Slackware 15.0: SSA:2024-327-01 critical: php heap overflow and bug fixes
slackware
November 22, 2024
New php packages are available for Slackware 15.0 and -current to fix security issues
Summary
Here are the details from the Slackware 15.0 ChangeLog: extra/php81/php81-8.1.31-i586-1_slack15.0.txz: Upgraded. This update fixes bugs and security issues: LDAP: Fixed bug GHSA-g665-fm4p-vhff (OOB access in ldap_escape). (CVE-2024-8932) MySQLnd: Fixed bug GHSA-h35g-vwh6-m678 (Leak partial content of the heap through heap buffer over-read). (CVE-2024-8929) PDO DBLIB: Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the dblib quoter causing OOB writes). (CVE-2024-11236) PDO Firebird: Fixed bug GHSA-5hqh-c84r-qjcv (Integer overflow in the firebird quoter causing OOB writes). (CVE-2024-11236) Streams: Fixed bug GHSA-c5f2-jwm7-mmq2 (Configuring a proxy in a stream context might allow for CRLF injection in URIs). (CVE-2024-11234) Fixed bug GHSA-r977-prxv-hc43 (Single byte overread with convert.quoted-printable-decode filter). (CVE-2024-11233) For more information, see: https://www.php.net/ChangeLog-8.php#8.1.31
Read the Full Advisory
Topics Covered
Where Find New Packages
Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project! :-)
Also see the "Get Slack" section on http://www.slackware.com/ for
additional mirror sites near you.
Updated packages for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/extra/php81/php81-8.1.31-i586-1_slack15.0.txz
Updated packages for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/extra/php81/php81-8.1.31-x86_64-1_slack15.0.txz
Updated packages for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-8.3.14-i686-1.txz
Updated packages for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-8.3.14-x86_64-1.txz
MD5 Signatures
Slackware 15.0 packages:
901a3be4ae5be5dce4f40339cddf16b7 php81-8.1.31-i586-1_slack15.0.txz
Slackware x86_64 15.0 packages:
17f87d1f0bc70639811d40a1da106d66 php81-8.1.31-x86_64-1_slack15.0.txz
Slackware -current packages:
9a1f1201cfbd999b2b1d16382fe9b22e n/php-8.3.14-i686-1.txz
Slackware x86_64 -current packages:
c6f245a2a0bc0f3ebe4edff07b11cc72 n/php-8.3.14-x86_64-1.txz
PREVIOUS
NEXT
Severity
critical
Lowest
Low
Medium
High
Critical
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Installation Instructions
Installation instructions: Upgrade the package as root: # upgradepkg php81-8.1.31-i586-1_slack15.0.txz Then, restart Apache httpd: # /etc/rc.d/rc.httpd stop # /etc/rc.d/rc.httpd start
Related News
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!