Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 602
Alerts This Week
Warning Icon 1 602

Rocky Linux 8 RLSA-2023:0849 Critical Python Remote Code Execution Flaw

rocky
Calendar Grey February 22, 2023
Rockylinux Esm H88
Security Alert: PHP vulnerabilities on Rocky Linux reveal critical buffer overflows and input validation flaws. Upgrade PHP and enhance security now
Moderate: php:8.0 security update

Summary

An update is available for php-pear, php-pecl-xdebug3, module.php-pecl-apcu, php-pecl-rrd, module.php-pecl-zip, module.php-pecl-xdebug3, module.php, libzip, php-pecl-apcu, module.php-pecl-rrd, php, module.libzip, php-pecl-zip, module.php-pear. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list


RPMs

apcu-panel-0:5.1.20-1.module+el8.6.0+790+fc63e43f.noarch.rpm

libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm

libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.src.rpm

libzip-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm

libzip-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm

libzip-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm

libzip-debugsource-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm

libzip-debugsource-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm

libzip-devel-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm

libzip-devel-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm

libzip-tools-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm

libzip-tools-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm

libzip-tools-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.aarch64.rpm

libzip-tools-debuginfo-0:1.7.3-1.module+el8.6.0+790+fc63e43f.x86_64.rpm

php-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.aarch64.rpm

php-0:8.0.27-1.module+el8.7.0+1156+de6c8de9.src.rpm

Read the Full Advisory

References

No references

CVES

https://www.cve.org/CVERecord?id=CVE-2022-31628

https://www.cve.org/CVERecord?id=CVE-2022-31629

https://www.cve.org/CVERecord?id=CVE-2022-31630

https://www.cve.org/CVERecord?id=CVE-2022-31631

https://www.cve.org/CVERecord?id=CVE-2022-37454

Severity
important

Name: RLSA-2023:0848
Affected Products: Rocky Linux 8

Fixes

https://bugzilla.redhat.com/show_bug.cgi?id=2133687

https://bugzilla.redhat.com/show_bug.cgi?id=2133688

https://bugzilla.redhat.com/show_bug.cgi?id=2139280

https://bugzilla.redhat.com/show_bug.cgi?id=2140200

https://bugzilla.redhat.com/show_bug.cgi?id=2158791


Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.