[CLSA-2026:1769686676] php: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2026-01-29 11:38:00 UTC
Description:
- CVE-2025-1220: add null byte validation and fix hostname formatting to prevent null byte truncation that could bypass hostname access checks - CVE-2025-6491: fix NULL pointer dereference in PHP SOAP Extension via Large XML namespace prefix
Updated packages:
  • php-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:9fd71daef010c744deeea4e4bf9bda6e99310521af67baeddaaf221419d94e65
  • php-bcmath-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:847c22618c7bcc699384a0503159b278ebb4c39565778277e8fb24d4e4fadc87
  • php-cli-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:e525d7fa373570f3d54bf7114c2c42bd32e0a6062c71631d67bbe2bda9230bca
  • php-common-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:97872575f67bd3a1b864334b771a64673a8f91fff34800e171c0b4b385cd6175
  • php-dba-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:50245643c87037bf70c480d697d1ec6adcc6f58dd38d0cf6fd59c7e499059e27
  • php-dbg-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:72d7ffceb6cdc7107609bf3ddbcecc3b4ee7d760d2e481a39c65d415cb455599
  • php-devel-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:863fd296c38111af799cb43381a9a38057200599ca9ab3d4ce2a163517254c16
  • php-embedded-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:5d7d441e9ac4d200a62c6e11de35a7e3361134aef07816f7e8412a620828f1f7
  • php-enchant-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:d750d0fbfacd56c57b1e986480f3a995563b8c58e9c24c905157c2a063b8abea
  • php-ffi-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:0726a4b70688df4d3c11417a5e215a9bfd66880efdca0beb029bd047042257af
  • php-fpm-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:af8f4badb169b3b48c4d0b73d35b0075aaeb29ce58295c337ca674c520c49cfd
  • php-gd-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:f5b3cc01e6dcf81d5e406468715c4c0498201eca853910c015f707fcb8511c7e
  • php-gmp-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:bc575f198cebfabc952ecb316a04005cab7d0dc1449ea425ca98e2ffb3de16a9
  • php-intl-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:ef88e18a9fb1987672f87c5653a3b2799e164bbd8092f3ac0bf726e30d138798
  • php-ldap-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:c90ecb977c6fa9ad142df414467975a708ce5374982ad32ebfa3249412e3f399
  • php-mbstring-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:70da855d4419d5d0a9499e13fbd644d87f5ac7ecca654f57e71bb0660bab0d7b
  • php-mysqlnd-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:b07aed8a37e23f4667223b18d5012482d275408c472f0a2a35093a04123ec5d4
  • php-odbc-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:0592d42b2ce1e5fac4e77c62a98ac43993814567e15d57f1416a6fab39cc3a7a
  • php-opcache-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:fff9e2a8b06d54505c5addd5e6fcfc05658fd07ebf6046f3786589a37f6e2c9c
  • php-pdo-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:b5157fecbf1724a5cfda40526a7a151d2544f4d2087f345dbc967aee8181fa1d
  • php-pgsql-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:0a2db9c8f170ebb3c46d55b44c7af8f88b11ffa00b555e60d373c126318e6290
  • php-process-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:87f99e84a241b6e9f3e97b4bc2e38daa5ea15392e319de4b0544f54cdb30b9b4
  • php-snmp-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:4bd0886a9e47cd3e2dde684b12c0b00c20b5dce7fcd6d5f64b6599a10b5f86d7
  • php-soap-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:592a938c9aee8a112ce917eca01f673ddeea9f66a70264972d998ce383b9034a
  • php-xml-8.0.30-1.el9_2.tuxcare.els11.x86_64.rpm
    sha:774e7ad090504603cfba27ad482b5cd34eed7e9549f2a96a2aa4d7c32d6a2b03
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.