:00:00 -0000

