Alerts This Week
Warning Icon 1 1,179
Alerts This Week
Warning Icon 1 1,179

Oracle Linux 8 ELSA-2024-10952 moderate: php security fixes

oracle
Calendar Grey December 13, 2024
Oracle Linux Logo Esm H88
Oracle Linux 8's latest release updates feature PHP 7.4 and various packages that tackle moderate security vulnerabilities. Read below for full details
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php [7.4.33-2] - fix low/moderate CVEs RHEL-66589 - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered CVE-2024-9026 - Fix Erroneous parsing of multipart form data CVE-2024-8925 - Fix filter bypass in filter_var FILTER_VALIDATE_URL CVE-2024-5458 - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 - Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 - Fix Security issue with external entity loading in XML without enabling it CVE-2023-3823 - Fix Buffer mismanagement in phar_dir_read() CVE-2023-3824 - Fix Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP CVE-2023-3247 - fix #81744: Password_verify() always return true with some hash CVE-2023-0567 - fix #81746: 1-byte array overrun in common path resolve code ...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory security issue software update moderate severity php update Oracle Linux

SRPMs

http://oss.oracle.com/ol8/SRPMS-updates//libzip-1.6.1-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-7.4.33-2.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.src.rpm

x86_64

apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm libzip-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-bcmath-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-cli-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-common-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-dba-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-dbg-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-devel-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-embedded-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-enchant-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-ffi-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-fpm-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-gd-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-gmp-7.4.33-2.module+el8.10.0...

Read the Full Advisory

aarch64

apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm libzip-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-bcmath-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-cli-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-common-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-dba-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-dbg-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-devel-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-embedded-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-enchant-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-ffi-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-fpm-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-gd-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-gmp-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-intl-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-json-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-ldap-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-mbstring-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-mysqlnd-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-odbc-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-opcache-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-pdo-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpm php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pgsql-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-process-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-snmp-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-soap-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-xml-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-xmlrpc-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm

Severity
important
Lowest
Low
Medium
High
Critical

Related CVEs: CVE-2023-0567 CVE-2023-0568 CVE-2023-3247 CVE-2023-3823 CVE-2023-3824 CVE-2024-2756 CVE-2024-3096 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026

Topics%20covered

Topics Covered

security advisory security issue software update moderate severity php update Oracle Linux

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here