Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Fedora 40: FEDORA-2025-b38cbff99d critical: php-phpseclib issues

fedora
Calendar Grey February 9, 2025
Dist Fedora Esm H88
Latest enhancements for php-phpseclib in Fedora 40 target urgent security vulnerabilities and essential patches.
Security fix for CVE-2023-52892, CVE-2024-27354

Summary

MIT-licensed pure-PHP implementations of an arbitrary-precision integer

arithmetic library, fully PKCS#1 (v2.1) compliant RSA, DES, 3DES, RC4,

Rijndael, AES, Blowfish, Twofish, SSH-1, SSH-2, SFTP, and X.509

Update Information:

Security fix for CVE-2023-52892, CVE-2024-27354

Topics%20covered

Topics Covered

security advisory security issue buffer overflow Fedora CVE fix phpseclib

Change Log

* Thu Jan 30 2025 Artur Frenszek-Iwicki - 2.0.48-1 - Update to v2.0.48 * Thu Jan 25 2024 Fedora Release Engineering - 2.0.44-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild * Sun Jan 21 2024 Fedora Release Engineering - 2.0.44-3 - Rebuilt for https://fedoraproject.org/wiki/Fedora_40_Mass_Rebuild

References


[ 1 ] Bug #2294674 - CVE-2023-52892 php-phpseclib: php-seclib: Incorrect allowed input via Subject Alternative Name fields [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2294674

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-b38cbff99d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-phpseclib
Product: Fedora 40
Version: 2.0.48
Release: 1.fc40
URL: https://github.com/phpseclib/phpseclib
Summary: PHP Secure Communications Library

Topics%20covered

Topics Covered

security advisory security issue buffer overflow Fedora CVE fix phpseclib

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here