[CLSA-2024:1706700142] php: Fix of 8 CVEs
Type:
security
Severity:
Critical
Release date:
2024-01-31 11:22:25 UTC
Description:
- CVE-2021-21702: Fix null pointer crash because of malformed SOAP server response - CVE-2021-21703: Fix error in php fpm shared memory organization leading to privilage escalation - CVE-2022-31625: Fix freeing of uninitialized memory leading to RCE - CVE-2022-31626: Fix buffer overflow in mysqlnd driver leading to RCE - CVE-2023-0568: Fix array overrun when appending slash to paths in DOM and XML cases - CVE-2023-0662: Fix DOS vulnerabality by limiting number of parsed multipart body parts and printing upload limit exceed error message only once - CVE-2023-3823: Fix external entity loading in XML without enabling it, by sanitizing libxml2 globals before parsing - CVE-2023-3824: Fix buffer mismanagement in phar_dir_read()
Updated packages:
  • php-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:9680d4f83839998fbbc573c763e52d38eff7d7f7
  • php-bcmath-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:5b79e924a515c8fccc3b277164ac261d01bc9604
  • php-cli-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:047e34da7ee4f304bcf0d73dc2f8c111a7a2d823
  • php-common-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:f140115eaba2dc9c9fc3e8215f7ffc3ddffaeda1
  • php-dba-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:28fadfc1b2b6cd6791b1f70c9ac8fed5a32ff822
  • php-devel-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:ea0cf62c95f3c80c35add18057ad13540ddaeae7
  • php-embedded-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:9c54b3120ecaae74256339e947a6a5695347aec9
  • php-enchant-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:f6db7357949d50b7a9915a3961c68139d341fa54
  • php-fpm-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:74aa3fabc38f8fc345db50e3885dd9fe3113f6ff
  • php-gd-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:eec57ec10a4b6dcdd2dd766db7733bc8a5fedb30
  • php-intl-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:6530dbd9d5ad7a095389ce988d0c221c1ee3d25d
  • php-ldap-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:0501c1639360479e62744d8b02b9b86055484e79
  • php-mbstring-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:997ad8de250710bfaa069fb35206700d6dc7303b
  • php-mysql-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:bf7ea2af2196e2a7949bdc19ceda35989d9c3e4f
  • php-mysqlnd-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:752baac7ab2c13204eee3c97f1b8c7a98462da9a
  • php-odbc-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:37c3cb0c4c76c0868af9071f4cd814508973051a
  • php-pdo-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:10c245c93617a8607e45786dd487b1b809d5569f
  • php-pgsql-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:469bb9f34d74f5e24b1d74e4cf42d058f47c9211
  • php-process-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:b0c3602c30bd2834bdce05e266c2691e91907209
  • php-pspell-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:f07dd1600ef6dcff80dd38900cab5a9dfa682ca5
  • php-recode-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:fdbd10a6f94b7c15a746ee8fac4ba858e2b94cc9
  • php-snmp-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:66d81093531fa2f392fcd195b2410db476f87b19
  • php-soap-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:85448bcbbe56434909d288b221a35a607867dd2b
  • php-xml-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:29f0632ef163f5a2e26fb3ac023800c75fe985fd
  • php-xmlrpc-5.4.16-48.el7.tuxcare.els1.x86_64.rpm
    sha:01b42a2bafbf16cfef05c64184cb9e147d6f081a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.