Explore top 10 tips to secure your open-source projects now. Read More
×
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-7431 http://linux.oracle.com/errata/ELSA-2025-7431.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: php-8.0.30-3.el9_6.x86_64.rpm php-bcmath-8.0.30-3.el9_6.x86_64.rpm php-cli-8.0.30-3.el9_6.x86_64.rpm php-common-8.0.30-3.el9_6.x86_64.rpm php-dba-8.0.30-3.el9_6.x86_64.rpm php-dbg-8.0.30-3.el9_6.x86_64.rpm php-devel-8.0.30-3.el9_6.x86_64.rpm php-embedded-8.0.30-3.el9_6.x86_64.rpm php-enchant-8.0.30-3.el9_6.x86_64.rpm php-ffi-8.0.30-3.el9_6.x86_64.rpm php-fpm-8.0.30-3.el9_6.x86_64.rpm php-gd-8.0.30-3.el9_6.x86_64.rpm php-gmp-8.0.30-3.el9_6.x86_64.rpm php-intl-8.0.30-3.el9_6.x86_64.rpm php-ldap-8.0.30-3.el9_6.x86_64.rpm php-mbstring-8.0.30-3.el9_6.x86_64.rpm php-mysqlnd-8.0.30-3.el9_6.x86_64.rpm php-odbc-8.0.30-3.el9_6.x86_64.rpm php-opcache-8.0.30-3.el9_6.x86_64.rpm php-pdo-8.0.30-3.el9_6.x86_64.rpm php-pgsql-8.0.30-3.el9_6.x86_64.rpm php-process-8.0.30-3.el9_6.x86_64.rpm php-snmp-8.0.30-3.el9_6.x86_64.rpm php-soap-8.0.30-3.el9_6.x86_64.rpm php-xml-8.0.30-3.el9_6.x86_64.rpm aarch64: php-8.0.30-3.el9_6.aarch64.rpm php-bcmath-8.0.30-3.el9_6.aarch64.rpm php-cli-8.0.30-3.el9_6.aarch64.rpm php-common-8.0.30-3.el9_6.aarch64.rpm php-dba-8.0.30-3.el9_6.aarch64.rpm php-dbg-8.0.30-3.el9_6.aarch64.rpm php-devel-8.0.30-3.el9_6.aarch64.rpm php-embedded-8.0.30-3.el9_6.aarch64.rpm php-enchant-8.0.30-3.el9_6.aarch64.rpm php-ffi-8.0.30-3.el9_6.aarch64.rpm php-fpm-8.0.30-3.el9_6.aarch64.rpm php-gd-8.0.30-3.el9_6.aarch64.rpm php-gmp-8.0.30-3.el9_6.aarch64.rpm php-intl-8.0.30-3.el9_6.aarch64.rpm php-ldap-8.0.30-3.el9_6.aarch64.rpm php-mbstring-8.0.30-3.el9_6.aarch64.rpm php-mysqlnd-8.0.30-3.el9_6.aarch64.rpm php-odbc-8.0.30-3.el9_6.aarch64.rpm php-opcache-8.0.30-3.el9_6.aarch64.rpm php-pdo-8.0.30-3.el9_6.aarch64.rpm php-pgsql-8.0.30-3.el9_6.aarch64.rpm php-process-8.0.30-3.el9_6.aarch64.rpm php-snmp-8.0.30-3.el9_6.aarch64.rpm php-soap-8.0.30-3.el9_6.aarch64.rpm php-xml-8.0.30-3.el9_6.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//php-8.0.30-3.el9_6.src.rpm Related CVEs: CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Description of changes: [8.0.30-3] - Fix libxmlstreams use wrong content-type header when requesting a redirected resource CVE-2025-1219 - Fix Stream HTTP wrapper header check might omit basic auth header CVE-2025-1736 - Fix Stream HTTP wrapper truncate redirect location to 1024 bytes CVE-2025-1861 - Fix Streams HTTP wrapper does not fail for headers without colon CVE-2025-1734 - Fix Header parser of http stream wrapper does not handle folded headers CVE-2025-1217 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2025-4263 http://linux.oracle.com/errata/ELSA-2025-4263.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable LinuxNetwork: x86_64: apcu-panel-5.1.21-1.module+el9.1.0+20776+c1b960c0.noarch.rpm php-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-bcmath-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-cli-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-common-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-dba-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-dbg-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-devel-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-embedded-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-enchant-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-ffi-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-fpm-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-gd-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-gmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-intl-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-ldap-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-mbstring-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-mysqlnd-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-odbc-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-opcache-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-pdo-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-pecl-apcu-5.1.21-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-apcu-devel-5.1.21-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-rrd-2.0.3-4.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-xdebug3-3.1.4-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pecl-zip-1.20.1-1.module+el9.1.0+20776+c1b960c0.x86_64.rpm php-pgsql-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-process-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-snmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-soap-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm php-xml-8.1.32-1.module+el9.5.0+90557+5e9037e7.x86_64.rpm aarch64: apcu-panel-5.1.21-1.module+el9.1.0+20776+c1b960c0.noarch.rpm php-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-bcmath-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-cli-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-common-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-dba-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-dbg-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-devel-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-embedded-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-enchant-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-ffi-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-fpm-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-gd-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-gmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-intl-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-ldap-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-mbstring-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-mysqlnd-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-odbc-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-opcache-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-pdo-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-pecl-apcu-5.1.21-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-apcu-devel-5.1.21-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-rrd-2.0.3-4.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-xdebug3-3.1.4-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pecl-zip-1.20.1-1.module+el9.1.0+20776+c1b960c0.aarch64.rpm php-pgsql-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-process-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-snmp-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-soap-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm php-xml-8.1.32-1.module+el9.5.0+90557+5e9037e7.aarch64.rpm SRPMS: http://oss.oracle.com/ol9/SRPMS-updates//php-8.1.32-1.module+el9.5.0+90557+5e9037e7.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-apcu-5.1.21-1.module+el9.1.0+20776+c1b960c0.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-rrd-2.0.3-4.module+el9.1.0+20776+c1b960c0.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-xdebug3-3.1.4-1.module+el9.1.0+20776+c1b960c0.src.rpm http://oss.oracle.com/ol9/SRPMS-updates//php-pecl-zip-1.20.1-1.module+el9.1.0+20776+c1b960c0.src.rpm Related CVEs: CVE-2024-8929 CVE-2024-11233 CVE-2024-11234 CVE-2025-1217 CVE-2025-1219 CVE-2025-1734 CVE-2025-1736 CVE-2025-1861 Description of changes: php [8.1.32-1] - rebase to 8.1.32 php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip _______________________________________________ El-errata mailing list
Several security issues were fixed in PHP.. ========================================================================== Ubuntu Security Notice USN-7157-3 January 29, 2025 php7.0 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 16.04 LTS Summary: Several security issues were fixed in PHP. Software Description: - php7.0: HTML-embedded scripting language interpreter Details: USN-7157-1 fixed vulnerabilities in PHP versions 7.4, 8.1, and 8.3. This update provides the corresponding updates for PHP version 7.0. Original advisory details: It was discovered that PHP incorrectly handled certain inputs when processed with convert.quoted-printable decode filters. An attacker could possibly use this issue to expose sensitive information or cause a crash. (CVE-2024-11233) It was discovered that PHP incorrectly handled certain HTTP requests. An attacker could possibly use this issue to performing arbitrary HTTP requests originating from the server, thus potentially gaining access to resources not normally available to the external user. (CVE-2024-11234) It was discovered that PHP incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2024-8932) It was discovered that PHP incorrectly handled certain MySQL requests. An attacker could possibly use this issue to cause the client to disclose the content of its heap containing data from other SQL requests and possible other data belonging to different users of the same server. (CVE-2024-8929) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 16.04 LTS libapache2-mod-php7.0 7.0.33-0ubuntu0.16.04.16+esm14 Available with Ubuntu Pro php7.0 7.0.33-0ubuntu0.16.04.16+esm14 Available with Ubuntu Pro php7.0-cgi 7.0.33-0ubuntu0.16.04.16+esm14 Available with Ubuntu Pro php7.0-cli 7.0.33-0ubuntu0.16.04.16+esm14 Available with Ubuntu Pro php7.0-ldap 7.0.33-0ubuntu0.16.04.16+esm14 Available with Ubuntu Pro php7.0-mysql 7.0.33-0ubuntu0.16.04.16+esm14 Available with Ubuntu Pro In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7157-3 https://ubuntu.com/security/notices/USN-7157-2 https://ubuntu.com/security/notices/USN-7157-1 CVE-2024-11233, CVE-2024-11234, CVE-2024-8929, CVE-2024-8932 . Numerous security patches for Ubuntu 16.04 LTS related to PHP have been released to tackle serious vulnerabilities, including risks of arbitrary code execution.. php7.0 update, Ubuntu 16.04 fix, PHP security issues, PHP exploits, system security update. . Severity: Critical. LinuxSecurity.com Team
Moderate: php:8.2 security update. {"type": "TYPE_SECURITY", "shortCode": "RL", "name": "RLSA-2024:10951", "synopsis": "Moderate: php:8.2 security update", "severity": "SEVERITY_MODERATE", "topic": "An update is available for module.libzip, module.php-pecl-apcu, module.php-pecl-xdebug3, module.php-pecl-zip, php-pecl-rrd, module.php-pear, module.php-pecl-rrd, php-pecl-zip, php, libzip, module.php, php-pecl-apcu, php-pecl-xdebug3, php-pear.\nThis update affects Rocky Linux 8.\nA Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list", "description": "PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server.\n\nSecurity Fix(es):\n\n* php: host/secure cookie bypass due to partial CVE-2022-31629 fix (CVE-2024-2756)\n\n* php: password_verify can erroneously return true, opening ATO risk (CVE-2024-3096)\n\n* php: Filter bypass in filter_var (FILTER_VALIDATE_URL) (CVE-2024-5458)\n\n* php: Erroneous parsing of multipart form data (CVE-2024-8925)\n\n* php: cgi.force_redirect configuration is bypassable due to the environment variable collision (CVE-2024-8927)\n\n* php: PHP-FPM Log Manipulation Vulnerability (CVE-2024-9026)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "solution": null, "affectedProducts": ["Rocky Linux 8"], "fixes": [{"ticket": "2275058", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2275058", "description": ""}, {"ticket": "2275061", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2275061", "description": ""}, {"ticket": "2291252", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2291252", "description": ""}, {"ticket": "2317049", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2317049", "description":""}, {"ticket": "2317051", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2317051", "description": ""}, {"ticket": "2317144", "sourceBy": "Red Hat", "sourceLink": "https://bugzilla.redhat.com/show_bug.cgi?id=2317144", "description": ""}], "cves": [{"name": "CVE-2024-2756", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-2756", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-3096", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-3096", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-5458", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-5458", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-8925", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-8925", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-8927", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-8927", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}, {"name": "CVE-2024-9026", "sourceBy": "MITRE", "sourceLink": "https://www.cve.org/CVERecord?id=CVE-2024-9026", "cvss3ScoringVector": "UNKNOWN", "cvss3BaseScore": "UNKNOWN", "cwe": "UNKNOWN"}], "references": [], "publishedAt": "2024-12-19T04:18:05.672002Z", "rpms": {"Rocky Linux 8": {"nvras": ["apcu-panel-0:5.1.23-1.module+el8.10.0+1596+477f03f8.noarch.rpm", "libzip-0:1.7.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "libzip-0:1.7.3-1.module+el8.10.0+1596+477f03f8.src.rpm", "libzip-0:1.7.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "libzip-debuginfo-0:1.7.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "libzip-debuginfo-0:1.7.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "libzip-debugsource-0:1.7.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm","libzip-debugsource-0:1.7.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "libzip-devel-0:1.7.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "libzip-devel-0:1.7.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "libzip-tools-0:1.7.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "libzip-tools-0:1.7.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "libzip-tools-debuginfo-0:1.7.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "libzip-tools-debuginfo-0:1.7.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-0:8.2.25-1.module+el8.10.0+1911+f499711e.src.rpm", "php-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-bcmath-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-bcmath-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-bcmath-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-bcmath-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-cli-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-cli-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-cli-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-cli-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-common-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-common-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-common-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-common-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-dba-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-dba-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-dba-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-dba-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-dbg-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-dbg-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-dbg-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm","php-dbg-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-debugsource-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-debugsource-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-devel-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-devel-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-embedded-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-embedded-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-embedded-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-embedded-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-enchant-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-enchant-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-enchant-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-enchant-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-ffi-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-ffi-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-ffi-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-ffi-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-fpm-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-fpm-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-fpm-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-fpm-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-gd-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-gd-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-gd-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-gd-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-gmp-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-gmp-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm","php-gmp-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-gmp-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-intl-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-intl-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-intl-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-intl-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-ldap-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-ldap-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-ldap-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-ldap-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-mbstring-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-mbstring-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-mbstring-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-mbstring-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-mysqlnd-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-mysqlnd-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-mysqlnd-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-mysqlnd-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-odbc-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-odbc-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-odbc-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-odbc-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-opcache-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-opcache-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-opcache-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-opcache-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-pdo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-pdo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm","php-pdo-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-pdo-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-pear-1:1.10.14-1.module+el8.10.0+1596+477f03f8.noarch.rpm", "php-pear-1:1.10.14-1.module+el8.10.0+1596+477f03f8.src.rpm", "php-pecl-apcu-0:5.1.23-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-apcu-0:5.1.23-1.module+el8.10.0+1596+477f03f8.src.rpm", "php-pecl-apcu-0:5.1.23-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-apcu-debuginfo-0:5.1.23-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-apcu-debuginfo-0:5.1.23-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-apcu-debugsource-0:5.1.23-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-apcu-debugsource-0:5.1.23-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-apcu-devel-0:5.1.23-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-apcu-devel-0:5.1.23-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-rrd-0:2.0.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-rrd-0:2.0.3-1.module+el8.10.0+1596+477f03f8.src.rpm", "php-pecl-rrd-0:2.0.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-rrd-debuginfo-0:2.0.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-rrd-debuginfo-0:2.0.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-rrd-debugsource-0:2.0.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-rrd-debugsource-0:2.0.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-xdebug3-0:3.2.2-2.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-xdebug3-0:3.2.2-2.module+el8.10.0+1596+477f03f8.src.rpm", "php-pecl-xdebug3-0:3.2.2-2.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-xdebug3-debuginfo-0:3.2.2-2.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-xdebug3-debuginfo-0:3.2.2-2.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-xdebug3-debugsource-0:3.2.2-2.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-xdebug3-debugsource-0:3.2.2-2.module+el8.10.0+1596+477f03f8.x86_64.rpm","php-pecl-zip-0:1.22.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-zip-0:1.22.3-1.module+el8.10.0+1596+477f03f8.src.rpm", "php-pecl-zip-0:1.22.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-zip-debuginfo-0:1.22.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-zip-debuginfo-0:1.22.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pecl-zip-debugsource-0:1.22.3-1.module+el8.10.0+1596+477f03f8.aarch64.rpm", "php-pecl-zip-debugsource-0:1.22.3-1.module+el8.10.0+1596+477f03f8.x86_64.rpm", "php-pgsql-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-pgsql-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-pgsql-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-pgsql-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-process-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-process-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-process-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-process-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-snmp-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-snmp-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-snmp-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-snmp-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-soap-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-soap-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-soap-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-soap-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-xml-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-xml-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm", "php-xml-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.aarch64.rpm", "php-xml-debuginfo-0:8.2.25-1.module+el8.10.0+1911+f499711e.x86_64.rpm"]}}, "rebootSuggested": false, "buildReferences": []}. A recent PHP upgrade for Rocky Linux addresses multiple securityvulnerabilities revealed in CVEs. It is advisable to implement this update swiftly to enhance system security.. php security update, Rocky Linux advisory, security issues, moderate severity. . LinuxSecurity.com Team
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-10952 http://linux.oracle.com/errata/ELSA-2024-10952.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm libzip-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-bcmath-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-cli-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-common-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-dba-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-dbg-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-devel-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-embedded-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-enchant-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-ffi-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-fpm-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-gd-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-gmp-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-intl-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-json-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-ldap-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-mbstring-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-mysqlnd-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-odbc-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-opcache-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-pdo-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpm php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.x86_64.rpm php-pgsql-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-process-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-snmp-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-soap-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-xml-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm php-xmlrpc-7.4.33-2.module+el8.10.0+90472+f810484b.x86_64.rpm aarch64: apcu-panel-5.1.18-1.module+el8.10.0+90472+f810484b.noarch.rpm libzip-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm libzip-devel-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm libzip-tools-1.6.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-bcmath-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-cli-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-common-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-dba-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-dbg-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-devel-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-embedded-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-enchant-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-ffi-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-fpm-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-gd-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-gmp-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-intl-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-json-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-ldap-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-mbstring-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-mysqlnd-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-odbc-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-opcache-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-pdo-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.noarch.rpm php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-apcu-devel-5.1.18-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.aarch64.rpm php-pgsql-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-process-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-snmp-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-soap-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-xml-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm php-xmlrpc-7.4.33-2.module+el8.10.0+90472+f810484b.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//libzip-1.6.1-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-7.4.33-2.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pear-1.10.13-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-apcu-5.1.18-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-rrd-2.0.1-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-xdebug-2.9.5-1.module+el8.10.0+90472+f810484b.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-zip-1.18.2-1.module+el8.10.0+90472+f810484b.src.rpm Related CVEs: CVE-2023-0567 CVE-2023-0568 CVE-2023-3247 CVE-2023-3823 CVE-2023-3824 CVE-2024-2756 CVE-2024-3096 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026 Description of changes: libzip [1.6.1-1] - update to 1.6.1 - enable lzma support php [7.4.33-2] - fix low/moderate CVEs RHEL-66589 - Fix cgi.force_redirect configuration is bypassable due to the environment variable collision CVE-2024-8927 - Fix Logs from childrens may be altered CVE-2024-9026 - Fix Erroneous parsing of multipart form data CVE-2024-8925 - Fix filter bypass in filter_var FILTER_VALIDATE_URL CVE-2024-5458 - Fix __Host-/__Secure- cookie bypass due to partial CVE-2022-31629 fix CVE-2024-2756 - Fix password_verify can erroneously return true opening ATO risk CVE-2024-3096 - Fix Security issue with external entity loading in XMLwithout enabling it CVE-2023-3823 - Fix Buffer mismanagement in phar_dir_read() CVE-2023-3824 - Fix Missing error check and insufficient random bytes in HTTP Digest authentication for SOAP CVE-2023-3247 - fix #81744: Password_verify() always return true with some hash CVE-2023-0567 - fix #81746: 1-byte array overrun in common path resolve code CVE-2023-0568 - fix DOS vulnerability when parsing multipart request body CVE-2023-0662 php-pear [1:1.10.13-1] - update PEAR to 1.10.13 - update Archive_Tar to 1.4.14 php-pecl-apcu [5.1.18-1] - update to 5.1.18 php-pecl-rrd [2.0.1-1] - build for RHEL 8 php-pecl-xdebug php-pecl-zip [1.18.2-1] - update to 1.18.2 _______________________________________________ El-errata mailing list
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2024-10951 http://linux.oracle.com/errata/ELSA-2024-10951.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable LinuxNetwork: x86_64: apcu-panel-5.1.23-1.module+el8.10.0+90469+8883f508.noarch.rpm libzip-1.7.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm libzip-devel-1.7.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm libzip-tools-1.7.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-bcmath-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-cli-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-common-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-dba-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-dbg-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-devel-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-embedded-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-enchant-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-ffi-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-fpm-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-gd-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-gmp-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-intl-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-ldap-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-mbstring-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-mysqlnd-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-odbc-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-opcache-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-pdo-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-pear-1.10.14-1.module+el8.10.0+90469+8883f508.noarch.rpm php-pecl-apcu-5.1.23-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-pecl-apcu-devel-5.1.23-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-pecl-rrd-2.0.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-pecl-xdebug3-3.2.2-2.module+el8.10.0+90469+8883f508.x86_64.rpm php-pecl-zip-1.22.3-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-pgsql-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-process-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-snmp-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-soap-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm php-xml-8.2.25-1.module+el8.10.0+90469+8883f508.x86_64.rpm aarch64: apcu-panel-5.1.23-1.module+el8.10.0+90469+8883f508.noarch.rpm libzip-1.7.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm libzip-devel-1.7.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm libzip-tools-1.7.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-bcmath-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-cli-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-common-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-dba-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-dbg-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-devel-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-embedded-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-enchant-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-ffi-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-fpm-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-gd-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-gmp-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-intl-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-ldap-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-mbstring-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-mysqlnd-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-odbc-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-opcache-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-pdo-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-pear-1.10.14-1.module+el8.10.0+90469+8883f508.noarch.rpm php-pecl-apcu-5.1.23-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-pecl-apcu-devel-5.1.23-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-pecl-rrd-2.0.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-pecl-xdebug3-3.2.2-2.module+el8.10.0+90469+8883f508.aarch64.rpm php-pecl-zip-1.22.3-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-pgsql-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-process-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-snmp-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-soap-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm php-xml-8.2.25-1.module+el8.10.0+90469+8883f508.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates//libzip-1.7.3-1.module+el8.10.0+90469+8883f508.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-8.2.25-1.module+el8.10.0+90469+8883f508.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pear-1.10.14-1.module+el8.10.0+90469+8883f508.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-apcu-5.1.23-1.module+el8.10.0+90469+8883f508.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-rrd-2.0.3-1.module+el8.10.0+90469+8883f508.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-xdebug3-3.2.2-2.module+el8.10.0+90469+8883f508.src.rpm http://oss.oracle.com/ol8/SRPMS-updates//php-pecl-zip-1.22.3-1.module+el8.10.0+90469+8883f508.src.rpm Related CVEs: CVE-2024-2756 CVE-2024-3096 CVE-2024-5458 CVE-2024-8925 CVE-2024-8927 CVE-2024-9026 Description of changes: libzip php [8.2.25-1] - rebase to 8.2.25 RHEL-66166 php-pear php-pecl-apcu php-pecl-rrd php-pecl-xdebug3 php-pecl-zip _______________________________________________ El-errata mailing list
Several security issues were fixed in PHP.. ========================================================================== Ubuntu Security Notice USN-7049-1 October 01, 2024 php7.4, php8.1, php8.3 vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 24.04 LTS - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS Summary: Several security issues were fixed in PHP. Software Description: - php8.3: HTML-embedded scripting language interpreter - php8.1: HTML-embedded scripting language interpreter - php7.4: HTML-embedded scripting language interpreter Details: It was discovered that PHP incorrectly handled parsing multipart form data. A remote attacker could possibly use this issue to inject payloads and cause PHP to ignore legitimate data. (CVE-2024-8925) It was discovered that PHP incorrectly handled the cgi.force_redirect configuration option due to environment variable collisions. In certain configurations, an attacker could possibly use this issue bypass force_redirect restrictions. (CVE-2024-8927) It was discovered that PHP-FPM incorrectly handled logging. A remote attacker could possibly use this issue to alter and inject arbitrary contents into log files. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 24.04 LTS. (CVE-2024-9026) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 24.04 LTS libapache2-mod-php8.3 8.3.6-0ubuntu0.24.04.2 php8.3-cgi 8.3.6-0ubuntu0.24.04.2 php8.3-cli 8.3.6-0ubuntu0.24.04.2 php8.3-fpm 8.3.6-0ubuntu0.24.04.2 Ubuntu 22.04 LTS libapache2-mod-php8.1 8.1.2-1ubuntu2.19 php8.1-cgi 8.1.2-1ubuntu2.19 php8.1-cli 8.1.2-1ubuntu2.19 php8.1-fpm 8.1.2-1ubuntu2.19 Ubuntu 20.04 LTS libapache2-mod-php7.4 7.4.3-4ubuntu2.24 php7.4-cgi 7.4.3-4ubuntu2.24 php7.4-cli 7.4.3-4ubuntu2.24 php7.4-fpm 7.4.3-4ubuntu2.24 In general, a standard system update will make all the necessary changes. References: https://ubuntu.com/security/notices/USN-7049-1 CVE-2024-8925, CVE-2024-8927, CVE-2024-9026 Package Information: https://launchpad.net/ubuntu/+source/php8.3/8.3.6-0ubuntu0.24.04.2 . Updates for PHP vulnerabilities are covered in Ubuntu Security Announcement USN-7050-1 for releases 7.4, 8.1, and 8.3.. Ubuntu Security Notice, PHP update, software flaws. . Severity: Critical. LinuxSecurity.com Team
It was discovered that user validation was incorrectly implemented for filter_var(FILTER_VALIDATE_URL). For the stable distribution (bookworm), this problem has been fixed in . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5717-1
Get the latest Linux and open source security news straight to your inbox.