MGASA-2023-0248 - Updated php packages fix security vulnerability

Publication date: 23 Aug 2023
URL: https://advisories.mageia.org/MGASA-2023-0248.html
Type: security
Affected Mageia releases: 8
CVE: CVE-2023-3823,
     CVE-2023-3824

Libxml - GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading
in XML without enabling it). (CVE-2023-3823)
Phar - GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read())
(CVE-2023-3824)

References:
- https://bugs.mageia.org/show_bug.cgi?id=32158
- https://www.php.net/ChangeLog-8.php#8.0.30
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824

SRPMS:
- 8/core/php-8.0.30-1.mga8

Mageia 2023-0248: php security update

Libxml - GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading in XML without enabling it)

Summary

Libxml - GHSA-3qrf-m4j2-pcrr (Security issue with external entity loading in XML without enabling it). (CVE-2023-3823) Phar - GHSA-jqcx-ccgc-xwhv (Buffer mismanagement in phar_dir_read()) (CVE-2023-3824)

References

- https://bugs.mageia.org/show_bug.cgi?id=32158

- https://www.php.net/ChangeLog-8.php#8.0.30

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3823

- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3824

Resolution

MGASA-2023-0248 - Updated php packages fix security vulnerability

SRPMS

- 8/core/php-8.0.30-1.mga8

Severity

Publication date: 23 Aug 2023

URL: https://advisories.mageia.org/MGASA-2023-0248.html

Type: security

CVE: CVE-2023-3823, CVE-2023-3824

Data Scientists Dial Back Use of Open Source Code Due to Security Worries

Sep 30, 2022

Linux Still Eyes Better Security By Default Enabling Indirect Branch Tracking (IBT)

Nov 4, 2022

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN

Linux Vulnerabilities: The Antidote to This Linux Security Poison

Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge

Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux

Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Feedback

What Are You Looking For?

Popular Tags

Mageia 2023-0248: php security update

Summary

References

Resolution

SRPMS

Data Scientists Dial Back Use of Open Source Code Due to Security Worries

Linux Still Eyes Better Security By Default Enabling Indirect Branch Tracking (IBT)

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN

Linux Vulnerabilities: The Antidote to This Linux Security Poison

Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge

Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux

Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Feedback

What Are You Looking For?

Popular Tags

Mageia 2023-0248: php security update

Summary

References

Resolution

SRPMS

Get the Latest News & Insights

Related News

Data Scientists Dial Back Use of Open Source Code Due to Security Worries

Linux Still Eyes Better Security By Default Enabling Indirect Branch Tracking (IBT)

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN

Linux Vulnerabilities: The Antidote to This Linux Security Poison

Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge

Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux

Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By