Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 41: FEDORA-2024-16a71b7cf5 Critical: Internal Address Enumeration

fedora
Calendar Grey November 16, 2024
Dist Fedora Esm H88
Enhancing Fedora 41 security by integrating php-bartlett-PHP-CompatInfo updates for better performance and management of deprecated features.
bartlett/php-compatinfo-db 6.12.0 - 2024-10-29 Added db:show command is now able to display deprecations on all components PHP 8.2.25 support PHP 8.3.13 support

Summary

PHP_CompatInfo will parse a file/folder/array to find out the minimum

version and extensions required for it to run. CLI version has many reports

(extension, interface, class, function, constant) to display and ability to

show content of dictionary references.

Update Information:

bartlett/php-compatinfo-db 6.12.0 - 2024-10-29 Added db:show command is now able to display deprecations on all components PHP 8.2.25 support PHP 8.3.13 support PHP 8.4.0 support (until RC3) Changed update mailparse reference to version 3.1.8 update oauth reference to version 2.0.9 update oci8 reference to version 3.4.0 update rdkafka reference to version 6.0.4 update redis reference to version 6.1.0 update uuid reference to version 1.2.1 update xdebug reference to version 3.4.0beta1 update yaml reference to version 2.2.4 bartlett/php-compatinfo-db 6.11.1 - 2024-10-04 Changed update opentelemetry reference to version 1.1.0 (stable) Fixed PHAR distribution was broken (reason is issue explained into BOX Manifest 4.0.0RC1). Solved now, we use the final stable version 4.0.0 bartlett/php-compatinfo-db 6.11.0 - 2024-10-02 Added PHP 8.1.30 support PHP 8.2.24 support PHP 8.3.12 support mongodb extension support xpass extension support Changed update apcu r...

Topics%20covered

Topics Covered

security advisory software update Fedora deprecation PHP CompatInfo internal address port enumeration

Change Log

* Thu Nov 7 2024 Remi Collet - 7.1.4-3 - update bundled bartlett/php-compatinfo-db to 6.12.0 - update bundled dependencies - optional support build with composer-generators

References


[ 1 ] Bug #2324261 - CVE-2024-50342 php-bartlett-PHP-CompatInfo: Internal address and port enumeration allowed by NoPrivateNetworkHttpClient in symfony/http-client [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2324261

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2024-16a71b7cf5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: php-bartlett-PHP-CompatInfo
Product: Fedora 41
Version: 7.1.4
Release: 3.fc41
URL: https://github.com/llaville/php-compatinfo
Summary: Find out version and the extensions required for a piece of code to run

Topics%20covered

Topics Covered

security advisory software update Fedora deprecation PHP CompatInfo internal address port enumeration

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here