Mageia 2021-0442: php security update | LinuxSecurity.com

Advisories

What Are You Looking For?

Popular Tags

Contribute

Advisories This Week: 185

MGASA-2021-0442 - Updated php packages fix security vulnerabilities

Publication date: 29 Sep 2021
URL: https://advisories.mageia.org/MGASA-2021-0442.html
Type: security
Affected Mageia releases: 8

Updated php packages fix security vulnerabilities:
- Integer overflow in mysqli_real_escape_string()
- Symlinks are followed when creating PHAR archive
- shmop can't read beyond 2147483647 bytes
- Integer overflow on substr_replace
- Heap buffer overflow via str_repeat
- Integer Overflow when concatenating strings
- segfault with preloading and statically bound closure
- shmop_open won't attach and causes php to crash
- Heap Overflow in msg_send
- ZipArchive::extractTo extracts outside of destination

References:
- https://bugs.mageia.org/show_bug.cgi?id=29413
- https://www.php.net/ChangeLog-8.php#8.0.10
- https://www.php.net/ChangeLog-8.php#8.0.11

SRPMS:
- 8/core/php-8.0.11-1.mga8

Mageia 2021-0442: php security update

Summary

References

- https://bugs.mageia.org/show_bug.cgi?id=29413

- https://www.php.net/ChangeLog-8.php#8.0.10

- https://www.php.net/ChangeLog-8.php#8.0.11

Resolution

MGASA-2021-0442 - Updated php packages fix security vulnerabilities

SRPMS

- 8/core/php-8.0.11-1.mga8

Severity
Publication date: 29 Sep 2021
URL: https://advisories.mageia.org/MGASA-2021-0442.html
Type: security

News

Advisories

HOWTOs

Features

The Story Behind the Linux Security Quick Reference Guide
Benefits & Drawbacks of Using a VPN on Linux
How a WAF Could Improve the Security of Your Linux Web Applications
Installing SurfShark VPN On Kali Linux: The Authoritative Guide
Best Practices for PHP Security

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy