Discover Centmin Mod today
Register Now

Beta Branch backport PHP 8.2.32 security fixes to PHP 7.2-8.1 EOL in 140.00beta01

Discussion in 'Centmin Mod Github Commits' started by eva2000, Jul 10, 2026 at 11:04 PM.

  1. eva2000

    eva2000 Administrator Staff Member

    59,160
    12,507
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +19,139
    Local Time:
    8:07 PM
    Nginx 1.31.x
    MariaDB 10.x/11.4+/12.3+
    backport PHP 8.2.32 security fixes to PHP 7.2-8.1 EOL in 140.00beta01

    Backport upstream PHP 8.2.31/8.2.32 security fixes to EOL PHP versions, including CVE-2026-14355 (GH-22187) memory corruption in openssl_encrypt() with AES-WRAP-PAD ciphers. Also bump installer PHPVERLATEST fallback defaults to current upstream releases.

    Changes:
    - PHP 7.2.34: add cve-2025-14178, cve-2026-6722, cve-2026-7261, cve-2026-7262, cve-2026-6735, cve-2026-7568, cve-2026-14355 patches
    - PHP 7.3.33: add cve-2024-8929, cve-2025-14178, cve-2026-6722, cve-2026-7261, cve-2026-7262, cve-2026-6735, cve-2026-7568, cve-2026-14355 patches
    - PHP 7.4.33: add cve-2026-6722, cve-2026-7261, cve-2026-7262, cve-2026-6735, cve-2026-7568, cve-2026-7258, cve-2026-14355 patches
    - PHP 8.0.x: add cve-2025-14179, cve-2026-6722, cve-2026-7261, cve-2026-7262, cve-2026-6735, cve-2026-7259, cve-2026-7568, cve-2026-7258, cve-2026-14355 patches
    - PHP 8.1.x: new php_patches backport block for EOL PHP 8.1 applying the same fix set as PHP 8.0.x
    - inc/php_patch.inc: fix 8.0.x block comment
    - installer81.sh: PHPVERLATEST fallback 8.1.33 to 8.1.34
    - installer82.sh: PHPVERLATEST fallback 8.2.29 to 8.2.32
    - installer83.sh: PHPVERLATEST fallback 8.3.24 to 8.3.32
    - installer84.sh: PHPVERLATEST fallback 8.4.11 to 8.4.23
    - installer85.sh: PHPVERLATEST fallback 8.5.0 to 8.5.8


    Continue reading...

    140.00beta01 branch