Following on from the report in bug #2091698 , which highlights a patch for CVE-2024-8932, I see that the debian bullseye src package for php7.4 7.4.33-1+deb11u7 :
http://security.debian.org/debian- security/pool/updates/main/p/php7.4/php7.4_7.4.33-1+deb11u7.debian.tar.xz includes debian/patches/CVE-2024-8932.patch which looks to generally be the same as the patch referred to in #2091698 but without referencing RETURN_THROWS() . It might thus just be the case that the CVE-2024-8932.patch in php7.4-ldap=7.4.3-4ubuntu2.26 needs to be replaced by the equivalent php7.4 patch. ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2024-8932 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2091695 Title: PHP ldap: undefined symbol RETURN_THROWS To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/php7.4/+bug/2091695/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
